6ace551b4aa9783a8f31ff612fdd71097cb8fe6bbf81d3ff68b4f5a1f36a86c4b93443ecc4b54ddac2b9cea833d20888b7c1ede1c6578f3b13c1f0d5d984500f180f2845313866c64f2855b1ac7594b431639efbc238c2867efe9aa01678973a43a99aa10ef2128d6b08af03cbc9117703e842870f00158e5cbc067415265385cd4aca8550e90be98d39c3ac8f288e0112d6ce10ada1109c3bb3ba4aa1dc892bb92b9ca489d999844531d5454c66e449c48a990b83fcb1c3b68fe3d3aaa5a067d9013ceb66e72ca82ed1a9faa851a739a77398ac75d9c498ec4c6588fc2020d0600ef02268cc3f341f416bb63fbf7561fca2c48701062fb0b4ad55278cc376900acae1551a380261234db226f0a0c436024afe24e752e36ab6ab525d694dec341e0aa0d80ff92477805fb465922578e82d89f5673a25daa9970aacf12b585f46f1226322651d331f3ee943aaa96e6ac88a6674b3b5b09c80ab58db40ca2bf6c4742cd6ad67c89348663a96f006676ee40619a711120e0e611523cd17a2a6639b4969e22c02c73943cdc45f08acbe9d9a1a160e709cf98f2912f1a74cd14d3befd948c0db4423c2f1d5775fa24ac641d8a614790d875129866f49b23ee9fd75e5c92ec435ad5999ae2904a35418002e1cb558a1c0e18dc2ff422603d3002339bf71182451b6bd6a7237ea0c53aaf9e6ec3bb825331be3a4e6453524760bdc67a75c305a9bebdb335368ddb9db09752877de16cb63bd3c590bb0f7ef74b198c734d992247100600734dc7745a68577691631a510d9ef211416add42c03404dc9277ebfaf54e9e33afc66261ac7d67aa638876df705fffba0410a58d684e627a0c596ef81cf5d3deb1bc29ac9fb1e3b35737d7298862f4bb80bfd5bdc9a5a8d2c281849f67bd65fd8c11ad3cc00f9bb2f1b5d375bb87381f25d15ce9a389d0cbdb5a9426b3fb8f3cfde4168a343c276016d437844930406ba41f07027762ae200857230c587ff99de849f1e4d8e07fb7489ce1ba5d335c2d7f66a2f88c88a6b85fb577fddf2b9ed77403915c292fb9e245c863f38d1f2d7599635e224be2034259007c85cbf1cb577fa281a7a70dce0262c21f54bee989daee9d34cb15470b9dd01890b02225ae9e477dd6af297d668d26eb8624eaa5ad508f371320031d6b657c92531d779a61e653368199a6bc2c5bfc5da3346a06b1993ffa9bb5da79b5d1ab10368b3014df25cd38ecc7fd735ba5da3108514691240a8a1b724e83338fa6f438e2e4a987f53c3485bb1c16ebfd37559b21db130a1a1096fdbc7c4e75948f2104dc069c0d5b691214659694396f7d5481c2df620f045846b272ca96d7fc93a759a1a15ac5ba75f207c97603ded99d606af2951e7860dfae3a85c35f0247b96bdf3b047b89a7f06a5bab93835772805901165f07afc39069a41e062a3d0278e0da5571a8cf5c5d92f1d95847f74720ccbb480c5d400363bd733ea59546e52c5ff4af62ae938224bc7fe86a0c9649ec6926a2adbe3b02de926ade13df2bb00184386ecc40567b54730dd7d95bb3bbda283714a74e36d4b04aa688c8f96482a6d1c0634df227b9e7cfccd5386671cb3c4e8c7dedc704d970e1dcb6e41316ffcff3745450624d9298575290cdb7dba9210a0f89f0829c9837a612c87c511bc890af4195162ab13dc9d6f95f69fab61ff81898e34d659bc75f7ab8a1cde5f7b37cd6c279ded535eeb6146f5f117c7a8a54cb7e822a044e813a35c7c4921cacb19b1ee50a59528476ecf15c7745d2fab4396f3f54f78cb3a9ccc2c7454e1c54234ddbee27ca5a97ebc0757f2e5243519d194c175e9ea1e93b007c99f450baf5184f77f0c8a08c57deecacae57168515fd2dc941af0c950bc1018a5e7875f3b34ea9a2e02482d85c1277e124c70742990ef5cae82cfbec6dcb15b7d12f22bb5ef615daa4bde0981a8d5453cc4d30d6c866e468f01422367c01a8850497eb80710f9c54df3da01376a221edb78bdf617aa426ba7a993ff60f9d21cf6a7294ea224026b45d2c018be483ec6d27ab6f387d76c4ee5275ff1ddb4a7dc372af39e2af87cb084f24146145c09498667f9e41409d8eaddf14c070fa4078d287bde2450c217f8cad632cb1fa8bb5c0f0e4db7e19e3073740c01d636c940deaadd9c5bb668ad63d4b46f004e81dbbe0275dda888bd177cf9dcd8ad95fef3173e74ac52a3fe44572eeb9b9635b5e2d08450ff72e939379b96a85e618ec378c273272b618ccce690c04452a953dfc2b5c35f1fbcd6534a8aab9402b319bed7c1b002af1444412eed01f59d4cb48cb5e06902a771a037ec2d123b11b209c7e4ac79171e376bbf4c6d91752c3b5b8a1bd286d6fa481ca5e78c2f68cfbdb1654358ccbcb6b0b127b295e2946d9957164102ea743ce47a6fc685ec9047b385f95cd92f6f0a5d3bb23478451a06827d7c21a4a99ab16abaeebd658863ceb183bb5a2704f4b93b5410f9003022f760d029297cb625474bdef2e2b8e169ee6c84a3132c7896d35f646aa9248cc57eacf", 0x1d, 0x1000}) socket$vsock_stream(0x28, 0x1, 0x0) clock_gettime(0x0, &(0x7f00000012c0)={0x0, 0x0}) setxattr(&(0x7f0000001380)='./file0\x00', &(0x7f00000013c0)=@random={'system.', '$.&ppp1posix_acl_access]\x00'}, &(0x7f0000001400)=':{\x00', 0x3, 0x0) ppoll(&(0x7f0000001280)=[{r1, 0x1001}], 0x1, &(0x7f0000001300)={r4, r5+30000000}, &(0x7f0000001440), 0x8) [ 270.530472] input: syz0 as /devices/virtual/input/input5 [ 270.538254] netlink: 'syz-executor3': attribute type 3 has an invalid length. [ 270.569022] netlink: 'syz-executor3': attribute type 3 has an invalid length. [ 270.730850] block nbd0: shutting down sockets 22:08:26 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0xb, 0x7f, 0x7, 0x5, 0x1}, 0x2c) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000ed1000)={0xc, 0x4, 0x81000000003, 0x8000000007, 0x0, r1}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000002ac0)={0x7, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18002477ebc64741759900000000000018100000", @ANYRES32=r2, @ANYBLOB="00000000000000009500000000000000100e"], &(0x7f0000001480)='syzkaller\x00', 0x3, 0x1000, &(0x7f00000014c0)=""/4096}, 0x48) 22:08:26 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0xa, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @dev}}, 0x0, 0x0, 0x2}, &(0x7f0000000000)=0x98) 22:08:26 executing program 0: r0 = msgget$private(0x0, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) write$P9_RLCREATE(r1, &(0x7f00000000c0)={0x18, 0xf, 0x1, {{0x12, 0x1, 0x8}, 0x3}}, 0x18) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0xa) msgrcv(r0, &(0x7f0000000140)={0x0, ""/213}, 0xdd, 0x3, 0x2000) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x3ff, 0x80000000, 0x8, 0x4, r1, 0x5}, 0x2c) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000080)=@v1={0x1000000, [{0x81, 0xc0f}]}, 0xc, 0x2) msgsnd(r0, &(0x7f0000000340)={0x2, "e5a0b31dfe3fe9d51f22dc8269f8884ed83444acab1f292fff0d3bba29361a1c70272aa25d3ea497bf6140c8e72f9c87141ecfd3f2988f22797c37ed7882ec993fe2d6b28a101076a52d6219f20123b5e94a7813957d9d8a4cb30fe56387d7aed27b33d9932e8ac9f8f9daf3401497eea46937e786f215052f589e661fa5e1588a483aaa400299503a9dcfd67d8ab216d16c25e95057b632b6a8b0e58f8d34199fed6029b98a40e7b1cf1fb01530ff60def2549331793b6c7ffe20eab3"}, 0xc5, 0x800) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000100)=@buf={0x5a, &(0x7f0000000240)="e7ffbc54f7eaf1d8138fdb206680454858b4619b0b788f23405c373d43eed3d32c8117eacd1be60833091526a5ce325fcf7b8b98189fb329c026a3ac96d47f3aff91d1cd2c129772166207f1cba4c6ad2e584f232f91643336b8"}) 22:08:26 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x100, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x8001000, 0x5}) sigaltstack(&(0x7f0000c63000/0x2000)=nil, &(0x7f0000000000)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 22:08:26 executing program 1: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@empty, @multicast1}, &(0x7f0000000040)=0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x11, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5b3c50, 0x2, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000010) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000024000)={0x10, 0xf00, 0xffffff7f00000000}, 0xc, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000002d00070b000000001000000003000000080000009e000000e2345d4080fae766347fcdfced3a5e40a365dd4060364f1f3bcdefccc31b97d335000000429e433f9fc329c134df4231d94ea84fa93ca14ecc1a2d238e764431df0bf0bbd8214722ab82f2c160b372a31cdc7df841b636f7e6d8ccdff97d487717fcb2cf122e4b184b803645b803ebf9139cb07d73b10b5ff9d768a03fc0a9f2ec6c4e05e2c79b8c6bb03235a110f992d44040e84c8f16f1a903443ec3a272cf36a8ae55f48b56f1e0311bc7ee0b155f0cefdf07503093229051c2157910f803d49c224e6803a4951186d2833d4414fc6a3ed190ed9c0acb14449967d6bda7e18572a5f83c032bb0900643536e1b209f2150680fda57e004e3dd73027be732de14870721ee85fbb2424bab27363496c01d08e02f9108ecf8ee35e55a47d69a36932bac5cef3faf9ddea1fd956ba1fce8e903e2271dc455a5c5564cebec4ad525807bd3fe9bd7"], 0x1c}}, 0x0) 22:08:26 executing program 0: r0 = msgget$private(0x0, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) write$P9_RLCREATE(r1, &(0x7f00000000c0)={0x18, 0xf, 0x1, {{0x12, 0x1, 0x8}, 0x3}}, 0x18) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0xa) msgrcv(r0, &(0x7f0000000140)={0x0, ""/213}, 0xdd, 0x3, 0x2000) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x3ff, 0x80000000, 0x8, 0x4, r1, 0x5}, 0x2c) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000080)=@v1={0x1000000, [{0x81, 0xc0f}]}, 0xc, 0x2) msgsnd(r0, &(0x7f0000000340)={0x2, "e5a0b31dfe3fe9d51f22dc8269f8884ed83444acab1f292fff0d3bba29361a1c70272aa25d3ea497bf6140c8e72f9c87141ecfd3f2988f22797c37ed7882ec993fe2d6b28a101076a52d6219f20123b5e94a7813957d9d8a4cb30fe56387d7aed27b33d9932e8ac9f8f9daf3401497eea46937e786f215052f589e661fa5e1588a483aaa400299503a9dcfd67d8ab216d16c25e95057b632b6a8b0e58f8d34199fed6029b98a40e7b1cf1fb01530ff60def2549331793b6c7ffe20eab3"}, 0xc5, 0x800) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000100)=@buf={0x5a, &(0x7f0000000240)="e7ffbc54f7eaf1d8138fdb206680454858b4619b0b788f23405c373d43eed3d32c8117eacd1be60833091526a5ce325fcf7b8b98189fb329c026a3ac96d47f3aff91d1cd2c129772166207f1cba4c6ad2e584f232f91643336b8"}) 22:08:26 executing program 1: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000000)={@empty, @multicast1}, &(0x7f0000000040)=0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x98d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x11, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5b3c50, 0x2, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x8000000010) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000024000)={0x10, 0xf00, 0xffffff7f00000000}, 0xc, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000002d00070b000000001000000003000000080000009e000000e2345d4080fae766347fcdfced3a5e40a365dd4060364f1f3bcdefccc31b97d335000000429e433f9fc329c134df4231d94ea84fa93ca14ecc1a2d238e764431df0bf0bbd8214722ab82f2c160b372a31cdc7df841b636f7e6d8ccdff97d487717fcb2cf122e4b184b803645b803ebf9139cb07d73b10b5ff9d768a03fc0a9f2ec6c4e05e2c79b8c6bb03235a110f992d44040e84c8f16f1a903443ec3a272cf36a8ae55f48b56f1e0311bc7ee0b155f0cefdf07503093229051c2157910f803d49c224e6803a4951186d2833d4414fc6a3ed190ed9c0acb14449967d6bda7e18572a5f83c032bb0900643536e1b209f2150680fda57e004e3dd73027be732de14870721ee85fbb2424bab27363496c01d08e02f9108ecf8ee35e55a47d69a36932bac5cef3faf9ddea1fd956ba1fce8e903e2271dc455a5c5564cebec4ad525807bd3fe9bd7"], 0x1c}}, 0x0) 22:08:26 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0xc) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x100, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x8001000, 0x5}) sigaltstack(&(0x7f0000c63000/0x2000)=nil, &(0x7f0000000000)) madvise(&(0x7f00002f8000/0xc00000)=nil, 0xc00000, 0xd) 22:08:26 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) sendto$inet6(r0, &(0x7f00009a9000)="8190e2b180b2e9160f8fab58f37d7fc95953350553f5f86d2144d9b788cde28bbfe41fd7cfeb66d2a836003077f7d08144db1d41fa7f1255dff1fe48d081fadc68a93a7adde602d9d01034199ebd5e4b0ed5358a454cc0916d6c0d3f00a7064305ccd46be9553b978243ab9b8e6108f50d9ce98a064592b4a1e4c65d178ed27971639ee2611147ce5f1a3f1ddf213fe4dbb0e1a9e4f307b80ce853ead942049f8c56dc2b880eb0e9e66c679e2b5c2299bd20b39433033ae7119fc61baaab9e67a2d1b24c8f416f2da9a7324e456a1230efeade28f89d03cdee5d867d155e232bb8447512e4a9baee76fd436acd568f285e08fede7e556b7e6f674c34bbc115ec3d94d3928a47ef03ac3e29a0bdb3d5d9eba7bba7d9fd25e76daee480f39831fabbeddd3cd2291d11ba8a2fdafd0387919e2930ba5e91552811b3b90252420a6608fbe93ead3ee66a9283ffb109b32059a9e2fce77fffefdfb7d99b6a61887e320bc019d2463c1a665088be9ca6b9f8c2fe56e5b861cd6f4897a1386d294c73e1c5350ca74b43280f898a30cac1ec91ead092123de6f2b6e9165da84ec60f1c682d7288a75819779f6b071dbf080beee6408268e876adf49fa41231bfb907755e1f2a9ea159b1c09032e797046139547c0fb88167a7780d689106e0303a2c1c9f057776b4f7bd62064f72ae1a080e39e5a1d467f774298f755f64c451f9e01aed896ed84ab1ac72b1448bef1495774573f30131f3b02a35f74222430251b5b1246cdef5b7535f3d32d5ae315d2a0a8f3485d07c257d3f3da00ef2a276db61537e8e0b520a1b1c069d13682a73767ead8a83904873eff3b427f7c2fe6e59196aa2e98b947c996816fe6f62328fe8e052d88641c56dc83eaa3bab293f46698845b7a71e2db4a4c89f187e97d2af64f9ceb8bce27707275d98070187d3004bbcc8f9940b0cef24e9cb87fa4a77470b245a2a3d63fccdf318abe40c78471e660f4ef3b315ed513eb24476e34fadc020c2fd82fa08b4a5e6eb656275f845af9234b3c5dfad9ae378ee466d83d024bf527911f74fe7215aa7fe756eeea25d885c0caec53b7dfff006251375e2c703f0ae1b79d80e3d030b4eec9484510aa699bf34dee845a64ec0342058df9f7471896c64e6a10e4b07ed55562d2c905b2b47bc4d364779fbe260ce382db49d525c70cd6b8ab1868ce9d060879b75045f9de6348c6aea1e5722d2bbdef660652063bb212ef2554aa5326d79be5083ac53e325281adb0dc5637e9897e64f64c5db043d4af11ae4e1d7d88b46f9f0b0cb389924f26f60d6b3a52124450ec82b8a0038dcb36c1572dc90f38bef14c8836096b5d8cf8a5766ea5735420a0d7ffb6cca15edd85fd14d4a98ce4f1eadfbdb181bbdd60c94a3c3b707b0ffe80efbefeda5c3079c231f8457f1eb81d52fd85dcb2b1febce6ee23f69d88e79741e9ee1750c6166934bf3ef48a466769dfac5b7881386bcf7237a9902adde5dbc0f7dc66ce90e08d314b0eda1c70ef5394288e9e57fa5acb68903ec1885fffeaab75c7c9f3e763356f533d71be0f3578a5eae8d1962a45550e75913205ed69b7dd238df01f474335d7aff5eeb504bd3fdf1d63983a822b471d2535f333f5d86cdb7f12531deb00e30b74e60de4288fcd7d5865e576852e09f9d6fa8ef33e2f3a84c960419f6ab0fa29ffae466fb191017f935bfed886e92f61d0ffffe700d8cf4051338e693259eb92263dda7b0c5fe81b4492a25ac117f761d16786b774d7217bec57a73eacb22d0db4c5fa52e0ed75d8116fc76c0a60fc4651db38f63e10f6aa0b7d2a742732b1029991fa265a581921f03aa59bc2ac875e23fa70435f6a429e270a80735d4a77ef5a574a1b752c5492272f2bfb199a03c86da909b3caa87e480b00bb90a3ff826c78053d339dfa7fd20254b1ffcc6d34004ba6f551bd1f97c9dd490541c525271cabf6750246a248711568ae9a78d33683c6344043a1180f355d076aef4318f19577362aa3b2db2ddfae381815d256c5c66fec75cc0a35734058924b1b3d91f4b294ff634d804427a43c29b64b7dce09b0d89183c88ced4ef0e5a9adf504490c1e87259a531de864b4489bf8bcab84db89430294126485ce5d1190f0629e95b709001f8504403946c086e90b20c0fbd9131b1ff05c75354e525aca0fdaf9d5a7bdad7f94482efd124332418685d1b43b6678f8477d8a8af8e121b6f756faa0228462f8940d385155224be88c4c40ce13b22b85d7c51b73ad344115f9882b935c45c0a328286bd7fb6bcdd7b37d9f50d670807ea2b62b354c69c019b578163591e33f40213bc926ef341555ca3dad84a75eb63c2142f81273405d8c273f7b06148182a040b132f4ac27c3eb6f654a1e7181d438ce7aa3ad86a3a7783c0f7917b618f3e1aa8", 0x6b1, 0x0, &(0x7f000011b000)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, 0x1}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00006a7ffc), 0x4) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000040)=@assoc_id=0x0, &(0x7f0000000080)=0x4) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1, 0x54b}, &(0x7f0000000100)=0x8) sendto$inet6(r0, &(0x7f0000ba3ff4)="d0", 0x1, 0x0, &(0x7f000056dfe4)={0xa, 0x0, 0x0, @loopback}, 0x1c) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, &(0x7f0000000000)) tkill(r2, 0x1004000000016) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000001d40)="153f6234488dd25d766070") 22:08:26 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x80000000, 0x0) sendmsg(r0, &(0x7f00000013c0)={&(0x7f0000000100)=@ethernet={0x306}, 0x80, &(0x7f0000000040)=[{&(0x7f0000000180)="c2f089ae0b00a40898e09a8dbcce9dbeae95c87feadb8f86c06b90b2b705e36f0c83b1b5bcd69f10dc371281ef4946fffe29680efc360b118b5c18cb3ebab6da254aaf26fbbad2d324c02e53bf95538d774981ca2b2d22d62bdd1b0f4fa9be88c9ecd3dda08abf7b4275f8522f219890beea6fd8bf1e2fde89d8c0fa6bd580965416c2abc971943e0b4671bc1680ee421f8a359c2ec658c78c59c35e4c8a1deba82e20498b562067e2087d68d3b95d1d278822c09b6bce39c55d3e018868667a683326f241f60fe82d66ae6e2bd2b5f14308258e883da3ecdcd1812e3a024834e496b60a1095e6682681f24e22c091393d40e94571ce606df9633beba14334ab8ea36acb2fc4b86927b1d49870fd4f1acc39088660db12d253b12c1bc40186a0a9a8a9652f684f41912064681a5845a418fe701d04c1b967ac68a2c2b425ea57f891fda94fe4829a277c061c107d7e584cf48057d550af5d2a15a05f6e86845ea3d65671a9327d536a4e6e6dd16423cf80ccc170ffeff3c220d8867f25b35fdda5ba55adaa4f0bcce855ec0594d3ab3d3d369b3450c2ad986abbd678006aef0962beac85043ea0afa8913ca0d24f06051e86672f019fdd2789d08e791a160509445dbcb981b873af6957652af9769d4bd4af0ac129d521bb441ca55d0b0a73b287afaa227672418614f996d7d40059941fd0e08c309011ba66c259be71e1a6765aa610e1dd5b7481de0a20df36469c9439aeb0b17b41b0d0cb68becff3104ffc8346b40be7ae74a4b4bec16d2f19a3ec7d650fefa25bee8367c515006bdd5153ae527f82a55073faf615172397ac41e9a5e742c92002d53d88e7212472ad014049d6a28c587a59473ec4a35c2d0b4532f36c55414d38b93ebefb002573b5d42f5232817d479effcffa335a76c86bb25e060dc951e3b561962901212bc04aaed087ec5d97ef2295d158980e950d53f76652e488d7b22714cc8dc4a18b4a91d7cff1f26408b9c11b1f9c8223be9bb3a6c3f4b3367cd7b097fc882a51d1ff790cf262975ad332bd132c01b5d9bcddfa4c933dbc4bd8e8cf39cedfd758e262f2ec01c23f1a6be250f8f3c2e42a2d78cfffcdfe7d66ac4cac9539df1c0ba8489dc004c760a1f1a78a29de3779d7eaa1a9029205a8d53d498b9a517636edfc70774d87823470208488c414055a1438c1fc168f949797f05105be6d5e3101b967cc57cf8d0fb3718ed96bfdef5d809222c2c8ce7a525d02686b4cacf86ae0685eb4aceedb9cd285a99d7a4a5e23631b7eb85aec2dc24f853e0105ac389cf60e9cb3c3aaef04b61935665088132f1d31a93ea2fbc5084432e89e7fc0e6f8f77d1c92b19b3da956320a307a7f1afb3172f06d60589bb26363f7ad843bf823024871fa914b7e4960e0cce27c8052752fe6a4abb64a28fecbab95df557de8d82dd926cd03ae51ea425016887ee25f1c782a3268f70b882a6e1c0abf7781c3505d45437dd9442bbb36e765c05bff904447051fe5e894b4d121cac7c9456efbdcd6e3f4155c8941afca4caf8a11ae4b0c0ec1fdca0b6c5862c0a0b196432ad65e18861a67727035a579754bc5879d777e1137ff0360917d3dc12eb33fa93766ae2c73a271bf4b152e5d44b1dc0f016bbad80f8101a02a54ea8c74e19720e1107424cff8cf0c093fac45f5d6b1fbfcc150c08dbbdd9d689231ced61b0ba3d970345490dfaa7fecd167949cad41e6bd858a55258861c4a50793eaa46bc36e397a1a21a428c49db28a1d30aa02f77c7e6e5299cab423599759489a44962d79a58173a0ef30527b3e368595bbcd2ab0ae15f66d3b2d1e335692dac2f5782b540ba600a7c3bb0937e9fdec3328dd26df1304e70ef9f9ea41cdf862380e98fcbce329e216467f2cd74a2c0ea45488daf54723d499b4dd40a899468d88b21be959f086a3ee71b3e9cccdac73cea3f0a989050e018c91561a3571ee9c51c521e1ff66b9832759d5bf0828f11e2f69b8dd1de0b13d98ce1ca403c5f3ea6ca7cf4b2e853858b74986ce89235ec40b11fda5ac253c24ade5cb0e5ea0a0d79d96fa941f5a2ec209275913ac2a7745a35daf87089336f0c67653a779f93e2f6afc07faedde2865f2b3da35509f42d9199441e50ecd5cde359f5d82b1ca75daa26eab08a3b51b6561367e77ce489c1061d0abe6b58dd59fa54a2ed34e41467ab87d594deb97a60d738acddfba71ffe90ccc25f2aa6f06d87398301c61d39c60502bd56261d737062f80f48a36bf17594304f1147c0f5858c9bbf235760048f7b93a33de58de1f51adc081e1eef98488de9f3b99ccb90cfece21d9abf454f81a8fd962682b4d566c47cf0f2f5e612d2583b6857de090ab0089463fbd54bcfa13e9f632fd4b18bd88208ce3782e4575be361c32e1fa7991471ab413923be2861e65bca740d0838354abc74c3e7f9445194ce95c813197d940fa092bbaa529673874569c59bf6e41636469e712f28e279c731bd917fb5999007473b57b5fa48ace4efa2c61c71e4180ad2e6f6a8bf177bacf7820a7056505dbf21d131bdf617a6ae77ddc4fc026c1293084f5adbf20a8db1666be3f0b7021fc33fceb9284c104ea8d7790942c2589287d9c5dcdcfecf0cc0b532252e0d02ad1d1e4a34d228f08b29dd9316abafe82f948f90e6e74ac86deb38765e48c6ed48d8ddbdfb53781d3467e56cb90a572bab4c18a2a1195f2412b436dff427c2f34656540ba50fd56c465331cb342610973c1470872170880ca9f6771d128456fed573dfecc8b1275d3fe7052058bd2801d80b8ce9edf60e75554c155663146df850fe601e182b06e3097df6eca5ce8eb1a009acfc933e2964896a12c34ba3971abd931810eebd8e67994434367089d34b15049fb423f9ebd6996df4ba0d9860343ee66793cce0a2cc81451c90d3f0133280f034c30c04557a71ec79705e4e2f616889f832c6ea6fd4f13d81e60ac1e33d613b00d313b32c69b1d7fce5d9e628803bfc7da1f0f9844c6933bb65cc608fb358b074f5b7296bea0698349c0e6f7909d274476cc5cafbb273f5b0cd4507c337c48175bba9926376ae013a44976ffac4b2e4df2a68ce43253925619cf611ab33664e559cbf01014af076925312f51ba623c7c393ee817517884d99b502a0664c09b17bfdfbb8597feb29dacecd245df7feba2927993335802e52d24be917f9d4bccdff53040e4de93b44d65ecabec93eca346d98d1defddaa318dd42a7fd3f6f9cc6514fa3c314ea4afb0752562812f7bcb045c8d7d2124dcce52868c715c0a58eeb6b3b8bc62504615fdad4b3ed6db7322182e07d5e9ad8f1b7564f0c45323597bf187961efdce9ac22fb2365b05b7334b87658891e0bd94e918ab3024bda309b0ed3744ab000fff950c5b5e612b0dd728a91a6a3bd3112887e75f98800cb9baceac39238c7c58973ea51a4cdfc19e2faf4502ed3e5b2b22f857a438759b88d4c8caaac07579d5fe5ee5786cb0314484074889a7ed8018c64de19a8fec2ed4b4ab368aa7b2959d2f2b0c3e80dc98daf14e76f775163c59de7c08693c9144ff944175cca30f85758346522d673ac1b402b00c9a462d96a843c7d001a74eb5605533acb9f0969eba7c12a35ffc6feec14e36ca31a00db1044c1502b601f7e29eb0339aa33bed6576789d24b8b8d250e21a3ef09835682a92e72584c80a3329f1db0ef2e162ea6c32443147a91f2935fefc8afcff726e057662dd0697bad390b7077c46c9a4264f4a537435b985b62801926f2a2a054fd7c924505f199a6094531ddb75d9dbb0927a2ff01eec447a7723415a51d8a8ca8acb6b6f5d05c66a1297b2dfbd773e2005f749a1c7b5439afd9e489ca2e9b958ba3f683915413f74ab67d08b56a4fb3dab20824a96a181877cccfcf82103e6576ebddc8b38e08efc10152308a930919c4ea739f12051df3b3e8f2de1331c598841d907d95f228e81edf718e80ad88b564246afacec0130f909189cd16deaa207e8173f55adf38902d3ae5c65f6a9ed25a4b0b6eac1ee8846d6628a52c514366f45675ba6c2e24a376f9baefa3420d81a47be46358a7073f6c7159522e780ff51c71663d2057128f2202fcb629ff63ca4bdaa2612532bf93c020b830cd9d447c64b2b18a6fbc12ae1c180f04822e2e667a01ede22feab57713b087635097cafc55e2295a5540eb0979ed19e33e1e7f7a599248e9b229360cc2246e2394545081fdd99e0614cf7d9003e074f36d3e794ba68b9d5749574a26a82839079a6c1dfcf4fd3a869a92f228e41369aa832458f63af05fb81a585c04f9b3fc4680b966fecc770a0919659c67bc41258f78cf491d25d4038ec52cbd2c0c672ff6172b1c50b6f099490477ced5ecebdc3d35c159c37a518424b932ed022ddc5fdd25d6bc02a7e822cbf53fd7fcc466aa3ff1f6923bbe4c9adaed3291d0ceb724cbb947a4e6ec28a86173632bf28571c4941dbd8169d0c4328063101e117b36e6695943f03eea909bf28c85523dcdbb23f1daf15c2ad3cc3c93c5fb3947ac4dbbfe0e0584b11fa884362ea08df8162161669166b661bf7a253dd4f7338e6959a5c9b335456fd1bfb019533dc66f1832ac32903ea6c5769310e161bd1ae0102d0777a60d9376b838d0a358d30d437be9f5e0653817171497ec4c655eda999b28390eb81da10192e1b7458866befd3e74d1f81df49b674e310116746d9f4c4190caffbe1454d4c12c57a4e2e91407e2896fe55056eef702cf1532a32c9046a2bcab6e5d6436c0af581a37b2b222be03700cda603ee070ed2b8744c103339bd5c734cd71b78f16495eca20dd061aa0b04045b57931fd190b572377319672cc841f4eeb72b7ddfffb44b99d6fabb04b5c610d45c3e8164a79e5ff38116509cfa3e65040531e6840714986a8b1fa9eb031672d5f301b97292d041bdced35effa697f839fee915bd2e325a75594f7766591561fcfb9170f813a7410e55c12c1868fc06379cfd4bb0b78381d709d745b37082f219995c4741d78962af08e0e5a10f4034d568820246d093df2418d40684486b51b671d3787fa93dbdb696ebe7381219c98765c7e869940dc4725e5f20da32cc694383e27500b605e83a0fc2d1fcc201b810a416e43d3e44d45afc5a555745a0c573e92b65a61b10f0034800ec72c620fc69d93c72dace7f724a0aa6d7aefdd0b56bd8ccad4b4ea4cdd9f5d9a222717d0365cd09582b409949037fef06c6fa8604c74acdc8b58417f7962d04cadde17ac3e331c7ffabe32acb1f477f961de264e264246e54a169d1c2463eb53cb6d676622d696d4f27341d5658f401928757c3e03914d600b3c9715b61a65b308e1ac87cf6903a955ea11d6769d7aae409f41b3c24e7b1bff8ed7b4cbe36bc6bc0774b41d3faf2a8593c5fcdc59a11bf660426569eecd4e91e3d73e7bc738c0ded1ae2c7eceac62a759ba43f52e97352d8bb3cdcf28a4f3340d2c51cdb8d300e22dc0343e3a35d1ae183430f1dc73f9608bb625fbf6326885587bd089bb0ea04ef0ac931b0f4c33b7ed536844989b4f0bf5913407d4923f3e6bedf90da91e39a9cc80a80b04c1e19f95e141e1b078719214a077b586a3bf8c95732ec743548f471f1c53ce99d8e39d3aa06ba72c24f2fab14e14869e61fce0d7d9c9e18307ab8537a56b1b9809d5fb9375573d0179f6048badad1b9c1893fdfdda754c9715c2e5bc84bb1986592b6ff68140a325b615fe5542a9cd835129f3cfd0111e8802846de4759204155cd36c70d86e6d8dee0a86fd6ea2134d4b3643b297d1d", 0x1000}, {&(0x7f0000001180)="1166fefc5f55880191185098e8410bebf266037bdfc27d5abe3e1dddb39413168cbbd5c27379efd500ebc3549d25b2d3e47ea4cf1ddd40eb9ef16be6f218feade1a648f037c842666d58e966e22170b76f4c5a5b80a2846c43e4bc92ed1b3571ec02d8229aa544318c88f48352ef3ab1bdcc68314d0392c21ecfff474f2eded884dc220318206f4f79370d2c8de9ce8a9f3911b6382515023455e39b090273aec2f6cb104b21a658fa9d8cf0e6a9be0729b6242fc189862ee9ae5e052e69a9bac2d1c5bd409ec219b4807926aad3b8782328e1cd12fc652e483b175fab3736253f4160170dce9f34bd8367c8205868164528432abe44afaa", 0xf8}, {&(0x7f0000001280)="cfcd248d1b967ee538188ba223db99587fd6129e2b806829de36742b88b55b89acf98e9c3c7a0d2e7f7270fd12b9605b84478a3ff71f80d611e65a2bafcdee670f13d4e21e935ccae6a217cfe844da5139ab8c2abe14e6cc9f8e239c2c84abcbd02355ad7da4892f21476a69aee2de89fbe4d78f874aa83fb51525f578725f4d105edf1f49d49ad0ac15f160aca3a2130f65176e74e13f3f", 0x98}, {&(0x7f0000001340)="46f8a500f516c83dd3d27aa90242672ce950810a8c68e593b7636d1b0a0c8e9445993fb97d1dca778c58a4f1c1a4df0ea79f2747c37d2136f1c3db0cd94116abd9bbe30cb2669be01bace915ed1db7af8b9f01f241d1d26d8766d15422a881f4ee6e423b1f05e050d3206ac07ff4e43ee20f64a6f60ca0e4c4ed63", 0x7b}], 0x4}, 0x4000) r1 = socket$kcm(0x2, 0x5, 0x0) setsockopt$sock_attach_bpf(r1, 0x84, 0x76, &(0x7f0000001400)=r0, 0xfffffffffffffecc) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r2) r3 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x8c02) write(r3, &(0x7f0000000080)="b63d0600000000000000ed69d2bc7037cebc9bc2de96aa0fae1a0000002e000000fbffffffffffffff1addddf055", 0x2e) 22:08:26 executing program 0: r0 = msgget$private(0x0, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) write$P9_RLCREATE(r1, &(0x7f00000000c0)={0x18, 0xf, 0x1, {{0x12, 0x1, 0x8}, 0x3}}, 0x18) ioctl$UI_SET_FFBIT(r1, 0x4004556b, 0xa) msgrcv(r0, &(0x7f0000000140)={0x0, ""/213}, 0xdd, 0x3, 0x2000) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xb, 0x3ff, 0x80000000, 0x8, 0x4, r1, 0x5}, 0x2c) setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f0000000080)=@v1={0x1000000, [{0x81, 0xc0f}]}, 0xc, 0x2) msgsnd(r0, &(0x7f0000000340)={0x2, "e5a0b31dfe3fe9d51f22dc8269f8884ed83444acab1f292fff0d3bba29361a1c70272aa25d3ea497bf6140c8e72f9c87141ecfd3f2988f22797c37ed7882ec993fe2d6b28a101076a52d6219f20123b5e94a7813957d9d8a4cb30fe56387d7aed27b33d9932e8ac9f8f9daf3401497eea46937e786f215052f589e661fa5e1588a483aaa400299503a9dcfd67d8ab216d16c25e95057b632b6a8b0e58f8d34199fed6029b98a40e7b1cf1fb01530ff60def2549331793b6c7ffe20eab3"}, 0xc5, 0x800) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000100)=@buf={0x5a, &(0x7f0000000240)="e7ffbc54f7eaf1d8138fdb206680454858b4619b0b788f23405c373d43eed3d32c8117eacd1be60833091526a5ce325fcf7b8b98189fb329c026a3ac96d47f3aff91d1cd2c129772166207f1cba4c6ad2e584f232f91643336b8"}) 22:08:26 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r5, 0x3b00000000000000}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0xef}, &(0x7f0000000440)=0xc) 22:08:26 executing program 4: r0 = socket(0xa, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x1, 0x178, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200008c0], 0x0, &(0x7f0000000200), &(0x7f00000008c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x9, 0x0, 0x0, 'veth0_to_bond\x00', 'veth0_to_team\x00', 'team0\x00', 'ip6tnl0\x00', @random="332ba8a637a5", [], @broadcast, [], 0x70, 0x70, 0xe8}}, @common=@nflog={'nflog\x00', 0x50, {{0x0, 0x0, 0x0, 0x3000, 0x0, "a635501f760dbbcc40ed47ab1f7cfc92126f3aea60227ac7e55b962553c6c6cac2328d67f4c4fea332686396eac43e47551c45ddc3b37c7958d3ef9a0af53ea3"}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffc}]}, 0x1f0) 22:08:26 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) add_key(&(0x7f0000000240)='ceph\x00', &(0x7f0000000480)={'syz'}, &(0x7f00000004c0)='l', 0x1, 0xffffffffffffffff) 22:08:26 executing program 4: r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) fcntl$setlease(r0, 0x400, 0x0) setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080), 0x4) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f0000d31ff0), &(0x7f00007adff0)={0x77359400}, 0x8) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00') sendfile(r2, r3, &(0x7f0000000100), 0x80000001) 22:08:26 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) add_key(&(0x7f0000000240)='ceph\x00', &(0x7f0000000480)={'syz'}, &(0x7f00000004c0)='l', 0x1, 0xffffffffffffffff) 22:08:26 executing program 1: r0 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000733000)={0x5, 0x5, 0x7, 0x9}, 0x2c) r2 = bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xc, 0x4, 0x4, 0x1, 0x0, r1}, 0x2c) socket$inet6_udplite(0xa, 0x2, 0x88) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r2, &(0x7f00000001c0), &(0x7f0000000080)}, 0x20) socket$inet_udp(0x2, 0x2, 0x0) 22:08:27 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$unix(r2, &(0x7f0000e4ffc8)={&(0x7f0000beb000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f000000d000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="c271676f3a0201771f1a7651698bdd85f053b9b68c18feb027c383a22a1553e89caa16570569694eea3a4573e8768e140ac6ef0e44251325ad6e93c409f91ef1e4d7e827337cd61a013304c5635510c143c1104d1586372e0d44100ed85c80fa50feaee1aea81fe1839c5dfbadeb8ffe4cb3a1e8eedbad7eb852d128ff1078cbb8b001a3f81a1fa56157431e368c36f0d8df80d665726c9356bc0690745d080738deb1fd4753fd987212faa93875ab62eeba342a816f2432890d58b35c5f7b3d99d3d5c3c06d42214c6a782817d22b81bcf1711d8d0d5be4105f2b6dba73400e01f5545d7b5ac6"], 0x283}, 0x0) flock(r0, 0x5) close(r1) close(r0) 22:08:27 executing program 3: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) add_key(&(0x7f0000000240)='ceph\x00', &(0x7f0000000480)={'syz'}, &(0x7f00000004c0)='l', 0x1, 0xffffffffffffffff) 22:08:27 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x3, 0x2, 0x4, 0x9, "cc45c6bf18304660925f0c05583e21daef4733925222d836e7c9bd9be630665f1d5e8a2de4b599cc4ef64ced4e997b0bbf38805113a34f4ca5fc53caa74c3830", "ae2c4dfde4f5b93801091f73688236f4291a74f0b4df80d26ca87e9f53e80700", [0x5, 0x9]}) vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000240)="a2", 0x1}], 0x1, 0x0) r2 = gettid() perf_event_open(&(0x7f0000000440)={0x7, 0x70, 0x800, 0x6, 0x7fff, 0x100000001, 0x0, 0x800, 0x401, 0x4, 0x7fffffff, 0xf4, 0x8, 0xeb, 0x0, 0xe15, 0x7, 0x7, 0xb2e, 0x54, 0x0, 0x385d, 0x6, 0x457, 0x100000000, 0xb3, 0x100, 0x6, 0xffff, 0x1, 0x3f, 0x2, 0xffffffff8b948871, 0x9, 0x7fffffff, 0x2, 0x7ff, 0x8001, 0x0, 0x6, 0x0, @perf_config_ext={0x9, 0x5}, 0x10, 0x1, 0x100000000, 0x3, 0x0, 0x7, 0x3}, r2, 0xffffffffffffffff, r1, 0x2) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha512\x00'}, 0x58) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl(r1, 0x1ff, &(0x7f0000000280)="bb3d90f7ed1b431f6ab32f05fbf56435b3eb3511b204c77869ed8955ddff9e0e88052863c44f1a292f774a04e2b4518e67d73738f5421fd40583e5eb992c353d9c7a841b05a366463ea5b1d3c6d121333ccf0c04294a250d230fa872d0c66f278f12abff0f759ffd10f16186fa53f3f0383f4f696bbbe6fbcb2543ccb1bff4e58e4bd4461c4a5d9d656dca274ce90ccf2b06af9f58fcd78ef0417e6a6ccbbec2ab2575499e86bf280e9955b5f3c8627cdfeb8001c092f56815c6d8dcc94e1c9f7d1bcc157b2f3d81e6459af7dc401fb67f82c5d5ddf8ae1991973c02e797020faa4172750c4b0973a25e76bd9aa6cd7ced2e81737005a44ef119a01f9fdb89") ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = accept4$alg(r3, 0x0, 0x0, 0x0) splice(r0, 0x0, r5, 0x0, 0x20000000003, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 22:08:27 executing program 5: r0 = getpgid(0x0) rt_sigqueueinfo(r0, 0x0, &(0x7f0000000080)={0xe, 0x0, 0xffffffffffffffcb}) 22:08:27 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r5, 0x3b00000000000000}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0xef}, &(0x7f0000000440)=0xc) 22:08:27 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) lsetxattr$security_evm(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.evm\x00', &(0x7f0000000180)=@md5={0x1, "73500564d7b168c1519f8a8855dfe199"}, 0x11, 0x2) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x5, 0x2) sendto$inet6(r1, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000080)={0xa, 0x3, 0x0, @dev}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000001c0)={0x0, 0xeb, "5e17f4fa5bae66c0884302e63439659821e2f89afe1de8c565a63aba63a8dbeca9b92623d934d1139701604c110a973a6ad3f957f2b63521373538007de42279fc62c8b2a1f7da0b0a33143221187e7b4503be5f1b79944e89afb61988c3e5b2cd7f5608f550bdd3d367948e9a54b8bf81da2f089dcf486a20c96db03ced484395e4de034adef8170e0bd2ffad0892ac93042892e673a9c993814743680437002ffb434ba721c662cd269132a62f5b789bb8850219122d21788da30e0347f23e0c2da6f2b38ef07177c7a5ad183314bb32b59f4f24786a8367743ff4eb13ec01ceb69d434445695d2159e9"}, &(0x7f00000002c0)=0xf3) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000300)=@assoc_value={r2, 0x3ff}, 0x8) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x40, 0x0) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000040)={'ip6tnl0\x00', 0x4}) 22:08:27 executing program 3: sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x40000000000009) r0 = syz_open_dev$midi(&(0x7f00000001c0)='/dev/midi#\x00', 0x100000001, 0x40000) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000200)={0x401, 0x9}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$smack_current(r0, &(0x7f00000000c0)='\x00', 0x1) syz_open_dev$usb(&(0x7f00000002c0)='/dev/bus/usb/00#/00#\x00', 0x8000, 0x47fff) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={"0000000000000000000000000200", 0x4ffe}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000100)={&(0x7f0000000180), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[]}}, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000280)={'vlan0\x00', {0x2, 0x4e23, @local}}) ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000140)=ANY=[@ANYBLOB="0113007800ab1000009baaaaaa"]) 22:08:27 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) io_setup(0x8, &(0x7f0000000000)=0x0) io_submit(r2, 0x0, &(0x7f0000000480)) io_submit(r2, 0x2, &(0x7f0000000c00)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000740), 0x0, 0x0, 0x0, 0xfdfe}]) [ 272.461395] audit: type=1804 audit(1540850907.783:31): pid=7384 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor4" name="/root/syzkaller-testdir100321977/syzkaller.6lAgkD/3/file0" dev="sda1" ino=16522 res=1 22:08:27 executing program 3: r0 = socket$xdp(0x2c, 0x3, 0x0) lsetxattr$security_smack_transmute(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000100)='TRUE', 0x4, 0x2) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000180)=""/21, 0x104000, 0x800, 0x81}, 0x18) [ 272.528742] audit: type=1804 audit(1540850907.833:32): pid=7391 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor4" name="/root/syzkaller-testdir100321977/syzkaller.6lAgkD/3/file0" dev="sda1" ino=16522 res=1 22:08:27 executing program 4: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x1, 0x0) getsockname$packet(r0, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000100)=0x14) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000002640)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(cfb(twofish),rmd128-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000001400)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r3 = accept$alg(r2, 0x0, 0x0) sendmsg$alg(r3, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000001340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="ab856d6138b7458494e0caef85565214836c4d1f0442b43e8a4dc1dd26326a40006af8afa21eb94e9680319cf0e91096a700af8c9c43eb83bd04b56726fe8f85ad716ea520581a6337b456286fc1000d91673fa6117ca54fa274849820622ea7d28397a7657b6a331c8bfbd5ab9e8ec3e0ce6fd746ca36c558d083cd0febf232cbc9a1cfa7eaf82299cd37da4628cc719a569bff2123db7d507fea99b7fb46ba2557d6e5bd2089b49b198a4673039ba97259e93aa3882f609c0a592a1f3c8b32298b0a0bcf666dfe58b0ec"], 0x10) recvmmsg(r3, &(0x7f0000008e80)=[{{&(0x7f0000000140)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000001600)=[{&(0x7f0000001540)=""/165, 0x536}], 0x1, &(0x7f0000001680)=""/72, 0x48}}], 0x1, 0x0, &(0x7f0000002240)) r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x2a4000, 0x0) ioctl$TUNSETSTEERINGEBPF(r3, 0x800454e0, &(0x7f0000000040)=r4) 22:08:27 executing program 5: fchmodat(0xffffffffffffffff, &(0x7f0000000b40)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x200, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$NBD_SET_TIMEOUT(0xffffffffffffffff, 0xab09, 0x100000001) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000800)={0x0, 0x800}, &(0x7f0000000840)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000880)=@assoc_value={r0}, 0x8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffff9c, 0x50, &(0x7f0000000540)}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000240)={0x0, 0x1, 0x6, @local}, 0x10) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) getpid() setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000080), 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x2) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000440)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0900000000000000000003000000080001004e200000579a8109859f03f16922d1db26d04274cb1f50cead0a0beaad11ea922d5a7c40e8ae79897ae5a5deff0f34e3e8b9b44ff0adbb2ce237523f94d2ced3cadd903fd477c6fb13cfd3b2bba2fde6594e56e828cf4b9a2841139858e5deeac54f1632c6eea7002c3352"], 0x1c}}, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f00000007c0)=0x5f, 0x8) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000000600)) 22:08:27 executing program 0: mkdir(&(0x7f0000001b40)='./file0\x00', 0x0) mount(&(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x800000, &(0x7f0000000140)) chdir(&(0x7f0000000140)='./file0\x00') r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x4, 0x100) openat(r0, &(0x7f00000002c0)='./file0\x00', 0x101000, 0x10) acct(0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000100)={0x3b, &(0x7f0000000080)="425cab378e892d47e2f7597c178eac6b341e74ab0b095986af08e3d7d4aacb4de010176eb1b2b24515be0bb93acb7e3667133d9cffcd280a183677"}) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x141042, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000200)={0x16, 0x98, 0xfa00, {&(0x7f00000008c0), 0x0, 0xffffffffffffffff, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}}, 0xa0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendfile(r1, r1, &(0x7f00000001c0), 0xa198) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000180)) [ 272.598323] audit: type=1804 audit(1540850907.833:33): pid=7433 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor4" name="/root/syzkaller-testdir100321977/syzkaller.6lAgkD/3/file0" dev="sda1" ino=16522 res=1 22:08:27 executing program 3: rt_sigprocmask(0x0, &(0x7f0000000080)={0xfffffffffffffffe}, 0x0, 0x8) setrlimit(0x1, &(0x7f0000011000)) r0 = socket$inet_smc(0x2b, 0x1, 0x0) accept$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast2}, &(0x7f0000000040)=0x10) r1 = memfd_create(&(0x7f0000000100)="7d0000000000000000ffffffffea2159b1", 0x0) fallocate(r1, 0x0, 0x0, 0x3ff) 22:08:28 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3, 0x200000) ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f00000000c0)={0x1, 0xbc, 0x3, 0x6, {0x1, 0x2, 0x2b, 0x8000}}) syslog(0x3, &(0x7f0000000040)=""/87, 0x0) 22:08:28 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r5, 0x3b00000000000000}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0xef}, &(0x7f0000000440)=0xc) 22:08:28 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000000), r2, 0x0, 0x2, 0x4}}, 0x20) 22:08:28 executing program 1: setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000140)=0x78, 0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000300)='/dev/snd/midiC#D#\x00', 0x7, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000100), 0x921b527a62bfd8af) openat$vcs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcs\x00', 0x8000, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x200000, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/snapshot\x00', 0x2000, 0x0) dup(r0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x0, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000440)='/dev/rtc0\x00', 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) r1 = creat(&(0x7f00000004c0)='./file0\x00', 0x0) ioctl$KVM_GET_REGS(r1, 0x8090ae81, &(0x7f0000000380)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000600), 0xffffffffffffffff) r2 = socket$inet6(0xa, 0x400000000001, 0x0) bind$inet6(r2, &(0x7f0000000380)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x5, 0x0, "913fa7c292d3d3841feaa73b24735180b4fadafbd0ae8fdf06dc1c0fffaedf7b3cf0239733e29abbc5d501554cc12846eb3ebd34bab758954fc222777a53c4c0a8e473b6e9bb9bd5b5f2ee63c9774539"}, 0xd8) r3 = dup(r2) sendto$inet6(r2, &(0x7f0000e77fff), 0x0, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f00000007c0)=0x80, 0x4) ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, &(0x7f0000000180)=@generic) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x40000003, 0x0, &(0x7f0000000c80)) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000900)={0x0, @in6={{0xa, 0x4e21, 0x8, @remote}}, [0x8f, 0x0, 0xfff, 0x1f6, 0x5, 0x100000000, 0x1, 0x1, 0x0, 0xbd0, 0x8, 0x0, 0x100000001, 0x0, 0x8765]}, &(0x7f0000000a00)=0x100) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000a40), 0x8) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8937, &(0x7f0000000000)={'bridge_slave_1\x00', @random="01003a1e2410"}) r4 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_ADD_MFC(r4, 0x29, 0xd1, &(0x7f0000000180)={{0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, {0xa, 0x0, 0x0, @remote}}, 0x5c) getpeername(0xffffffffffffffff, &(0x7f0000000100)=@hci, &(0x7f0000000580)=0x80) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000340), 0xc, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[]}}, 0x0) 22:08:28 executing program 0: r0 = creat(&(0x7f0000000380)='./file0\x00', 0x17) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000003c0)={{{@in=@remote, @in6}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f00000004c0)=0xe8) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) ioctl(0xffffffffffffff9c, 0x5, &(0x7f0000000100)="e570000000000000000000ddf314f16c75f1128fb38b5bbf8940f49b258d94de53f399d3a1b38ab084d6039f3f059afff313a61dacc7a1e600") getsockopt$sock_int(r1, 0x1, 0x3b, &(0x7f000059dffc), &(0x7f0000d8cffc)=0x4) [ 272.836752] netlink: 'syz-executor5': attribute type 1 has an invalid length. 22:08:28 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000000)={0x3}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000180)="2e65f32efe0a6766c7442400008000006766c7442402000000006766c744240600000000670f011c24b866000f00d066b88044a2b20f23c80f21f866350400d0000f23f80f0766b80500000066b9080000000f01c10f0766b8010000000f01c10f01dfb835008ee0", 0x68}], 0x1, 0x0, &(0x7f00000000c0), 0x0) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x1ff, 0x8040) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000003c0)=[@text64={0x40, &(0x7f0000000340)="b9024d564b0f3248b83cc6e176511aef170f23d80f21f835000000300f23f8660f383dc70f06470fbe641303470f01c83e460fc7183e66410f38802866b845000f00d80f35", 0x45}], 0x1, 0x0, &(0x7f00000006c0), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 272.984963] netlink: 'syz-executor5': attribute type 1 has an invalid length. 22:08:28 executing program 5: fchmodat(0xffffffffffffffff, &(0x7f0000000b40)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x2, 0x200, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$NBD_SET_TIMEOUT(0xffffffffffffffff, 0xab09, 0x100000001) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000800)={0x0, 0x800}, &(0x7f0000000840)=0x8) setsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000880)=@assoc_value={r0}, 0x8) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000005c0)={0xffffffffffffff9c, 0x50, &(0x7f0000000540)}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000240)={0x0, 0x1, 0x6, @local}, 0x10) mount(&(0x7f0000000240)=ANY=[], &(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='nfs\x00', 0x0, &(0x7f0000000000)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff) getpid() setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000080), 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x2) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000440)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0900000000000000000003000000080001004e200000579a8109859f03f16922d1db26d04274cb1f50cead0a0beaad11ea922d5a7c40e8ae79897ae5a5deff0f34e3e8b9b44ff0adbb2ce237523f94d2ced3cadd903fd477c6fb13cfd3b2bba2fde6594e56e828cf4b9a2841139858e5deeac54f1632c6eea7002c3352"], 0x1c}}, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(0xffffffffffffffff, 0x28, 0x2, &(0x7f00000007c0)=0x5f, 0x8) ioctl$KVM_GET_REGS(r2, 0x8090ae81, &(0x7f0000000600)) 22:08:28 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x80, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f00000000c0)=0x4, 0x4) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, [0x2]}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000200)="bad10466ed0f0118660f3830c26467660f50ee663666260a8700400f3536660fc5ff0b440f20c066350e000000440f22c0b83d038ec865f20f07", 0x3a}], 0x1, 0x20, &(0x7f00000002c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 273.021665] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 22:08:28 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x4) r1 = memfd_create(&(0x7f0000000040)='\x00', 0x3) times(&(0x7f0000000300)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="d80000009f6736fd9afd06d55eb221c341a036feabfbc011f2e93319e2086d03a8d0e4fd5f98205216697f47bce101f514aa1d2ee6537a711c08d122715fa10fc71dc50a4662c854024c1d3d0d002e2c21d6ae9a101fd95a02fc4cf8414db35714475924a26a344f4d7607cbdb2831aff754e99f33930219c5e23efe2f5d0e8b86b87df842810fe7bda6c64fab2b45db663816237ceebbd096a91a45b33b36f9c2820a3446400a276e03cf3fea465543ffc919751a42845db906d39da525f21d70eab1f87c786c8fd451c8ce89014dc007651f0073d9785daa0ee02f"], &(0x7f0000000100)=0xe0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000280)={r2, 0x101, 0x30, 0x5, 0x7fff}, &(0x7f00000002c0)=0x18) connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000340)='tls\x00', 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080), 0x4) socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f00000005c0), 0x0, 0x8dfffffb, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c) 22:08:28 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r5, 0x3b00000000000000}, 0x8) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0xef}, &(0x7f0000000440)=0xc) [ 273.104454] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 22:08:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) listxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=""/170, 0xaa) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xfffffffffffffffe, 0x0) ioctl$TIOCSBRK(r0, 0x5427) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f00000000c0)) ioctl$int_in(0xffffffffffffffff, 0x800000c0045002, &(0x7f0000000100)) bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e22}, 0x6e) 22:08:28 executing program 3: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) ftruncate(r0, 0x8200) lseek(r0, 0x0, 0x2) write$binfmt_misc(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB='}'], 0x1) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x0) mlockall(0x1) lseek(0xffffffffffffffff, 0x0, 0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000100)) sendfile(r0, r2, &(0x7f0000002780), 0x8000fffffffe) ftruncate(r1, 0x0) 22:08:28 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x8003e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x1, 0xffffffffffffffff, 0xdffffffffffffffd) r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0xc, 0x0, &(0x7f0000000200)=[@free_buffer], 0x0, 0x0, &(0x7f0000000140)}) 22:08:28 executing program 0: r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3) fcntl$setstatus(r0, 0x4, 0x44800) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000440)=0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000140)=0x40000000000009) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$llc(0xffffffffffffffff, &(0x7f0000001600)="8fb4b436f2fabb99ab09776c42ace81f530e1032cf110214f09ce026063576cb0a16a8b457ea315c63020cdcb5d2a9d442a3458fcf0484a2485ffd174ce68d7f9d612ec9b77a2044b57411ae6cac311bf1dc8a807041d4d89d63366ae6cd8be2162b0a211a17b2f1044fa456f3c94398dc581ca2bc649881cc0fae97f0beb23b7170801b120edda93d8325455ef3a7dd5cc82484f7a01148dd09744179b5d94ced51db", 0xa3, 0x0, &(0x7f00000016c0)={0x1a, 0x1b, 0x2, 0x2, 0xa6, 0x6, @broadcast}, 0x10) ftruncate(r3, 0x6) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000014c0)=0x2, 0x4) chdir(&(0x7f0000001580)='./file0\x00') sendmsg$key(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="0212010009000000000000000000000005009418a4ca1a0000006e0000000700000000000000faac5f42000000000000000000000000000001110504040200060000000000000045040100006087c6f59c661609e50e1e57b7095bf12a8677f22e52503aa6eb373fde1c9bd4a6929aab4b22f80ccc7157bb5669e7633de622ca87626bfd5447d5eba30060101d7d27886b54895350e96fb04c18bc80e95ea115de65bb1572010445fd5625b4bab3318884"], 0xb1}}, 0x40) sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000002}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="04012bbd7000fedbdf25020000000800040055000000080005000004000008000500070000001c0002000800050003760000080006003f000000"], 0x1}, 0x1, 0x0, 0x0, 0x14}, 0x20000000) r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001840)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r4, 0x40000000af01, &(0x7f0000000300)) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x0, 0x0) r6 = socket$inet6(0xa, 0x0, 0xfffffffffffffffd) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000001700)=0x9) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00"\x00', 0x6}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x1, 0x0, &(0x7f0000000100)=""/163, &(0x7f00000019c0)=""/246, &(0x7f00000004c0)=""/4096}) ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000400)) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000007c0)=ANY=[]) syz_open_dev$ndb(&(0x7f0000001800)='/dev/nbd#\x00', 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0xe00000000000, 0x432400) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000018c0)={0x89, 0x81, 0x2, "23b78caa2e79305ba3df0e0a94500f4714c702ba1c2e270cb21baed1bc2780cc402368acb6d6ec3b573b028acaecc5f9cc9250a1f1cf74abbbb938836e0f035a06a1ea88fb9e12bec3269683cd986f1438206bf24da456c877025f532665da37673a46b245bad6bcd11c61eab7e011256560b122934d9f2ea10ab78cf91428854d1b6384f9d62b4239"}) ioctl$sock_bt(0xffffffffffffffff, 0x8906, &(0x7f0000004c40)="d6ead3a8f40bbabf12c7c19579e18df291844234963310ac84dc36bfe08b3ca6738c1da8606f9d409c7d6a770d5e5c8106cbfe4cf11e9aa171ef2b076593a2b9d6c7541b592e0fa61b0b3c4a7106c61527e37ef7be23e47a76d95c08b97f8a4b0e879c82209a36c3db7f009ecc9e8ea8469287f1ae79e3c76e12b0b7ed285d58947d1bc846b9c337c329fe7f21c6661e98a3e18f0de24160e6683c732f7c39ab394068a7f149c2d507fcd4ccbe78be83ea17f21c16cde4722fa988c1cd7b12aba5ac0a46f342ed4a38f1c963aaa0fb47eae66d652ebfbc824cadbc52474b36d611b788d8b66bc0f8076af56180890adb1d284dec18f9842dfb004d1d8f7a127513d913f8e12d2335e18345cc31f1a3e326f2efffd4b793d2ed31bd53165b569b115576b5102fc2094f961263442bbf86f1e8d035e8942d8b177f8d201dc59392caee113c73985de565bfcfc9af1518fe227ee47313cf0f3e09c10a77eedc02c1c232e9acbe0415c8f709052324cbed5c18f4e4e192dd7f5fb14795cd65565b94d008bd395449813ba07726e82be08b25515c049765c6f5c9f3611994f8ed8e9042c56ace1de3ad3a07f611aee0f826575f941d3cd8c33d275b2dba924ad703fa85b93cc1cd1df5a338b8fc6c5d975f666aa6ae072e4a7a9c15569af5dc0ffeb28c77d130e9faa1755364a6fba2921e09740bf0fcdb51555973169fb6b2bc530b989e55fa0e637f62b50a4101cff29e857bd3b820a356ebf17ce449231c0b859bb3bea4755c567cab23a4b41aa7280f43883e47f28b4f912dd5e54c2c648b11c405579a0a0594597e2d6f8d1c93f694a65a584a8bfe7c052058ddde77c8e44fc6a6b96a01621fa171784d98f44a97d00e7c8245b06d547df655ea9a89655861206cc578c01752be0b9b58bb21ea0db7cb3211a43aa3cc57e098217ef2e678d1a9bff2cdf4c26c2c896bac37e1e81347bca0e9e0750a6754b4001c1df42dd8b74a3bda0af799e17cbdb1a73c422fccf79d31499412f16bea9432e0fe8ff34e45d94a3115c1b8e638a3fa6deb1710a455b775c33bfb2f691b68dc71fd49dd329f004bd4f158394f81d1931e4fdf1f59ae9ccd6ea651cfda22f72139f458f4ec096c69ed0261a8642467042889f62e63fec888fef6953fbf001ca66b8e9b870c57cf000b8bf5afde96dc63acf704b53c427d85fd5e05006714e389098cb669800f8d2a87502bb822b2e6a39da90f686cc775b996b93eb8f5f28ea336a1af50a133e263f23755e0305dcd8d684ddeb425df53093cfa605544ded58a2879d8e67ea081b9434d18d201b2bd9f68eb2d08fe77f327a366e1c3d2ab354b752326bdebd509ef89959e791f304cbd053f42bf1a34cf3e20bb9cd418402e054675a2988b61c8a5ee82e95c72a78b0c58c92a6f7e7496364ec97a87aeaf2b041401e3059f35987ddf9158dedda3225eed20dd420389ff946811ca1b7676ddff4eb19ab6225334550a2f736fc47e5aaf1ea552ef5353731218f531ac230039bd9f1e66052c158a3f5a2fe090e13553814c66312da616cbdaf0076746043709f30362a9c00848da1cdaf86d687fcacaedca0a5ca808058a60e2a7f482a4142ecaedc1c61bed077b335d0c169435a01633575048d760e5bc21abe5c3a5715e33b2da95b26ac6e9e4aaa347fff4afc30b4518440ccf7a24fad904cf4c94d8210a9a7edfb41257c51ead92a5c80164432383e36a6ebe8efa518c343903f2f7168636578fa59b213ba194b6e1d3ee9224dc86c1675fb04f5693d94a2926b5b45340ad8a4aafa34027338903438ce7b4371bd83cf5eaf74d5cd5815d559cc03391a43f7ce14db6f94ec5d99e5faaab983428853b90e067aec0847eea1c20df5959b03baead99a0342d9da527d9ad17e4c6fba6a9b62f0b5ae48a4d7b555f49ab4911c47e964463cca661a0cc4841b7c8d5cb2743e382026fa51648c32bc7488a77eb03e223ff48b1746e7863445058a60c185754e3ef2919b5907a2af34cd695524781c1f2d8552e2fe5c7aca094a13b4ec2dfa9de4befac446ee209a9486609924d15d2cfae8cde084f822a30886f46bec4a7448e4721d9cd7fb467d05dbef3f3e65a2493bb0ff1705e44c38a193450c4a4ef833543ca7a7545de8e173618cc68af05009a4edd51d110d72662fc276771f3a898b752ae1a334fd7efe5075e92ea8291fb63b3d6cc574b5f16fccfbcf07f4ea97fbea168ebc98ce5953b34c3ecc6396ffade296bc976657301d3799387e4650904d81c1714cb63eb6ea2615bc70fcb10a88dbcce40f3626adfd3343cedcea8fee55cd848edcc3bcab29664b72da5d519d8dd99a456a3fa2078369b8cc6e4260aa83412539b2587876d95f07459e0cab775bae81b3ea3f5ebaa0a832d0be8d394e8f3207e6bfa0ad5cf14e799d94541c542529f5337866144db7711c731d38018202f77b6926868322a1eb32d837589b2680aa935285501ddc07d65935f09263eaa6c6a1bf4ad910929872f8a9284767e85369f0ab35e20e9258e0be5dcd8aec84a0d69c8024cab15a772f6d449710c72874dcaaa7439e1e17cb7e66ca1b66d66fc6a2141d01ee37f981aefc6d377b6a6392459c3a38c5e43c6692ac7e7c84dfad65a8e79c25c4faf9c28892de6c791ef53b47c5c3f4854672ffa8a1593e2e708059384092a1674bfbf7b9467ce910d24df3313d296b2a5d92a5c41fcec562b10aab9454764da22e53d9816f4e57720d4b842d5478039caaf601bacd53b5586736ea4c543c1d0a1561ccc93ad166dfbc713a000c8f170410a532f771cad522b2c56ed25cd9bd61e10cbb06ea56d84a8c4540ef84dcf2474a3bf9c3e1dd7633b1f78292b01e1cc777a7759399cccdd955834c3ebb9d02bd00d53fae5a68be83183c1994ada753eaabe286bd95463205cd0254c4e22412a926df5157829ee8097f89a47d152ced54530e13d920e195100cf6ea377f4ed48b2da75d95f881091f9b77913b22e62a709b24e408b78673adc7ceed338e86aed5afd81f72f96cd4e942538df4ad3347512984ff09eda6f2aa7a66296908e1f444c36581cff1674e36bb969516076758bbc8e3885e71d3b8ce3819bfe9c22973b155e1f2dc325c525efd3250ebeca4e23b8b62c9dd94a8024add459ea12e4253852c17774e506652f002b7306366232d044754641fd1f1b92ae037543b960974d6c82c8f95643be46624269abb2f36e475b0f2f8681652780984d72144eb3884f6168efd039035342987e747267e0a47a35543a5fe2b83b73db51012d9354af4452915702b01a1aa572fc235dd2af6b1ca1a43526e8f8410eaf0faf2cb03a84f8f4f85d65b21cc0815caa0497f979d1aec6176dd5e386c7bafe64d26ec044378c2e393de0c402f6ec707b87a23258d2907b66e25dd0dd5f175bfeed3a2bf5e8dce8086d9962aa4cf7787151d7d072709cfb32a3fad26c7c704d8cfb396f44f50ea5ab550bfc9ec374b03d443f8bfb665ea43f2507f510209c7f7d4ce86b0d7aea4b42e413646b3ad4d829319833674b5433dcd60a56cc0f6ac284349e1dab22f24cd8dd15d30b44fac5c2d60bf65f3ac1a9ad7fb44f81546800a78ace85d4d8abe0710415fda13adfc26e95f24d1963e86a0e3d2a25c077c2e65dc1743a5851e5858983b17b900a66a0323f27fa2e2ace551d41c6a71e9ec26ac70a1caba2d3dfbf60407443c05c7c2d2738db2d9206fb736b5297017ff955da906def50caa4a1bb1a11527b6e6ef83ec0fd1c483682e24a57a41635272253bc96c7d5c5748264fe707b5b87be5ef610f546bf8cfacb2d0cca4500a77bfb4dc6e715c9cbbdbb2276710c0283e3fe7627c79fad68d2ebffc1f4ece08463d89ff19f117d28f6e8c05b2636559ec35eb5c1b75d96bb9f838c839b3283edd496e27b3bc0c22752ab988b8cf8d620cbb07a242bd695149336de80855dc5320f97277c61c1732e8e9b4f20c9db42da14a6443c25b64898d3f791620d0fdd607ec5e8b41b58a8d77251b5a9e28222318aef77ed5a64f7d76d29965acbcb81d19723b96a1576f887927b96511d16970a66640105d372bc1019ea2feeefe6c2da6b40f4ca9f3b878eb5e16863623c8c9b55c292d34e02d5d0f444daf5f679f40bb6e24a4a3fed9171f87bd473a25a55304fcd944fe0f39a853090240834976454c8cc0d05bf22f6f911f3c0266a2ff81c67fd57f7ca7e0f429c6c8139e447f0884a9efcdaf93560f1a05e1a38fed4b0e27a50480633fddbbab3aff2898ca37c6b95f034952d3acc0e54cc12903497eea7cb2e86cb429d3bfe071f6546da09a1dc8ad6915a63f5844864c0a04c6e94ec3f8f45d1d152fab026c2880d215613be42d3462074489a539e11e5b48b0f23c6859180edd9ef40f5b2fc22f881a3f95f766f38e19e8c1592e97c41206c57c1532544d0d266195fcf64a88fa1f891e8c5caa0f304e463144a0262609288a0f19e4c77a18d624d1217a9f095c23d2e22daca6379a7f585161d837c8967e8bf9bc6d0f2b5680273cf12375c5afd9e3d590f508449a8db24b045f9353e9a5089ff0d662c7901307816bdd7e865bacfd9e63e289b4b36c25ef743dcbcd8167e977482a972dd150ad804ce0cdfe34f07b7585e85d4a3990ac591f3ebaffa6e7f8358d18836dbf1db11298792f56a95de4eeff50819d7310aae411363c5a7cdce18c50962d176b615be3b9576e8753dc84357554865c69b6f94b1b072de1f1ec9c1d99f42dd06c90e48de7dced9d2a8dcdebbbb52118a560ea4a0bb1aded2b80c14dad8e0fbcdfd13ad233d0e4a3db44ffaf21173ef2012ac7bbfa30b8a5ed839cc887a27d8afd0646229fcff1ebb0869fbf2a6472ef9c3beed3c890503548d9aaa57b834962efa788ca8d08798f282ee7a3b3217ee094d7268d8d0170acf160db82788fe3f6b0b824664a5109871c529056a6871c968059c863aa89125ea3b8bc31ec1341e1440427941418e1caa6987761249f64bcc334559a5991eedd27ed438487c67ba6c08edd3919ff9abd2f067907618f8f265d30d430e817f5d7479d77bbb71f34960c7b9544c3dee5cfb08bf6e76e04261a52699900e84b0ef2ab913c3cabb7c86e9cdce6c706b6321d0a9ab6c3d453533129cf74814edd19bec63dc74cd638680985599abe09ec33943199216b6b663b68c276108326ca1cfeb8923e3e732a1b9c0f165a62ce6659398802e4d8acb4e6ef82319ffb6c70ee5d247188cc17738c81bd3b3fee2ef8628fb") ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000001500)={0x2495, 0x8, 0x3}) finit_module(r1, &(0x7f0000001740)='/dev/vhost-net\x00', 0x3) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f00000015c0)={0x200000000001, r5}) [ 273.418107] binder: 7533:7534 BC_FREE_BUFFER u0000000000000000 no match 22:08:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') futex(&(0x7f0000000000)=0x1, 0x3, 0x1, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)=0x2, 0x1) preadv(r0, &(0x7f0000000480), 0x10000000000001ed, 0x6000000) munlockall() setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000240)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000004000000000000001b00000005000000e803000080030000300200da200100008003000000000000700400007004000070040000700400007004000005000000", @ANYPTR=&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d000000000000000000000000000000000000000000000000000380053455400000000000000000000000000000000000000000000000000000306000000070000070000007f480000000000000000000000ac1414bbac1414aaffffff00000000006c6f000000000000000000000000000073797a6b616c6c657230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008400001200000000000000000000000000009800e0000000000000000000000000000000000000000000000000004800534e415400000000000000000000000000000000000000000000000000010200000000000000000000000000000000000000fe8000000000000000000000000000004e200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d00000000000000000000000000000000000000000000000000038004d41535155455241444500000000000000000000000000000000000000000100000000000000ac1414bbac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d0000000000000000000000000000000000000000000000000003800524544495245435400000000000000000000000000000000000000000000010000001000000000000000e00000020000006600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x448) 22:08:28 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r5, 0x3b00000000000000}, 0x8) [ 273.460653] audit: type=1804 audit(1540850908.783:34): pid=7537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor3" name="/root/syzkaller-testdir180586159/syzkaller.ik2Bq5/11/bus" dev="sda1" ino=16559 res=1 [ 273.500781] binder: 7533:7542 BC_FREE_BUFFER u0000000000000000 no match [ 273.535321] audit: type=1804 audit(1540850908.823:35): pid=7530 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor3" name="/root/syzkaller-testdir180586159/syzkaller.ik2Bq5/11/bus" dev="sda1" ino=16559 res=1 [ 273.575788] netlink: 'syz-executor5': attribute type 1 has an invalid length. 22:08:29 executing program 4: r0 = socket$inet6(0xa, 0x2000000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c) listen(r0, 0x5) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='lo\x00', 0x10) sendto$inet6(r1, &(0x7f0000000100)='F', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={0x0, @in={{0xa, 0x0, @dev, [0x0, 0x300000000000000, 0x0, 0x0, 0x4000000]}}, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x98) 22:08:29 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0}) setuid(r2) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000013e95), 0x4) r5 = accept$inet(0xffffffffffffff9c, &(0x7f0000000100)={0x2, 0x0, @broadcast}, &(0x7f0000000140)=0x10) getsockopt$inet_dccp_buf(r5, 0x21, 0x80, &(0x7f0000000180)=""/86, &(0x7f0000000200)=0x56) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000000)={0x0, 0xbc}, 0x14) close(r4) close(r3) 22:08:29 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) 22:08:29 executing program 5: futex(&(0x7f0000000140), 0x6, 0x0, &(0x7f0000001ff0), &(0x7f0000000180), 0x0) 22:08:29 executing program 0: r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3) fcntl$setstatus(r0, 0x4, 0x44800) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000440)=0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000140)=0x40000000000009) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$llc(0xffffffffffffffff, &(0x7f0000001600)="8fb4b436f2fabb99ab09776c42ace81f530e1032cf110214f09ce026063576cb0a16a8b457ea315c63020cdcb5d2a9d442a3458fcf0484a2485ffd174ce68d7f9d612ec9b77a2044b57411ae6cac311bf1dc8a807041d4d89d63366ae6cd8be2162b0a211a17b2f1044fa456f3c94398dc581ca2bc649881cc0fae97f0beb23b7170801b120edda93d8325455ef3a7dd5cc82484f7a01148dd09744179b5d94ced51db", 0xa3, 0x0, &(0x7f00000016c0)={0x1a, 0x1b, 0x2, 0x2, 0xa6, 0x6, @broadcast}, 0x10) ftruncate(r3, 0x6) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f00000014c0)=0x2, 0x4) chdir(&(0x7f0000001580)='./file0\x00') sendmsg$key(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000001ac0)=ANY=[@ANYBLOB="0212010009000000000000000000000005009418a4ca1a0000006e0000000700000000000000faac5f42000000000000000000000000000001110504040200060000000000000045040100006087c6f59c661609e50e1e57b7095bf12a8677f22e52503aa6eb373fde1c9bd4a6929aab4b22f80ccc7157bb5669e7633de622ca87626bfd5447d5eba30060101d7d27886b54895350e96fb04c18bc80e95ea115de65bb1572010445fd5625b4bab3318884"], 0xb1}}, 0x40) sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000002}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="04012bbd7000fedbdf25020000000800040055000000080005000004000008000500070000001c0002000800050003760000080006003f000000"], 0x1}, 0x1, 0x0, 0x0, 0x14}, 0x20000000) r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000001840)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r4, 0x40000000af01, &(0x7f0000000300)) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480)='/dev/net/tun\x00', 0x0, 0x0) r6 = socket$inet6(0xa, 0x0, 0xfffffffffffffffd) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000001700)=0x9) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000300)={'bctf0\x00\x00\x00\x00\x00\x00"\x00', 0x6}) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000240)={0x1, 0x0, &(0x7f0000000100)=""/163, &(0x7f00000019c0)=""/246, &(0x7f00000004c0)=""/4096}) ioctl$sock_inet6_tcp_SIOCOUTQ(r6, 0x5411, &(0x7f0000000400)) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000007c0)=ANY=[]) syz_open_dev$ndb(&(0x7f0000001800)='/dev/nbd#\x00', 0x0, 0x0) r7 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0xe00000000000, 0x432400) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f00000018c0)={0x89, 0x81, 0x2, "23b78caa2e79305ba3df0e0a94500f4714c702ba1c2e270cb21baed1bc2780cc402368acb6d6ec3b573b028acaecc5f9cc9250a1f1cf74abbbb938836e0f035a06a1ea88fb9e12bec3269683cd986f1438206bf24da456c877025f532665da37673a46b245bad6bcd11c61eab7e011256560b122934d9f2ea10ab78cf91428854d1b6384f9d62b4239"}) ioctl$sock_bt(0xffffffffffffffff, 0x8906, &(0x7f0000004c40)="d6ead3a8f40bbabf12c7c19579e18df291844234963310ac84dc36bfe08b3ca6738c1da8606f9d409c7d6a770d5e5c8106cbfe4cf11e9aa171ef2b076593a2b9d6c7541b592e0fa61b0b3c4a7106c61527e37ef7be23e47a76d95c08b97f8a4b0e879c82209a36c3db7f009ecc9e8ea8469287f1ae79e3c76e12b0b7ed285d58947d1bc846b9c337c329fe7f21c6661e98a3e18f0de24160e6683c732f7c39ab394068a7f149c2d507fcd4ccbe78be83ea17f21c16cde4722fa988c1cd7b12aba5ac0a46f342ed4a38f1c963aaa0fb47eae66d652ebfbc824cadbc52474b36d611b788d8b66bc0f8076af56180890adb1d284dec18f9842dfb004d1d8f7a127513d913f8e12d2335e18345cc31f1a3e326f2efffd4b793d2ed31bd53165b569b115576b5102fc2094f961263442bbf86f1e8d035e8942d8b177f8d201dc59392caee113c73985de565bfcfc9af1518fe227ee47313cf0f3e09c10a77eedc02c1c232e9acbe0415c8f709052324cbed5c18f4e4e192dd7f5fb14795cd65565b94d008bd395449813ba07726e82be08b25515c049765c6f5c9f3611994f8ed8e9042c56ace1de3ad3a07f611aee0f826575f941d3cd8c33d275b2dba924ad703fa85b93cc1cd1df5a338b8fc6c5d975f666aa6ae072e4a7a9c15569af5dc0ffeb28c77d130e9faa1755364a6fba2921e09740bf0fcdb51555973169fb6b2bc530b989e55fa0e637f62b50a4101cff29e857bd3b820a356ebf17ce449231c0b859bb3bea4755c567cab23a4b41aa7280f43883e47f28b4f912dd5e54c2c648b11c405579a0a0594597e2d6f8d1c93f694a65a584a8bfe7c052058ddde77c8e44fc6a6b96a01621fa171784d98f44a97d00e7c8245b06d547df655ea9a89655861206cc578c01752be0b9b58bb21ea0db7cb3211a43aa3cc57e098217ef2e678d1a9bff2cdf4c26c2c896bac37e1e81347bca0e9e0750a6754b4001c1df42dd8b74a3bda0af799e17cbdb1a73c422fccf79d31499412f16bea9432e0fe8ff34e45d94a3115c1b8e638a3fa6deb1710a455b775c33bfb2f691b68dc71fd49dd329f004bd4f158394f81d1931e4fdf1f59ae9ccd6ea651cfda22f72139f458f4ec096c69ed0261a8642467042889f62e63fec888fef6953fbf001ca66b8e9b870c57cf000b8bf5afde96dc63acf704b53c427d85fd5e05006714e389098cb669800f8d2a87502bb822b2e6a39da90f686cc775b996b93eb8f5f28ea336a1af50a133e263f23755e0305dcd8d684ddeb425df53093cfa605544ded58a2879d8e67ea081b9434d18d201b2bd9f68eb2d08fe77f327a366e1c3d2ab354b752326bdebd509ef89959e791f304cbd053f42bf1a34cf3e20bb9cd418402e054675a2988b61c8a5ee82e95c72a78b0c58c92a6f7e7496364ec97a87aeaf2b041401e3059f35987ddf9158dedda3225eed20dd420389ff946811ca1b7676ddff4eb19ab6225334550a2f736fc47e5aaf1ea552ef5353731218f531ac230039bd9f1e66052c158a3f5a2fe090e13553814c66312da616cbdaf0076746043709f30362a9c00848da1cdaf86d687fcacaedca0a5ca808058a60e2a7f482a4142ecaedc1c61bed077b335d0c169435a01633575048d760e5bc21abe5c3a5715e33b2da95b26ac6e9e4aaa347fff4afc30b4518440ccf7a24fad904cf4c94d8210a9a7edfb41257c51ead92a5c80164432383e36a6ebe8efa518c343903f2f7168636578fa59b213ba194b6e1d3ee9224dc86c1675fb04f5693d94a2926b5b45340ad8a4aafa34027338903438ce7b4371bd83cf5eaf74d5cd5815d559cc03391a43f7ce14db6f94ec5d99e5faaab983428853b90e067aec0847eea1c20df5959b03baead99a0342d9da527d9ad17e4c6fba6a9b62f0b5ae48a4d7b555f49ab4911c47e964463cca661a0cc4841b7c8d5cb2743e382026fa51648c32bc7488a77eb03e223ff48b1746e7863445058a60c185754e3ef2919b5907a2af34cd695524781c1f2d8552e2fe5c7aca094a13b4ec2dfa9de4befac446ee209a9486609924d15d2cfae8cde084f822a30886f46bec4a7448e4721d9cd7fb467d05dbef3f3e65a2493bb0ff1705e44c38a193450c4a4ef833543ca7a7545de8e173618cc68af05009a4edd51d110d72662fc276771f3a898b752ae1a334fd7efe5075e92ea8291fb63b3d6cc574b5f16fccfbcf07f4ea97fbea168ebc98ce5953b34c3ecc6396ffade296bc976657301d3799387e4650904d81c1714cb63eb6ea2615bc70fcb10a88dbcce40f3626adfd3343cedcea8fee55cd848edcc3bcab29664b72da5d519d8dd99a456a3fa2078369b8cc6e4260aa83412539b2587876d95f07459e0cab775bae81b3ea3f5ebaa0a832d0be8d394e8f3207e6bfa0ad5cf14e799d94541c542529f5337866144db7711c731d38018202f77b6926868322a1eb32d837589b2680aa935285501ddc07d65935f09263eaa6c6a1bf4ad910929872f8a9284767e85369f0ab35e20e9258e0be5dcd8aec84a0d69c8024cab15a772f6d449710c72874dcaaa7439e1e17cb7e66ca1b66d66fc6a2141d01ee37f981aefc6d377b6a6392459c3a38c5e43c6692ac7e7c84dfad65a8e79c25c4faf9c28892de6c791ef53b47c5c3f4854672ffa8a1593e2e708059384092a1674bfbf7b9467ce910d24df3313d296b2a5d92a5c41fcec562b10aab9454764da22e53d9816f4e57720d4b842d5478039caaf601bacd53b5586736ea4c543c1d0a1561ccc93ad166dfbc713a000c8f170410a532f771cad522b2c56ed25cd9bd61e10cbb06ea56d84a8c4540ef84dcf2474a3bf9c3e1dd7633b1f78292b01e1cc777a7759399cccdd955834c3ebb9d02bd00d53fae5a68be83183c1994ada753eaabe286bd95463205cd0254c4e22412a926df5157829ee8097f89a47d152ced54530e13d920e195100cf6ea377f4ed48b2da75d95f881091f9b77913b22e62a709b24e408b78673adc7ceed338e86aed5afd81f72f96cd4e942538df4ad3347512984ff09eda6f2aa7a66296908e1f444c36581cff1674e36bb969516076758bbc8e3885e71d3b8ce3819bfe9c22973b155e1f2dc325c525efd3250ebeca4e23b8b62c9dd94a8024add459ea12e4253852c17774e506652f002b7306366232d044754641fd1f1b92ae037543b960974d6c82c8f95643be46624269abb2f36e475b0f2f8681652780984d72144eb3884f6168efd039035342987e747267e0a47a35543a5fe2b83b73db51012d9354af4452915702b01a1aa572fc235dd2af6b1ca1a43526e8f8410eaf0faf2cb03a84f8f4f85d65b21cc0815caa0497f979d1aec6176dd5e386c7bafe64d26ec044378c2e393de0c402f6ec707b87a23258d2907b66e25dd0dd5f175bfeed3a2bf5e8dce8086d9962aa4cf7787151d7d072709cfb32a3fad26c7c704d8cfb396f44f50ea5ab550bfc9ec374b03d443f8bfb665ea43f2507f510209c7f7d4ce86b0d7aea4b42e413646b3ad4d829319833674b5433dcd60a56cc0f6ac284349e1dab22f24cd8dd15d30b44fac5c2d60bf65f3ac1a9ad7fb44f81546800a78ace85d4d8abe0710415fda13adfc26e95f24d1963e86a0e3d2a25c077c2e65dc1743a5851e5858983b17b900a66a0323f27fa2e2ace551d41c6a71e9ec26ac70a1caba2d3dfbf60407443c05c7c2d2738db2d9206fb736b5297017ff955da906def50caa4a1bb1a11527b6e6ef83ec0fd1c483682e24a57a41635272253bc96c7d5c5748264fe707b5b87be5ef610f546bf8cfacb2d0cca4500a77bfb4dc6e715c9cbbdbb2276710c0283e3fe7627c79fad68d2ebffc1f4ece08463d89ff19f117d28f6e8c05b2636559ec35eb5c1b75d96bb9f838c839b3283edd496e27b3bc0c22752ab988b8cf8d620cbb07a242bd695149336de80855dc5320f97277c61c1732e8e9b4f20c9db42da14a6443c25b64898d3f791620d0fdd607ec5e8b41b58a8d77251b5a9e28222318aef77ed5a64f7d76d29965acbcb81d19723b96a1576f887927b96511d16970a66640105d372bc1019ea2feeefe6c2da6b40f4ca9f3b878eb5e16863623c8c9b55c292d34e02d5d0f444daf5f679f40bb6e24a4a3fed9171f87bd473a25a55304fcd944fe0f39a853090240834976454c8cc0d05bf22f6f911f3c0266a2ff81c67fd57f7ca7e0f429c6c8139e447f0884a9efcdaf93560f1a05e1a38fed4b0e27a50480633fddbbab3aff2898ca37c6b95f034952d3acc0e54cc12903497eea7cb2e86cb429d3bfe071f6546da09a1dc8ad6915a63f5844864c0a04c6e94ec3f8f45d1d152fab026c2880d215613be42d3462074489a539e11e5b48b0f23c6859180edd9ef40f5b2fc22f881a3f95f766f38e19e8c1592e97c41206c57c1532544d0d266195fcf64a88fa1f891e8c5caa0f304e463144a0262609288a0f19e4c77a18d624d1217a9f095c23d2e22daca6379a7f585161d837c8967e8bf9bc6d0f2b5680273cf12375c5afd9e3d590f508449a8db24b045f9353e9a5089ff0d662c7901307816bdd7e865bacfd9e63e289b4b36c25ef743dcbcd8167e977482a972dd150ad804ce0cdfe34f07b7585e85d4a3990ac591f3ebaffa6e7f8358d18836dbf1db11298792f56a95de4eeff50819d7310aae411363c5a7cdce18c50962d176b615be3b9576e8753dc84357554865c69b6f94b1b072de1f1ec9c1d99f42dd06c90e48de7dced9d2a8dcdebbbb52118a560ea4a0bb1aded2b80c14dad8e0fbcdfd13ad233d0e4a3db44ffaf21173ef2012ac7bbfa30b8a5ed839cc887a27d8afd0646229fcff1ebb0869fbf2a6472ef9c3beed3c890503548d9aaa57b834962efa788ca8d08798f282ee7a3b3217ee094d7268d8d0170acf160db82788fe3f6b0b824664a5109871c529056a6871c968059c863aa89125ea3b8bc31ec1341e1440427941418e1caa6987761249f64bcc334559a5991eedd27ed438487c67ba6c08edd3919ff9abd2f067907618f8f265d30d430e817f5d7479d77bbb71f34960c7b9544c3dee5cfb08bf6e76e04261a52699900e84b0ef2ab913c3cabb7c86e9cdce6c706b6321d0a9ab6c3d453533129cf74814edd19bec63dc74cd638680985599abe09ec33943199216b6b663b68c276108326ca1cfeb8923e3e732a1b9c0f165a62ce6659398802e4d8acb4e6ef82319ffb6c70ee5d247188cc17738c81bd3b3fee2ef8628fb") ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f0000001500)={0x2495, 0x8, 0x3}) finit_module(r1, &(0x7f0000001740)='/dev/vhost-net\x00', 0x3) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f00000015c0)={0x200000000001, r5}) 22:08:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') futex(&(0x7f0000000000)=0x1, 0x3, 0x1, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)=0x2, 0x1) preadv(r0, &(0x7f0000000480), 0x10000000000001ed, 0x6000000) munlockall() setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000240)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000004000000000000001b00000005000000e803000080030000300200da200100008003000000000000700400007004000070040000700400007004000005000000", @ANYPTR=&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d000000000000000000000000000000000000000000000000000380053455400000000000000000000000000000000000000000000000000000306000000070000070000007f480000000000000000000000ac1414bbac1414aaffffff00000000006c6f000000000000000000000000000073797a6b616c6c657230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008400001200000000000000000000000000009800e0000000000000000000000000000000000000000000000000004800534e415400000000000000000000000000000000000000000000000000010200000000000000000000000000000000000000fe8000000000000000000000000000004e200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d00000000000000000000000000000000000000000000000000038004d41535155455241444500000000000000000000000000000000000000000100000000000000ac1414bbac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d0000000000000000000000000000000000000000000000000003800524544495245435400000000000000000000000000000000000000000000010000001000000000000000e00000020000006600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x448) [ 274.106577] audit: type=1804 audit(1540850909.423:36): pid=7530 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor3" name="/root/syzkaller-testdir180586159/syzkaller.ik2Bq5/11/bus" dev="sda1" ino=16559 res=1 22:08:29 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000180)=""/148, 0x13d}], 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/igmp6\x00') futex(&(0x7f0000000000)=0x1, 0x3, 0x1, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)=0x2, 0x1) preadv(r0, &(0x7f0000000480), 0x10000000000001ed, 0x6000000) munlockall() setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000240)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000004000000000000001b00000005000000e803000080030000300200da200100008003000000000000700400007004000070040000700400007004000005000000", @ANYPTR=&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d000000000000000000000000000000000000000000000000000380053455400000000000000000000000000000000000000000000000000000306000000070000070000007f480000000000000000000000ac1414bbac1414aaffffff00000000006c6f000000000000000000000000000073797a6b616c6c657230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008400001200000000000000000000000000009800e0000000000000000000000000000000000000000000000000004800534e415400000000000000000000000000000000000000000000000000010200000000000000000000000000000000000000fe8000000000000000000000000000004e200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d00000000000000000000000000000000000000000000000000038004d41535155455241444500000000000000000000000000000000000000000100000000000000ac1414bbac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800d0000000000000000000000000000000000000000000000000003800524544495245435400000000000000000000000000000000000000000000010000001000000000000000e00000020000006600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x448) [ 274.272725] audit: type=1804 audit(1540850909.463:37): pid=7537 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor3" name="/root/syzkaller-testdir180586159/syzkaller.ik2Bq5/11/bus" dev="sda1" ino=16559 res=1 [ 274.364892] audit: type=1804 audit(1540850909.473:38): pid=7530 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor3" name="/root/syzkaller-testdir180586159/syzkaller.ik2Bq5/11/bus" dev="sda1" ino=16559 res=1 22:08:29 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='\x00\x00\x00\x00\x00') r1 = openat$cgroup_ro(r0, &(0x7f0000000000)="6d656d00017937737761532e63757289c942abe3fa72656e7400", 0x0, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000140)) r2 = gettid() r3 = syz_open_procfs(r2, &(0x7f0000000180)='fd/4\x00') r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x40001, 0x0) writev(r3, &(0x7f0000000040)=[{&(0x7f00000000c0)='W', 0x1}], 0x1) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0xc) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@multicast1}}, &(0x7f0000000400)=0xe8) write$P9_RSTATu(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="6d0000007d012000003e00523eff010000000100000000000000000000000000201501800000ccccbd791dd700000900000000000000060063707573657400000300232d3a020000017937737761532e63757289c942abe3fa72", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7], 0x6d) 22:08:29 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) 22:08:29 executing program 0: r0 = open(&(0x7f0000000300)='./file0\x00', 0x400000, 0x8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000028c0)={{{@in6=@mcast1, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@remote}}, &(0x7f00000029c0)=0xe8) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000002a00)={@empty, r1}, 0x14) r2 = socket$inet6(0xa, 0x4, 0xfffffffffffffffc) socketpair$inet6(0xa, 0x0, 0x8, &(0x7f0000000180)) ioctl(r2, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r3 = socket$inet_tcp(0x2, 0x3, 0x6) write$binfmt_script(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="2321202e2f66696c653020c32e73797374656d2f657468316e6f646576205d20c273656c66706f7369785f61636c5f616363657373206c6f5d47504c3a0af2c206287c8a06469a0171dce23200dcf471d33707a0fe36a196c60659d8028d191f85f09ca5ed9eab62e71fcbc52caaece4716199a685e96c25a87111a77b38f4dad19b05c729f8922f37aa5fa008a2e25898d3306afee65dfaa2a6e34bf6f0c757589c6b81a9236bc598a9f733367d641d202d408bc2563ccbca374165765eb78a2c9a1fb218af94243ff27e81d102151419af7e6e807574ec848c095824b9cc78cfe35e5c4574aadd7b94a9c1749470494ba5d0007bfa8056e97a6eaf3c0bb84c0eeba3696748037d6abc5db0c704f9e711b0326e52f1820025320eb98f07c1b7cec3dc3fbc620e206e7afb2f94ac1867e14cbc79efc25e1b7005dddd26e7064c520ef4bade"], 0x145) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x5, 0x6}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000000c0)={r4, 0x67, "0589d65cb77a1f9fec8e678d7801517d45af2438bd44c0613306d0d392f7ac95a3c3cacd1966a1ac56afefa25fc66d0d712a166797e22f66080d7e8b202d99877aaed3e3860758caacb3bacf790900e17bbe617105b2f74c2438b29c8c09b58154abb09911daa7"}, &(0x7f0000000140)=0x6f) bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @local}, 0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000004c0)={r4, 0x2}, &(0x7f0000000500)=0xc) connect$inet(r3, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10) write$binfmt_script(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="2321202ed8e934e635308b02d2827fff4e4e6e701000000000000004ad00db8e0006543d00000000000000020000000000da31"], 0x34) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000001c0)={r4, 0x9, 0x1, 0x372eeac3}, &(0x7f0000000240)=0x10) 22:08:29 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x6) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) fsetxattr$security_smack_transmute(r3, &(0x7f0000000080)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x1) ioctl$KVM_ENABLE_CAP_CPU(r4, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x4b564d03, 0x1]}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000100)={0x9, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$KVM_SET_CPUID2(r4, 0x5000aea5, &(0x7f0000000180)=ANY=[@ANYBLOB="0000008be00000009171b62ba97f414d711abb59e437254741d910f1e7522a49ee45908b7781a13cdf8173113feb4e7bce9d6c094891df4d906a31eefafb0fd39b72186a1bd98f8739beaf399174865a6ad562a6325d80296a94b13a3be4e4a1ac17346701a58717cb4c6b17194041ae000000000000000000"]) 22:08:29 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-vsock\x00', 0x2, 0x0) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000080)={@my=0x1}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000000)={@my=0x1}) userfaultfd(0x80000) 22:08:30 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x1}, &(0x7f0000000280)="3d2a9a3020cf44204803252812675a6a360740ed326117ce56abd596cf9318649f4473af12858edd226187497b853c54d8a8cb707a67c1403f07cd36bb5039e0850b46284ddf4bacec55354ef3128d11f5cc3026fb93072c25cac17226f871938978b7a2764879ca7dd91bf92cd1e835075b76e15bdb2205d7c38dacbf075236f86ca95768cfffc429b1363f9bcbce9e833154242f6ee8271d3054e5c42b6cfe070e7cccecb027384508bc1cd3b2f21424a8f394780c08d98241b7f9a1a0ed80ed48f769e19d0b94391b196e2790fda6684845e4cd80b6eb8302bfdc7b72a9fcf9af", 0xe2, 0xfffffffffffffffc) add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000000c0)={'syz', 0x3}, &(0x7f0000000100)="8ef31a6ee736f3b40e07fe48734b9b2f88172cf2ad01069fae2081c3cfef44be3b2b16e8bf7b9d6943c26101eba79b275255729c7671e2c884f060e356b5809af443621311e448b96b4c87a326055aa82f5c9b23cd805885825da13401b108ffcff9adb1aa88b749e37d2e6632c51f64de26b9c3c06e5a93e7057a05788586ee93047484e2d31daa3c1bffe4d12317e596f87bb76e3498b81eb2a5515ce0d275347d679be1578005fdd5b68fa2b4a0ae3a4e151f6aeda4fa97c139728516f30957fe530ad127be8e87bdb25efc23e95032190112ddea6288abbee1", 0xdb, r1) close(r0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000380)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f00000003c0)={0x4, 0x10000}) r3 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r4 = accept$alg(r0, 0x0, 0x0) io_setup(0x1, &(0x7f0000e4b000)=0x0) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000400)={0x9b0000, 0x20, 0x7, [], &(0x7f0000000040)={0x990b9f, 0x9, [], @string=&(0x7f0000000000)=0x7}}) io_submit(r5, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f000007d000)="b3", 0x1}]) 22:08:30 executing program 1: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000000)={0x6}, 0x1) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)) syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x7, 0x440) fcntl$setstatus(r0, 0x4, 0x2000) dup2(r1, r0) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000011000/0x1000)=nil, 0x1000}, 0x1}) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) r3 = dup2(r1, r0) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000604ffc)) getsockopt$inet_sctp_SCTP_ASSOCINFO(r3, 0x84, 0x1, &(0x7f0000000140)={0x0, 0x8, 0x7f0, 0x10000, 0x7, 0x100}, &(0x7f0000000180)=0x14) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f00000001c0)=r4, 0x4) mremap(&(0x7f0000012000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000012000/0x2000)=nil) dup2(r1, r0) 22:08:30 executing program 0: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xc4, 0x101000) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e21, 0x4c69, @mcast2, 0x2}, @in={0x2, 0x4e21}, @in={0x2, 0x4e23, @remote}, @in6={0xa, 0x4e23, 0x100, @mcast1, 0xff}], 0x58) mmap$binder(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0xfffffffffffffffc, 0x6013, r0, 0x81000000) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0xf854df9, 0x43) ioctl$VIDIOC_SUBDEV_G_EDID(r0, 0xc0285628, &(0x7f0000000140)={0x20000000, 0x9, 0x1, [], &(0x7f0000000100)=0xdaa8}) [ 274.807683] QAT: Invalid ioctl [ 274.820733] QAT: Invalid ioctl 22:08:30 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x1) setsockopt$inet6_int(r1, 0x29, 0x4a, &(0x7f00000000c0)=0x400, 0x4) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0) sendto$inet6(r1, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 22:08:30 executing program 4: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)={{{@in=@broadcast, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000240), &(0x7f0000000280)=0x14) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x7, 0x3, &(0x7f00000001c0)=@raw=[@generic={0xe6, 0x0, 0xff}, @generic={0x7, 0x9, 0x8e}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}], &(0x7f0000003ff6)='{PL\x00', 0x6, 0xffffffffffffff5e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], r0}, 0x48) r4 = syz_open_dev$audion(&(0x7f00000015c0)='/dev/audio#\x00', 0x3, 0x450000) ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, &(0x7f0000001680)={r2, r2, 0x0, 0x7, &(0x7f0000001600)="d9918acb099f9b83cf4f6be8a3eb091f94cfd34ed6382c953954e382b1cb362b1f61871a6110bb81e068545473e515b318629fe3e1dc4e62088a4bb5ba31163d8374711bb162f9cbd23058e2d5b6f555", 0x5, 0x7, 0x5, 0x5, 0x0, 0xffffffff7fffffff, 0x7, "9ca7cc0b228be981c6750bf992470b1f9acbf27a3e2c815b395045d9cd61e9a72a8455a804c45b6a9d9bf5a621f35e4cb258cabcb6138519e89f4325cad2a5184147088a20f2a268739632e886a21de8c8e205bcc24d66f74a7406604b9fc3c0fe79f809f2bbaacec0439b313f4cd2c8eb07b9df"}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001440), &(0x7f0000001480)=0xc) r5 = syz_open_dev$audion(&(0x7f00000002c0)='/dev/audio#\x00', 0x9, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000013c0)={0x17, 0xc, &(0x7f0000000300)=@raw=[@call={0x85, 0x0, 0x0, 0xc}, @jmp={0x5, 0x3, 0xf, 0x0, 0x7, 0x40, 0x5}, @generic={0x4f28, 0x2, 0x66cb, 0x9}, @call={0x85, 0x0, 0x0, 0x57}, @call={0x85, 0x0, 0x0, 0x15}, @map={0x18, 0x0, 0x1, 0x0, r5}], &(0x7f0000000380)='syzkaller\x00', 0x67, 0x1000, &(0x7f00000003c0)=""/4096, 0x41100, 0x1}, 0x48) [ 274.848303] QAT: Invalid ioctl [ 274.863508] QAT: Invalid ioctl 22:08:30 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) getsockopt$inet_sctp6_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={0x0, 0x39e}, &(0x7f0000000100)=0x8) 22:08:30 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000000340)={0x1, 0x8, 0x209e20, 0x8000000001}, 0x2c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000280)={0x4, 0x0, 0x10001, 0x8001}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xa0000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x2, &(0x7f0000000000)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x1}, 0x2c) 22:08:30 executing program 1: ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x6, 0x0) clock_gettime(0x0, &(0x7f0000000100)) llistxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0) sendto$packet(r0, &(0x7f0000000a80)="2a11f1b5bd5a7b46ea129772e358a020f8ddb29fbd596167713878030a3f46ac45f2cbd24b4c0306fbf7397578535d5c", 0x30, 0xc5, &(0x7f0000000b40)={0x11, 0xa, 0x0, 0x1, 0xf5e3, 0x6, @broadcast}, 0x14) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/net/pfkey\x00', 0x10400, 0x0) rename(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=0xc) ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x38, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0x4, @loopback, 0x100000000}, @in6={0xa, 0x4e21, 0x7, @ipv4={[], [], @multicast2}, 0x4}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000280)={r3, @in6={{0xa, 0x4e24, 0x1000, @mcast1, 0x2cbb23a}}, 0x0, 0x3d6f, 0x8000, 0x2, 0x4}, &(0x7f0000000340)=0x98) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000640)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000780)='/dev/mixer\x00', 0x0, 0x0) r4 = socket(0xa, 0x80005, 0x0) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f00000003c0)={'bond0\x00', 0x7f}) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000880)='IPVS\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x1, 0x6}) sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000a40)={&(0x7f0000000600), 0xc, &(0x7f0000000a00)={&(0x7f0000000900)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="040c2bbd7000fedbdf2509000000040001002800030008000500ac14141208000500ac14141d14010000497064647030000000000000000000000c000300080007004e2300000800050000080000080006000500000008000400050000001400010008000800010000800800020000000000"], 0x78}, 0x1, 0x0, 0x0, 0xc010}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)="4c5e7070703126152b407070703000", 0xffffffffffffff9c}, 0x10) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f00000008c0)={0x6, 0xa, 0x4}) 22:08:30 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x4, 0x200001) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000080)=0x1000) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e21, 0x3005d9d3, @loopback, 0x39f0}, 0x1c) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="280a001114002799000000000000000002000000", @ANYRES32=r4, @ANYBLOB="0800b7bb3c989c260b01000000000008000200ffffffff"], 0x28}}, 0x0) 22:08:30 executing program 4: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x3, 0x2d0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000780], 0x0, &(0x7f0000000240), &(0x7f0000000780)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000900000000000000000076657468305f746f5f7465616d00000073797a6b616c6c6572310000000000007465616d5f736c6176655f30000000006272696467655f736c6176655f310000aaaaaaaaaa000000000000000000000000000000000000000000b8000000b8000000e800000069700000000000000000000000000000000000000000000000000000000000002000000000000000ac1414bbe00000010000000000000000000000000000000000000000000000004e46515545554500000000000000000000000000000000000000000000000000080000000000000000000000000000000d0000000000000000006272696467655f736c6176655f310000766c616e30000000000000000000000079616d300000000000000000000000007465616d5f736c6176655f3100000000aaaaaaaaaaaa0000000000000180c200000000000000000000007000000070040000b80000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff010000000d00000000000000000076657468305f746f5f7465616d00000069705f767469300000000000000000007465616d5f736c6176655f31000000006272696467655f736c6176655f310000aaaaaaaaaaaa000000000000aaaaaaaaaaaa00000000000000007000000070000000a0000000434c41535349465900000000000000000000000000000000000000000000000008000000000000000000000000000000"]}, 0x340) 22:08:30 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x84000, 0x0) fadvise64(r0, 0x0, 0xf621, 0x5) ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x200000, 0x0) ioctl(r1, 0x80000001, &(0x7f0000001780)="e452dc1d177d3ca60f6d33b3736a66d2ec69f582736c0df8a8bcc78205ac0affb444bf79e687658c802f96c40777999440133a86c9a093d6bcda5ad2bc8f8cac272cc0a36363e2ff4257") r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x0, 0x41) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0xc100, 0x0) writev(r2, &(0x7f00000016c0)=[{&(0x7f0000000100)="e7e55185f959da7b1b1e9dd758232253a2c884ff02f6fe84a4e3c450aec15a06a08d048e48fee34e0b5d2f284b931213a2502feafe5be550f6ad84959f4aeac07b1f10159e3878d470870aa8b9ff9d1c8deb7a1f7177b3579e259a949349075be766e84900ae02a4f44ee845fa770877102551d352213564e4ce5d2f350462dd5c30ca7e360d221332801262e76eba8f4a3b66791f85929556d3c844fcbec5619472ffa725aec1bf3bcc36f10274faa82c32bb25080442a70bb6", 0xba}, {&(0x7f0000000240)="a066518ff198a7f84e06e026758f416fe60dbdef1b423beb603c7aa078b859a4e430d2eccc6ecc97789498ce820e2eea1d691d64e35d74089464ebb3662df40194e55b9994ef2e01a459a4416519caabe7fdfd0a5c7865a0a6a090e64fcdd1e24b226d76e3c4b633fc01c1696eea20051806dd2b90e562af63dbfae02e88abc27b72402f3eda42b689a9bb1462821d2b00263c2cc943f46588196796b033614a938e2accf898cffbd2cd6afc7ebe293615a45ef669706de904a06bc6c5290f163cecd39660f4ffdd5d0ce375ce618b89b1454a8bd6b94564dbeb212267", 0xdd}, {&(0x7f00000001c0)="9bbeaa3c056849b071c5266824a692228dfe99d95b6e1377f8617d62", 0x1c}, {&(0x7f0000000340)="3f585d237877cde4661b9d888deae64f7df4d22c4036f2c4db4bce0e492592f9dd46dcd727b72deb4429b521e89b15a4c4d0b0b887759754c3a2930664a5b91835458bb01fbeb049688a11c5c4d6ebb27a2884ce18abbb96681a44994c0164f57ca1556b4b956aa1da7d6b22e7c19c8e689a1f08666577e0ee777c9e70b9716b986066033b8e353f44d37cb9edb6ce", 0xfffffeb9}, {&(0x7f0000000400)="4a5e5a09fe0817307bbab50efd0626f4ba0d227e4e3c4e4003348633878c846ce630f351f89ac5fa56714dc0cf6cea901b45ebfaf7b86bcd52abc8f6ee75a229508f24c54bf35ac3ae0391fa6400d57471c0699bec587edcb05ca92d0f1dfab9b84c96b725dac063c9634b02b93adc2ae8e500c1a56fc2799c55cb4b7ead0748d06d49c94b1f069c7f8257eb1a1b54dfd12f5d0ab528d2fe5e008e5b88796897d627138e314d71d6be0bf4b1e012638932442a871dbc038561ced29a96bc8d30eeb8e2dae3b94eab311d7b4e04c853e07a14c0b053b3e46ffb6b0fdb42d4db89", 0x278}, {&(0x7f0000000500)="8dd1550116f70b9aa01b4173986d0bd5d4320e5983104b207fe85c88017ecae699023ed4a9be2f1f1aaad0ec8e3be3f34938ffac70d5bd20ced9a9ee24f1c5699ae4efe3efd1e984530569d7a7d95d14b8072b97c7bbc0e038e0d485f16e47d5d15da61c47c732da51a1b0f115697fcefe08017c047ec26513188f00fbb19e8aac9051e1974446", 0x87}, {&(0x7f00000005c0)="59b188e485452f8621ac8ecec5e10a2bef4f8189de4e702e8e7462e4631af55a95eaf31c66ce3dc8287d1280f551b976a4cd992a5c0517501903bd1f8068f256a4152742132c7cd7e2be36fd262f9a44029f61230ca0999a94b46402c307862ad615ea53672fb0bf4ad5ec34be08619d82bc260dba4ab2752efeb37d4491a1d51f1bb86186fcb578157fb637e0a7", 0x8e}, {&(0x7f0000000680)="122350f4816c29f6b1ec8974f0da971ea214b19e8997e26bc8e66e82060bcd25f8715d538faee0a11af10a21be84c3554b43903c5ad43bbe6c4e11b8ab21e26d04f7b040c28b99f5a314652c7a51a37935ebf4a9d50b10a1799800b5e9a8a84a903b73c489cc071f32f8be33d1631a3e84bb08d31dd8e9de91e4ccca7a936913c697b9d7d63dca4c1b03ff1c85b17616806bc674d945299a5cc60ead59086afcbe3a83412c193023ec2b1511efb5ba4b183e5a94f7f16fcef6b419c9ae7810515ece74d9ca5256984687994929e9d4212c884624cd45095c0e51b9ce0e8633311ee5589c307ad0c5e7556e8ba9227df1618d556ac500da472d5cb40ca01a1a3eb7f2df74142d02eaec3dc12c9287c2a76945687b7c9e282c7b12ba5b0f8797244e91cc94796d503116fa03e9d00ad3200573851d03e362c510165d19fd01599fdfa98817ca2c293dd5645aac58c663550571038515f59af279b36086ab63ae2c7bb4b6da43d849e54a38c820d0947995d8cc1f670ec1ccb38f07b5df02aa0d09627680726e01c8cdce62ce501e7ffd41ba9ff5cd8fdd696113d7c3e0546685fc08eeb39b4636eb45e123f9e8fffbb95b1128ba513f341bad276aed7b250845ba46c9dce441884350663bfa25a63dd1c1da4353b90851730327144d7b5355d924a2b5679494fcd47dbef3b4d3c3681c1e253b4c27daf9a34dd7674abf451fc64a8b8cea5b811519de054cdd1cfff7bf3065fa050cf1ec10c120e964f1c6d68962088d5108151633dd907ed6c2e2395dac0fa1f8fc4538b8251d4ab90b4b6e8c8f47122ed0d0781260788e5aeebad3217557413084cc4341a9f30c45015c9da57678556684f13eeb4bde02285061428150402d524071264312cbb8bbce2b9db97206351faf15ee63e6a59a297463c500584cf2b2db46aabf351cdf1b797200ec02396ae0b85828d30d7679033e31f7dfbbe7fc9889a656d865dee2d9e291a8464a9784ec431e47544da6e69ebedf4047c9764f9df9bd2b66d535320675b90f509759931a29f7d39d8f062730d22cca6c598f682a41dabe963044cda10edc2d65db58a87c79400b1c9079ed783a74ff6bdf89e520e24df1e410921e168b940f491efed9d3d05e47855648ba338dda9bf8b6eb4fb11f4d1e73422e4a4de549156b7c92673e287716fd9f7a8cd6622dc960ee1d9c7df3d0abbf3fbc2d9afb09d511d86737b644b2cf2d2ee6b539d7881f450fbce0d1e223196b675e995e38d8f867cfe10cc2cbadc2575a0ccfa28cd9febebee58c53229277b473fc02b32775bd65e002d40a7d0770e79499768b743fd556f2733cf0f5adf21a4cc0d600aea1e0235b6f9dd7db61f03c239ea602a9770a3d1e16b7ecfa05eafae4555cc5a069ec49aa3ff6c20cfb86f83438038324f4b7510b374e61aa076134b066ca078439b2c6744842047078c50378543db5a00a9689760312fabcae5bb843fa67699e42babab1a966ca616a90424b4b8d44bcc866d123615193dc21d24aac6b953587e2b4bf9a6b52e3461b219c3135e31d104e653490b7de8e19211a64d506c54b1b82f414eb7b07f8ff09ea8ac48c99499af2c80577d36c43a731c2904e174ba700ae12814e9c0de9e6f957f7fbe6355c407235a57771da08070365e875a5c5daedfa658e05d1135c249aa5d82d0257f16efa9633bd213259d7c04819dba1de78e811e54bce48d9c0e134993ef94fe92661f123306388c1dd4902a50207dc59742d47307d4454356601e968d1a07e7fd029666944959df2d108b6babb1414537df525e1b98a761806bad3db6eaa2a6a09387b186dae71e1cbabc7502be15b2d20474850e020fbf056180302a95f2a992648de898330014660888cd166787d5202fecc18fe2bb77c7b8bafbe6251d39b6862514e0e4f039694bd04b251e0fed6f1fa3db3418c383358cf243eabddc37f00c01aeed39dd19be945f0eefb1ce3a225deaa3ce60351a63ca2eeb619d9084bd9819ba6c86c9d4d2d36056c992545331aa556ddb137dfb0037f1d010562017b2808b65b54aca24e072dcf5ae4945a9d53fa430b6f9af4d7760ba6ed760091dbb6010757f407af19bce3fb9f009d92ad21ff5959f212704a8c8b0b59ff0fd67ee54d2c06ee62d0a858f9799ddccea232a646e7cb49466aa76fd9799d4f548ba0c8bccb7bd32cc6660db4adee282f812a18aa199f74dc4c49bd2d9c0373ca875dd69752866ef7d7e7ea5c02fee6febbef398f352733c327c3525b0e85069e7c0176f6b51e243679192683ece46fc91cda20a11418c3569207070c83072ba51eb477fb90c729449f32ef062bdd81a5442c1e427ad59f7c049bfd53d6323947aa285fed457b5f4855e4835e743962846f3dd2bb365b4134bf81944857a19ece086343680b8a6d68166ec9259a81d60c284d97abfdcb46cfb39a4d10185a1f712ea43746c348834207377ea8ce363b8e4c38db651389a591159800b63af29ae7d2eeee9434fed064ed795290f1f3cea4d5b16ce0b3bb0bc0752dccf29e51cbde2694a0a0dd1a896b79c37f30229379f1330389d9a2174a1b068647414debe77718a78b0acd4a03fc9d2992bfd29e0b4f23fc8b1ec8cfcac32c3ee9d4c4d39e657e8b199ff97abdd1b5f8cc0916c99a1af2f9f79bd86fa89a4e80d3fa5e5a8f993325139cba81c634385eb3ce5dafe986d23ffbc04b70e72534f54af208d43cac3f6a75fcccfe05a1c364248a253cabb699ac262b0643a617c4d170331cd78a361fd7a0240a44ab44cb543f98fba9819da5fa5d811c4c17a69c6e3dee63455f998c280eb299d068186b9de03efe147602135383e182a94cd4e944da6d5ee81044da25ba760bdcf542df43cf0522d318e01aec944471e636af14f0f87091f656cf20fdba233b0867ae0f7d5b9c4d83e6257b798ee4ac4cb47d42f0cf251d98930accea059031971ef934c36a43e04d887a253aa7e563c05d73472ab59e19d2aee1ce094ab824b7319b6c84386372a1a2419824d2006b42c1277825d245a6661e25bbbab6c216ab9c6f005c3480e8878910c44ccf2c3b2e5d127ef68b4fd2d07971e3a9d74e46ba68bf0d1f514df0efd3f89b78faaa2400c22c6416bf32102bdb27b810a3dc492a7a2030eb545c178ba0a7104079b43cce9a3d4cd260c29f264ea0521cf6ee484691b6d98b7468cce5eba4c6aa6b8887394d6cb469f0b771375b202a7241c85de2f2a2b96ca24fa7c16c7f82ace0f0d24d11b5c4738c26a7c1a220445e559fcfde4f4c1dde1593f268027f1db8a9b7ee82d81a495d8d73f66cf415cab2bf512c2f8ebbb5c1989e5c5927df42a74f1819d62834923579a5367b355a6913cedbe433244aec99bba692e77783933ae9fe733077a7c83977d7b43d7fc8d538c4af1af4ad3aebf755f4d81f575229449458d960c6a2f6489d816cd0ffa2b850569d763e2bfb3c10b55deedd209d6e6fc89f1d117e94fef6f316218f555183b517f324e1d17725301fd5fbaa46ce20afac7b4bf2c4c8a004e5b3b6a725d4cc23dc34350302d39bffa1bd7289ad21df4ddd425f306bc6ac247e7d3d08912a0f3ca638878dda11d1d8f316f41ceef5cd519e470c04f9b6732aa0be2632f78c5722d0eb347d91dd09030b87cf285e481aa2df71ece685ebba5bcd78d951028ea72b6b4287569a43b7299b8c886d6e08694d9441fb790478008f2ff7866d9e0104fc1e5bf50f190878613a9c794e5c4f47fd583fc21ae2393ae5094d9de9b797814d5d2507dade872423d5c45a9b63fb41631c71fbcf72f02abb1d738d6c2a243c2ed5c5eff85afb66608c7ecff44a24dc5f35b95ed3b17225f2afcf309cbeeea6b827ec564eacea19365965b7c3d0ed7656b58336e5094a9df775c63c1acf0189d671c227e761c525d584ce3a40b8e9209c501763931581c9264e738eecfa91cbb69c23fdc7ef78e6fe716e6d11002da309e7ca3949b93e27900a0441cf43a605702de77186242aa2c886b84ac7d908ccd0d60cb9cfbbddaf6ac5abae1ec8b065109028b77d9c5e772fc4995dc5f6c93913b4f37cd5c34faca8e00dc4e38e997baa16f123ed1cbee5a2dfd6b8f2ec20aee5edf1a807c5dd7c0488e15d1b6ea0ae9d9d281e126600185078fbb5a068d4502a044ba7dff527e4b297cc304fb02dae00b549a18a8b28b2c25a7acdb44b6ccc8c47ef9c172ded30e006c2fa044fb338ab3b19ec831d9e0ce19941b6a720512890b79a1ccef67423910d0ea3378ba5263b05d077e420f542f3eb4ee6936cf9461d2e4b23ed8a570dc257f09e39e2703a7639c6568f8e52927f843c50ae8968009355b9347b5ced6fda1493fdc26384e2bbfd0cac0bc1df6f476606ae879e6456b1ec78da364fc52e877c3c5f6f9ba52ba8050c0fbca257dd512838355b3fa8fe4253ef5823434982f5ad01a1eff00505df4c3b8056e69427a0bed429b2d85cea19f122f51da490e885600508b07f43427ed1216f3ae4cee0878b580abb6489428d0f890ea3fd215be5c8524db82f10ffbc6d8ba24222ad51803e1f3a9f581a7b4242b1c3a6038bb8e1b9e0e76bb65069eae83dffb520a54f6b7c7f10565497b091ebfe34cfbc5883152e362b6e3ea19e86b5be74fb551b98f95668aa0632cd0943ac019fead44ab0606678ba10b8a9271ce31d437ee9f0b89a4126e5e85ebed06f30989a0701b444414eb4d90f9d30212780ac08e1667524c93fcc56ceb0d9da983e33f2b5555ed6e50ea2207d89273ac87413603bfb749ab355b67d1759bc417cc0689f253d6c7e2bc4b6242fec0b5e9a6550b6489c2947f4641a13a21c930fecaa85853a950e2532a400a46d59decc180163a91a4746586f3dabcce2b84b14198b8bf12a189439a6333976d36cc99ad2b6c706ab0275511f7e261743816823b3afe9616691cf56328d0203c939d3c49233659edf65e82d97b772d3d48b643657dc9144c4929ca9d74dda9b7ff602354db909109ad0d4a8fc11e4d793428fcba3d15d9d6a233acd30c686b85a34e0cdbf8c4e8b2b12860d0ada342d067d84366e0c7f35706c1ad1be5c3b2b359c97690c891d1bb8a60e95dd83055bf961c6c1d8c29d7afe568a0731d7e304e273d614e068b61712aa9852c233f4368c77d04569139801ea930937f2a4f4f05f8893337b4316f72d78cfec02671565ae98ec9eb4539acb12360b035c8761dc7627fe4e0cf85690461905558c38528742d1b090b991db99f9df76ced4ac9d1b6887e4f419259b479381f5e561de6894b67b6b0bedc20eea4af4846afe212016074886486fef304047fbb96f1407b7b5dc2523edb5b52982426f4d6d8e9cc0225217cee307784bcb2892722434305796ff08399044d7c7ad0ebc2cba714e5e9c06a3424b392e749fc01774bb0b4f01261075af23107050f48fb6cb68c7ebc29fe457e76f1eac0b355616bb854d3d6c9180cd4d28550abdecd7102923c414ae739a9a004c77973798d019ee845d9a81e936af7d19c1e108a0ec5c5bf8b83bee05ef369eec28865616eadb4ba3781889dd4f1d59036313dd1ef9e1bc113bb7402402dfba141e605c7c32885ad54328de2f8d4f02978c40ea0ce6a5f0ea632f59d0106a0b7804cdf117946d7a29238b29b57424c960b582c4c18500ff21a917039880c1da05713d795786743b79ce1834c2329a5873f3f5756ad55520eb1415ab240ebbf13bee185e43ca89c8bcab3969a2db9d2ce76e926975e4bdcc18586ea62b02c9a30b470bde73b0830e4b389865a21e6fc7f5fb2290da318f6d", 0x1000}, {&(0x7f0000001680)="53ca5fe3394157750e2f5977e462", 0xe}], 0x9) 22:08:30 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000300)='/dev/uinput\x00', 0x2, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000d40)='/dev/adsp#\x00', 0xffffffffffff6d65, 0x0) setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000d80)=@req3={0xe33b, 0x1, 0x0, 0x7fff, 0x401, 0x1, 0x400}, 0x1c) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x202, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f00000000c0)=0x3, 0x4) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r3 = getpid() iopl(0x0) sched_setscheduler(r3, 0x5, &(0x7f0000000140)) ioctl$UI_SET_MSCBIT(r0, 0x4008556c, 0x4000000000) ioctl$EVIOCGKEY(0xffffffffffffffff, 0x80404518, &(0x7f0000000040)=""/101) rt_sigtimedwait(&(0x7f00000002c0)={0x6}, &(0x7f0000000340), &(0x7f0000000380)={0x0, 0x989680}, 0x8) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000180)={{0x9, 0x3, 0x49, 0x0, 'syz1\x00', 0x200}, 0x3, 0x28, 0x2, r3, 0x2, 0x17ffffffd, 'syz0\x00', &(0x7f00000003c0)=['/dev/adsp#\x00', '[vboxnet0mime_type\x00'], 0x1e, [], [0x8, 0x4de, 0xffffffffbffffff8, 0x7f]}) [ 275.129019] kernel msg: ebtables bug: please report to author: Wrong len argument [ 275.187810] kernel msg: ebtables bug: please report to author: Wrong len argument 22:08:30 executing program 4: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200080, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f0000000200)={0x80000000, 0x3, 0x0, 0x0, 0x0, [], [], [], 0x8, 0x7fff}) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0x0, 0x0}) r2 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/stat\x00') fchdir(r2) sendmmsg(r1, &(0x7f0000008600)=[{{0x0, 0x0, &(0x7f0000003140)}}, {{&(0x7f00000072c0)=@un=@file={0x1, './file0\x00'}, 0xa, &(0x7f0000007380), 0x0, &(0x7f0000000600)}}], 0x2, 0x0) 22:08:30 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x1, 0x1) 22:08:30 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = msgget$private(0x0, 0x1) msgrcv(r1, &(0x7f0000000240)={0x0, ""/132}, 0x8c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000001640)={0x1d, r2}, 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000040)="92a88ed40ca365e96b138d573ae703afe0680a8d7ef762f39fd5f790ffffffdf137dc737f5953735c9e86297d2a3cbc679e5a12ea1e14a8b68f6cdcd62e119311b04ba5e0effc1dd46fbba8099ea73aa23f5de9a0523e61fafb03fe7682d9ce61c0450032e369ce18a7ea3bd10e75a4efdecd23143c9bd8d", 0x78) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x40800000000009) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGID(0xffffffffffffffff, 0x80084502, &(0x7f0000000440)=""/62) keyctl$assume_authority(0x10, 0x0) syz_open_dev$ndb(&(0x7f0000000140)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)) close(r0) ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000480)={r0, 0x5, 0x40, "e38ab903dd12dd3e8afa476c45c58dc60fdc6f4a6d06a6ee2b3bae43b3aed58615172a0e54ab74c040ed262e106370207d24c408e3445a1376b0ee0d5d541ce6cdd7fbe2b4b9b7f5411d8557f5cba6960cbb5881ea74d3f56728bacae37f90ea827eefb5883b14e868bc"}) socketpair(0x7, 0x80000, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e24, @multicast2}}, 0x8, 0xfac}, &(0x7f0000000100)=0x90) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f00000003c0)={r5, 0x2}, 0x8) socket(0x1f, 0xb, 0x7fffffff) 22:08:30 executing program 3: syz_emit_ethernet(0xe, &(0x7f00000000c0)={@link_local, @random="cb7ec218473f", [], {@generic={0x88a2}}}, &(0x7f0000000080)={0x400000000, 0x1, [0x400000000000, 0x0, 0xfffffffe, 0xffffffffffffffff]}) 22:08:30 executing program 0: r0 = creat(&(0x7f0000000000)='./bus\x00', 0x38) r1 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000140)=0x8) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rtc0\x00', 0x80000, 0x0) sendfile(r0, r0, &(0x7f00000001c0), 0x7) setsockopt$inet_int(r3, 0x0, 0x0, &(0x7f0000000240)=0x101, 0x4) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000280)) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000180)={0xffff, 0x4, 0x1fc, 0x6, r2}, 0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={r4, 0x3, 0xe7, 0x2, 0xbd, 0x10001}, 0x14) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x40086607) 22:08:30 executing program 1: ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000140)) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x6, 0x0) clock_gettime(0x0, &(0x7f0000000100)) llistxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140), 0x0) sendto$packet(r0, &(0x7f0000000a80)="2a11f1b5bd5a7b46ea129772e358a020f8ddb29fbd596167713878030a3f46ac45f2cbd24b4c0306fbf7397578535d5c", 0x30, 0xc5, &(0x7f0000000b40)={0x11, 0xa, 0x0, 0x1, 0xf5e3, 0x6, @broadcast}, 0x14) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000006c0)='/proc/self/net/pfkey\x00', 0x10400, 0x0) rename(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='./file0\x00') getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=0xc) ioctl$TUNSETOWNER(0xffffffffffffffff, 0x400454cc, r2) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x38, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0x4, @loopback, 0x100000000}, @in6={0xa, 0x4e21, 0x7, @ipv4={[], [], @multicast2}, 0x4}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000280)={r3, @in6={{0xa, 0x4e24, 0x1000, @mcast1, 0x2cbb23a}}, 0x0, 0x3d6f, 0x8000, 0x2, 0x4}, &(0x7f0000000340)=0x98) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000640)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000780)='/dev/mixer\x00', 0x0, 0x0) r4 = socket(0xa, 0x80005, 0x0) ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f00000003c0)={'bond0\x00', 0x7f}) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000880)='IPVS\x00') ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x1, 0x6}) sendmsg$IPVS_CMD_NEW_DAEMON(r4, &(0x7f0000000a40)={&(0x7f0000000600), 0xc, &(0x7f0000000a00)={&(0x7f0000000900)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="040c2bbd7000fedbdf2509000000040001002800030008000500ac14141208000500ac14141d14010000497064647030000000000000000000000c000300080007004e2300000800050000080000080006000500000008000400050000001400010008000800010000800800020000000000"], 0x78}, 0x1, 0x0, 0x0, 0xc010}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)="4c5e7070703126152b407070703000", 0xffffffffffffff9c}, 0x10) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f00000008c0)={0x6, 0xa, 0x4}) 22:08:30 executing program 3: openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x800, 0x0) r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000000)="1f0000000104ff02fd435463e4af64550cb81e000b000104040423dcffdf00", 0x1f) syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3, 0x424000) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x80000, 0x0) 22:08:30 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000100)={0x0, 0x7ffe}) ioctl$KVM_NMI(r3, 0xae9a) signalfd(0xffffffffffffffff, &(0x7f0000000040)={0x3}, 0x8) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, &(0x7f0000000340)="643e67660f3a61ca9bbaf80c66b8bc5d158866efbafc0c66ed66b9800000c00f326635001000000f30f40f38c94bf80f380b5775260f01ca0f21360f180ad810", 0x40}], 0x1, 0xfffffffbfffffffc, &(0x7f0000000280), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 275.497012] audit: type=1804 audit(1540850910.823:39): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor0" name="/root/syzkaller-testdir066658280/syzkaller.XAGmrX/19/bus" dev="sda1" ino=16559 res=1 22:08:30 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xb, 0xa, &(0x7f0000000300)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x6}, @map={0x18, 0x0, 0x1, 0x0, 0xffffffffffffff9c}, @alu={0x7, 0x8, 0xf, 0xf, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x8}, @generic={0xffffffffffffe301, 0x4, 0x9, 0x3}], &(0x7f00000000c0)='syzkaller\x00', 0x8000, 0x3e, &(0x7f0000000140)=""/62, 0x41100, 0x1, [], 0x0, 0xa}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000001c0)={r1, 0x50, &(0x7f0000001480)}, 0x10) openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000000)="2a36cc3d1959e992c1c9cc4782810f6bbd53873b6610c1fd347f8062e3a94f81155fe56e1ebc70", 0x27) preadv(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)=""/92, 0x5}, {&(0x7f0000000080)=""/7, 0x7}, {&(0x7f0000000400)=""/4096, 0x1000}], 0x3, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000015c0)=[{{&(0x7f0000001400)=@rc, 0x80, &(0x7f0000000200)=[{&(0x7f0000000180)=""/34, 0x22}], 0x1, &(0x7f0000001800)=""/174, 0xae}}], 0xffffffffffffff86, 0x0, &(0x7f0000001640)) ioctl(r2, 0xc2604110, &(0x7f0000000000)) [ 275.562369] audit: type=1804 audit(1540850910.823:40): pid=7703 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor0" name="/root/syzkaller-testdir066658280/syzkaller.XAGmrX/19/bus" dev="sda1" ino=16559 res=1 22:08:31 executing program 1: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) r1 = socket$alg(0x26, 0x5, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) mount(&(0x7f00000003c0)=@nbd={'\ndev/nbd', 0xffffffffffffffff, 0x7000000ffff2300}, &(0x7f0000000400)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-generic\x00'}, 0x58) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000002ac0)) lstat(&(0x7f0000002b00)='./file0\x00', &(0x7f0000002b40)) getresgid(&(0x7f0000002bc0), &(0x7f0000002c00), &(0x7f0000002c40)) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002cc0)={{{@in6=@loopback, @in=@rand_addr}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000002dc0)=0xe8) getresgid(&(0x7f0000002e00), &(0x7f0000002e40), &(0x7f0000002e80)) getpgrp(0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000140)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002f80)={{{@in6=@loopback, @in=@multicast1}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f0000003080)=0xe8) getgid() fcntl$getown(0xffffffffffffffff, 0x9) getgid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000003180)) geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000031c0), &(0x7f0000003200)=0xc) getpgid(0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000003240)={{{@in=@multicast2, @in6=@mcast1}}, {{@in=@broadcast}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f0000003340)=0xe8) getresgid(&(0x7f0000003380), &(0x7f00000033c0), &(0x7f0000003400)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000003700)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000003740), &(0x7f0000003780)=0xc) lstat(&(0x7f00000037c0)='./file0\x00', &(0x7f0000003800)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000003880)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000038c0), &(0x7f0000003900)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003940), &(0x7f0000003980)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000003a00)={{{@in=@loopback, @in=@dev}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f0000003b00)=0xe8) getegid() fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000003b40)) lstat(&(0x7f0000003b80)='./file0\x00', &(0x7f0000003bc0)) getegid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f00000043c0)) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000004400)={{{@in6=@dev, @in=@multicast1}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f0000004500)=0xe8) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000004900)) getresuid(&(0x7f0000004940), &(0x7f0000004980), &(0x7f00000049c0)) fstat(0xffffffffffffffff, &(0x7f0000004a00)) lstat(&(0x7f0000004bc0)='./file0\x00', &(0x7f0000004c00)) getegid() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000004e00)) fstat(0xffffffffffffffff, &(0x7f0000004e40)) stat(&(0x7f0000004ec0)='./file0\x00', &(0x7f0000004f00)) geteuid() fcntl$getownex(r1, 0x10, &(0x7f0000005040)) fstat(0xffffffffffffffff, &(0x7f0000005080)) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000066c0), &(0x7f0000006700)=0xc) stat(&(0x7f0000006740)='./file0\x00', &(0x7f0000006780)) getresgid(&(0x7f0000006800), &(0x7f0000006840), &(0x7f0000006880)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000068c0)) stat(&(0x7f0000006900)='./file0\x00', &(0x7f0000006940)) lstat(&(0x7f00000069c0)='./file0\x00', &(0x7f0000006a00)) getresgid(&(0x7f0000006b80), &(0x7f0000006bc0), &(0x7f0000006c00)) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100), 0x0) 22:08:31 executing program 3: r0 = socket(0x800000002b, 0x1, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f7ca4e58a4f2ab9d74796d235cb46e09388c30009b88d353426c54d417e68eb5c8ac0fa62f576ed3e78498deb2e7ed56ee2ab5e3f134de1baf735e6fc44341f772101caa9a157931d15ce20182d00f", @ANYRES16=r1, @ANYRES16=r1, @ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYPTR=&(0x7f0000000040)=ANY=[@ANYPTR64, @ANYRESOCT, @ANYRES32=r0, @ANYPTR64], @ANYRESDEC=r1, @ANYRES16=r1, @ANYRES16=r1, @ANYRESOCT=0x0, @ANYRESDEC=0x0], @ANYRES16=r0, @ANYRESDEC=r1, @ANYRES16=r0, @ANYRES64=r0], 0x8}}, 0x20008850) ioctl$BLKFRASET(r1, 0x8916, &(0x7f0000000140)) 22:08:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") keyctl$join(0x1, &(0x7f0000000000)={'syz'}) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) keyctl$session_to_parent(0x12) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer2\x00', 0x400000, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000440)='/dev/null\x00', 0x2200, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000380)={0x0, 0xfffd}, &(0x7f0000000480)=0x8) syz_open_dev$sndctrl(&(0x7f00000002c0)='/dev/snd/controlC#\x00', 0xc52, 0x0) r3 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000240)={0x800100f, 0x4, 0x1}) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r2, 0x9}, &(0x7f00000001c0)=0x8) keyctl$session_to_parent(0x12) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/sockstat\x00') ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f00000000c0)=""/49) [ 275.710022] 9pnet_virtio: no channels available for device [ 275.710022] dev/nbd 22:08:31 executing program 4: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x10, 0x4, 0x4, 0x7}, 0x2c) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x0, 0x0) bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f0000000040)={r1, &(0x7f00000000c0), &(0x7f000089b000)}, 0x18) 22:08:31 executing program 3: r0 = socket(0x800000002b, 0x1, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f7ca4e58a4f2ab9d74796d235cb46e09388c30009b88d353426c54d417e68eb5c8ac0fa62f576ed3e78498deb2e7ed56ee2ab5e3f134de1baf735e6fc44341f772101caa9a157931d15ce20182d00f", @ANYRES16=r1, @ANYRES16=r1, @ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYPTR=&(0x7f0000000040)=ANY=[@ANYPTR64, @ANYRESOCT, @ANYRES32=r0, @ANYPTR64], @ANYRESDEC=r1, @ANYRES16=r1, @ANYRES16=r1, @ANYRESOCT=0x0, @ANYRESDEC=0x0], @ANYRES16=r0, @ANYRESDEC=r1, @ANYRES16=r0, @ANYRES64=r0], 0x8}}, 0x20008850) ioctl$BLKFRASET(r1, 0x8916, &(0x7f0000000140)) 22:08:31 executing program 5: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = msgget$private(0x0, 0x1) msgrcv(r1, &(0x7f0000000240)={0x0, ""/132}, 0x8c, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', 0x0}) bind$can_raw(r0, &(0x7f0000001640)={0x1d, r2}, 0x10) setsockopt(r0, 0x65, 0x1, &(0x7f0000000040)="92a88ed40ca365e96b138d573ae703afe0680a8d7ef762f39fd5f790ffffffdf137dc737f5953735c9e86297d2a3cbc679e5a12ea1e14a8b68f6cdcd62e119311b04ba5e0effc1dd46fbba8099ea73aa23f5de9a0523e61fafb03fe7682d9ce61c0450032e369ce18a7ea3bd10e75a4efdecd23143c9bd8d", 0x78) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x40800000000009) r3 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGID(0xffffffffffffffff, 0x80084502, &(0x7f0000000440)=""/62) keyctl$assume_authority(0x10, 0x0) syz_open_dev$ndb(&(0x7f0000000140)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @multicast1}}, 0x1c) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000001c0)) close(r0) ioctl$sock_bt_bnep_BNEPCONNADD(r3, 0x400442c8, &(0x7f0000000480)={r0, 0x5, 0x40, "e38ab903dd12dd3e8afa476c45c58dc60fdc6f4a6d06a6ee2b3bae43b3aed58615172a0e54ab74c040ed262e106370207d24c408e3445a1376b0ee0d5d541ce6cdd7fbe2b4b9b7f5411d8557f5cba6960cbb5881ea74d3f56728bacae37f90ea827eefb5883b14e868bc"}) socketpair(0x7, 0x80000, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e24, @multicast2}}, 0x8, 0xfac}, &(0x7f0000000100)=0x90) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f00000003c0)={r5, 0x2}, 0x8) socket(0x1f, 0xb, 0x7fffffff) 22:08:31 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x2, 0x0) ioctl$EVIOCGEFFECTS(r1, 0x80044584, &(0x7f0000000300)=""/170) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r2 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x3}, 0x1c) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) r4 = shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000fff000/0x1000)=nil) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000680)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@dev}}, &(0x7f0000000780)=0xe8) stat(&(0x7f00000007c0)='./file0\x00', &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000880)={{{@in=@loopback, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@local}}, &(0x7f0000000980)=0xe8) lstat(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r1, 0x10, &(0x7f0000000a80)={0x0, 0x0}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000ac0)={0x0}, &(0x7f0000000b00)=0xc) shmctl$IPC_SET(r4, 0x1, &(0x7f0000000b40)={{0x7, r5, r6, r7, r8, 0xb1, 0x2856}, 0x91, 0xc8, 0x10000, 0x0, r9, r10, 0x2}) r11 = semget$private(0x0, 0x2, 0x20) semctl$IPC_STAT(r11, 0x0, 0x2, &(0x7f0000000500)=""/88) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000bc0)=0x1000, 0x4) ioctl$NBD_SET_SIZE(r1, 0xab02, 0x4) sendmsg$nl_xfrm(r3, &(0x7f00000002c0)={&(0x7f00003c7ff4), 0xc, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="b8000000190001000000000000000000ffe20000000000000000000000000001e000000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0xb8}}, 0x0) ioctl$VIDIOC_DBG_G_CHIP_INFO(r1, 0xc0c85666, &(0x7f0000000580)={{0x1, @addr=0x6}, "42106a46ce92919028044cd7b8d4503d518eb30a3ec8c98dd3f96440b1a2a6d5", 0x1}) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f00000004c0)=ANY=[@ANYBLOB="d0a0eac3438877033e1dc577a5c5a52eed6bbd0c06722abc292d0b000000b9fee759394c", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000240)=0xc) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000003c0)={r12, @in6={{0xa, 0x4e23, 0x0, @local, 0x200}}, 0x6, 0x3, 0xbba, 0x1, 0x10}, &(0x7f0000000480)=0x98) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000000180)={0x6df, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) ioctl$KDGKBENT(r1, 0x4b46, &(0x7f0000000140)={0x0, 0x4c1, 0x4}) 22:08:31 executing program 1: mkdir(&(0x7f0000027000)='./file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f000001c000)='./file0\x00', &(0x7f0000018ffa)='ramfs\x00', 0x0, &(0x7f000000a000)) open$dir(&(0x7f00000000c0)='./file0/bus\x00', 0x40, 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="14dea0a487cfcee16a9f0468730f465816d374e798d5f92f3650ee2786df467a7dadb51c733b39b707a37d07cda123efb599f785d56d5dfbdf0d9a26f7e0b7cb2073f25e8835a642c33e65dbad6a3a41a75f066b96433e86be185afa6d437ca781157722f94bae509b74260bd5abe733b9fc874be500e5af0a9430f0d051612a440052bb20ab4cdfd1c1d2e2ceda4d8cef6afbf2d5cf26f7cef37c1f26033d2a4baf84789ed04c5986dc90fafaffa3033a81dbb28d2f9214742ae026f941"], &(0x7f000000fff8)='./file0\x00', &(0x7f0000032ffb)='fuse\x00', 0x7ffbf, &(0x7f0000032000)) mount(&(0x7f0000000040)=@nullb='/dev/nullb0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)='erofs\x00', 0x2000, &(0x7f0000000200)='ramfs\x00') syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') 22:08:31 executing program 3: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000001400)=ANY=[], &(0x7f0000000340)=""/4096, 0x0, 0x1000}, 0x20) bpf$MAP_CREATE(0x0, &(0x7f0000000340)={0x1, 0x8, 0x209e20, 0x8000000001}, 0x2c) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2c) bpf$MAP_CREATE(0x2, &(0x7f0000003000)={0x3, 0x0, 0x77fffb, 0x0, 0x0, 0x0}, 0x2c) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000140)=0xc) r1 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhci\x00', 0x40c2, 0x0) perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0x4, 0x4, 0xabc, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x800, 0x4, 0x100, 0x100, 0xfffffffffffffffa, 0x3, 0x9, 0x2, 0x80, 0x1, 0x5, 0x1ff, 0x3f, 0xfffffffffffffff9, 0x1f, 0xfff, 0x8, 0x9171, 0xbdac, 0x4, 0x8000, 0x5, 0xfffffffffffffffc, 0xfff, 0x9, 0x78, 0x37, 0x0, 0x800, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x845, 0x10001, 0x1, 0x4, 0x7, 0x4, 0x5}, r0, 0xffffffffffffffff, r1, 0xa) 22:08:31 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:31 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r3, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r4 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r5, r4) ioctl$RTC_WIE_ON(r5, 0x700f) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_GET_FEATURES(r2, 0x80044dfd, &(0x7f0000000140)) 22:08:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x2, 0xfffffffffffffffe) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000002ffc)) r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x73, 0x101900) ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'ip6tnl0\x00', 0x400}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x40, 0x0) 22:08:31 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r3, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r4 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r5, r4) ioctl$RTC_WIE_ON(r5, 0x700f) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_GET_FEATURES(r2, 0x80044dfd, &(0x7f0000000140)) 22:08:31 executing program 3: r0 = creat(&(0x7f0000000700)='./bus\x00', 0x0) r1 = open(&(0x7f0000000780)='./bus\x00', 0x14103e, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0xc028660f) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000000)={'filter\x00', 0x2, [{}, {}]}, 0x48) 22:08:31 executing program 0: sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[]}}, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x14104a, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000974fee)='/dev/input/event#\x00', 0x0, 0x101002) write$evdev(r0, &(0x7f0000000080)=[{{}, 0x1, 0x74, 0x2}, {}], 0xfcf2) sendfile(r1, r0, &(0x7f0000000000), 0x100000001) ioctl$EVIOCGKEY(r1, 0x80404518, &(0x7f00000000c0)=""/216) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000001c0)={0x0, 0x6, 0x8, [0x1ff, 0x3f, 0x8, 0x693a336b, 0x5, 0x1f, 0xfffffffffffffff7, 0x896]}, &(0x7f0000000200)=0x18) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000240)={r2, 0x8}, 0x8) 22:08:31 executing program 3: r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x0) sched_setaffinity(0x0, 0x7, &(0x7f00000000c0)=0x9) wait4(0x0, &(0x7f0000000100), 0x1000000, &(0x7f0000000500)) r1 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BLKFRASET(r0, 0x1264, &(0x7f0000000180)=0x3f) creat(&(0x7f0000000040)='./file0\x00', 0x104) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0x0) fcntl$setstatus(r0, 0x4, 0x0) creat(&(0x7f0000000700)='./bus\x00', 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000600)='cgroup.procs\x00', 0x2, 0x0) ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000380)=0x20040) r2 = syz_open_procfs(0x0, &(0x7f0000000200)="2f6578650000c10000000000e9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a6568641006d7c0206a74e33326530000000000000000000000") ioctl$TCXONC(r2, 0x540a, 0x7) r3 = creat(&(0x7f0000000080)='./bus\x00', 0x0) lstat(&(0x7f0000000140)='./bus\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETOWNER(r2, 0x400454cc, r4) fcntl$setstatus(r3, 0x4, 0x6100) sendfile(r3, r2, &(0x7f0000000300)=0x100000, 0x100000001) 22:08:31 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'bridge_slave_0\x00', 0x0}) close(r0) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x2}, [@NDA_LLADDR={0xa, 0x2, @local}]}, 0x28}}, 0x0) [ 276.689853] syz-executor3 (7799) used greatest stack depth: 9760 bytes left 22:08:32 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000100)={{0xa, 0x0, 0x0, @remote}, {0xa, 0x4e23, 0xfea, @remote, 0x7}, 0x0, [0x1]}, 0x4f) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x141001, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcd, &(0x7f0000000180)={{0xa, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @mcast1}}, 0x5c) 22:08:32 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:32 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r3, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r4 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r5, r4) ioctl$RTC_WIE_ON(r5, 0x700f) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_GET_FEATURES(r2, 0x80044dfd, &(0x7f0000000140)) 22:08:32 executing program 1: setitimer(0x1, &(0x7f000000bfe0)={{}, {0x77359400}}, &(0x7f000002c000)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10601, 0x0) ioctl$KVM_NMI(r0, 0xae9a) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={0xffffffffffffffff}, 0x111, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {&(0x7f0000000040), 0x3, r1, 0x1c, 0x1, @in6={0xa, 0x4e23, 0xff, @local, 0x1000}}}, 0xa0) setitimer(0x1, &(0x7f0000034000), &(0x7f0000000080)) 22:08:32 executing program 0: mremap(&(0x7f00003f6000/0xf000)=nil, 0xf000, 0x4000, 0x0, &(0x7f000028d000/0x4000)=nil) mlock(&(0x7f0000ffb000/0x4000)=nil, 0x4000) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x5, 0x200) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x30001, 0x0) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000040)) mremap(&(0x7f00003f9000/0x2000)=nil, 0x2000, 0x1000, 0x0, &(0x7f000028d000/0x1000)=nil) 22:08:32 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f0000000100)="0a5c2d0240316285717070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2200, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000000c0)={r1, &(0x7f00000032c0)="cae9c20d85e5cf731459dd4f03113ed61a4524188bda027ec94d778acf07d2318cb6d574d74e060c63d33a3f9a4bf93c1646043c774447b3a7eed3a6e73eef1af94909c7cfcaad6456ae843d15c5b278464d03788d46152ac1de99548291847fb50da5b8cf1d756a3e3e0f2461a28055c4f851a7f425b2ddc7e400cf88936d01c850e73d585e19d6e72aabbf247bde2a9e9caa386642379c32bccf1fdce39e48524e00e483352a3d2f46727a133ebd36a2f1a93bbcdaf1d15a4092ace3544f64bc1afd4bb3d2a824f0fde165e5212684c1bc783bb20c040e808fe561db80eff7caa0ac8f2c7266d44980061f9455e227dc9e1f1de9a8ff88511193a52717d3b6e2a6ba4453280643a61fb33272e3c01fd9ee6593442e7eea62da011beb451b027e01b437303f39c12ff22a8d9044bf2c6228a37524208adc39da283a6ac264827632137aa05b6b22bcff3bb1eab151ebfc6364c358cd4741d137aae8858c422e426692de914569ac1e56a40e1c0d088c94e0015a6ef4f61380ba5844f5b1a73601c82b78f72a8a38fca5c5b45f38bd5ddcd3f459e4ffda3dcf2f5ae0c4cf0c55fa18dd08afb6acb408c39626b981d9880b9f719769a0d88a82f2dd13450dc7038fc7b6ed594c0896d69ec6a07117b69bd68b8d19f2e250f3009c91a447d59015c823eafd12fed94b16eb18431b01ca2ae491e07cd3b8f6f19b5a5a4e47fa082c0c5a404b14cb42c659c8ebe56e483ba16abc56f8f8aa298ff9633a1a9728d4a3ef271c08494dfdf314e0629374917e6b187cdb8932d27a1759430ef31d87e423a38b6442f085a107ba505c44dfa4f4c364177f1c82e288c734583f7d7cd4745e70e133d8d7b2ab9744e2758002cbb15bba1d6810a8dfbdf37b2628d69ad2e37d63e2e60ebd412f35adccb3955b3cb6e4ae460fde1fe5fd31203a95dfada941852ca68058af9283175394e2d32712d385e3402d07c98e4f0137994816dbc62792572915dbd5a8affdec257232d73e5e6ff7b57993b53e4dd81e69f32c68c2fff3f334a463011d8e0f187b7abb42e480c97b0b5b8630cfcef828f98961966901afad1abc1eab4b2a7005da1891f039a344e9e74c11a6545deeaaae184fa2884586553c657ae8f68b8f741b89bedc54a11055fc2b2b89d9325fce95d05a5d153d0d988be3b0d3b3d999acae2536cfbba7010d078aed940119462fd1241327855e39168c1dc2c3a295ba3a18195e576a3908a39f5f1e3bf0ba497245fd61c51dce2f5c6f549950e2a0ece5a5b4b81a5aff46a507580b2e481e6910d5071e58bfbf2c16c1c0b03a8b07ba305bec7f91fe953de89169d926f7d3544efd7c675f694116eb751fbf4d323a6e57dba76424e453bb72588483d0cbbb30b7456a68e37f756037222d70be4076497ee41e5364261fdbc7e88d8862db5b5d3f725c3f8b4e3a7ae158130b3ddd84d6bcbf2043e370f10d4e1fb126be84d6ad3d38a462e2ed5d9eb83c330b9fd5a65eafea348d714e896758241b11e256585d39e98b2b05bfd1946c6969333ff93d296325494ae7d9eb5b273f229f7907e868c9a474f306fd6d30d8e7b45c4d539eb9d6c8730e1ab7925b6227c9f66c84166ced318f1e7433b1872c0d292fbfa8a96b38e4cf2ad5d972f24489e6ac38f8876ccaf9fa30f499d140fe7ea2d10a4a4991cf50d8b96d1ae6c24d83234496de4392c2533b136fd96854055d051f1c6a418bd18f0737c47e7e3311c5fb335386c79e0b26b5957fb242360861b79e596742c4ff0069fc6bdbc5a59a6423a746014d55bc71978413c4cbfca5ab4c8248403d1ae6f2aef1214583525fd31dbb0f60dc998cdebc6f05d6fb090b02493663fb86cf6e82c3d2d514c59cfd2734e985338ae4ab87099e809db74b664c1850b6465775cb490107a6c101b61535e4758fc62a0df75c4d42d44970555dd7ed3d5c97b334933aa94e0b97eea7d41dd19ba85ffaf317c57321276a591ba0e97c065be76d0cf87ca5aaa8330f05283c63255aea31829e97b265fa303687305222728fe9cb3a4563a5a9552a688ce8ff8caa5cf8df4aaa157fa9dd80426c218799af6258a1e5287d8d542ccd31d38e0d00a47e3aa531451b025e3426439c0141226a88edd6aa3ff70c5b4938cc9c354e06bef764958be269113e038a338564c67ae568f73bd95c76a1f3709355ca92e394ddeb216635ee3b41ac6e88a5ed9375be92dbcfae0fd3fb35981769fae05cc774a2bbe6cb528a9f3a083d3ef845115d5e5616f5f1cb5bf406edbcd302dd6a421300de3ea833d048887363e64d4ff190173d889a030792ce190d62172ce0476a250cee8256380a409d8c3c6935a6e3072871704ebda9de4b52e470b0d1b140bcfb5f5db344a6f583a7ab697ac87c6f9270a31e971494a7e7e29a3ee68c5ec653f19b79775294dfb957aca6c35b41749c5cd9fdfbb1b5131d249a6070dba593ea7d063478c58e17b89b0287dd545de1b73cc04d28a6de151445d737a6198826e8ed5b620f59a1a4392700f41a78cb1bd820110940f665dbbb227e59ea4c8108870b10c3ac89fd2c988a10ccd9e85b289702b0482cac38c40672062aedbcb6b28fa91219a36db9358990b44a59a002411365ce09fdabcb53f49ba6e402e492a93505a557644bae3cf2791ab188d0a889b6c45b411b598e267f3aa9b9e738ac220e4b269e653390e54e3d1ee35e2137e290a188077551c5bace1372a0020632ce17f0aea4fb336931e7e9d38227fc38fd590cb1a5b52830eff78b4e6d6b31ddb25407006948a50cf1f52ab6e3ae3be935b3904e332dace5ce89086343956a2f5e45380439f8eec87b863f4c04ba8c7b8e10f1d8eea284bd0bbc63443697e37c9a44dc96ab7eab4475c87a40076d2d49da485a7d442e4a9e044ae37d2b5da661cba7827d09e88aa17b5b6500fe9b576d08a2376d696591b27bbaedb6defeac7669293c81eaed5ef153c664a72c6e8abdf7d5f9317f00000000000000ec16f6d65148d25c339f888e3464329f3018884859241b6e9c933da725dee5e9b00752628b1d94b07ca85147c9672ba8325ed5cc22e1a027f64c74078c1ae65488de3e7efe57335d6fd3c8dc64f5d650b1994718902d6e07a396c78e5e37d5a5a68505667b115aeaf04ce8f979776aef34baba226dc9918f9a6d5038da0a038dce108e82545ac07ed18965b7266c1545cd793b4e3687b6a953f6a1cc14ce6baffcd66bcc378a704e8b33497a41b368ccbefe13530f0ae8fb2ec013522c5862b82693cbf49ccce3d4f497c32a585cf68a41869e1bfd27818078ba9e9ebfa0f5c671d941eb5885a96ce52ff4a86a17bc7594325b8e2da5e989a990cb7406989e9b4d45f6b0a5e5305c415891f1e7d942d9f465e211ae7159db9c2904644957e28c8a7c9990d06434df1a26916a40afeeb2c396627bfa8ecddcdd28e0154d3c6d5596ee15875bcbf3baca6405aa911dcf30ae28e1809264263c5a1b9e1bd0009bbb53952cf04e96d3c66cee440381d751872d772d8e1d3f6c9b0649dc0e78b32124d66d67dd30b9f02ff4cefe35861828e7ecf0477113f6dbc7f4224e208539deb547d3ac0a6627355ba5865fd2b4fda1eed7f90f6925443b1503b4633971cd01d538efdcc5a7160b5244d4cd0448560f4567627d01a82c1a1701a17c91b360bf3a1facb6fd61352cba7866831925feecfa80fd55cffb4a5e970f6aedff65cd5bf20c78aff5d30a3c950854d5413d80d9a6097b8ed1f8ff62758a8bf7953cca576e379bc6aeb830ef63c327ca80c0af57e128e1eaa13308d29e44acd90c242d65cdb0700ccba4370fb7ca3b1a33dcb2e39ac320ab0d5d54fdf3a91811b7eb76f7bb47a4fe33c864c159dce3a9d28003a0cbd3dcde861569047059aa9669e266c0ff8e80d9b8acb2efe9435791a676a35c5382ab398abed1e1e67c69d68a506d6db1c62b6e46c94653539abcffb3155c8a904f8feb3c3848c735623526444717299192d42fd9f16c15be0a89a34873dc5f8a7a7f2e2c63ecadddb0dcbc3590f2114a8f39a6a5bf940ca80e4ce4dd56f6e5d15c68abeba06658a3fdc8a68cb45bfaed8417de80b1193397e891ade9d1ecc98d5a6c98e9cb58e52eb2cd9a1af120cbbf00bb066b561ba701999f390039d5702b9ddcd3570c4db54ff2325498f5d6b7c4d539b0671e61c68920b575c8bb69cc4227dc75b8cd39554423e1a2faff0bfe3a718ec0b94896b021cc7b4d31dfb9d051f28db13e4b3b0af9902e4fec212ab6ada522405e82e148f32962902a486c6daeeb49481f97ea14d718d0188495f1fbd346798ecc12246ddee2e3f8f34198339455b28bab4a821367a71f9e1bd9a7ab00abef83ae6e39d7d0b3b117de257c8039d20b9a9bc7367096955c11d0bfa06b7dc9e71b347540fa2690d10093a3f7d042037f699b74beca93c03733d0cd9d67f8c7402f9f0eef87dddddc7eee5f60656114b973830611ece7958a7f84e2e055efd196819c9e2f9156fcb4a3d20acde672d50b0d4a402320f058a8e5a062b7d61858b8f3d5f889df69b0b16d7445abd318f902f328cda17beb880cb0f5c61039c88d85748422bb38bb117fd4af72af01d145ae23c90e1ed8eda1a52157ad6e8ac95155023cca43d146c4e79d8788e7d86edd948503854d6108a28144b80c320ea0b7bde88dcc70f739047e9dc8f4a2bda00a563159082c574991c57dbc13eda591e953a535c45c39ffdd9edae6c0d8da74656c485f92180b58d4547deabb030295a2d77bf4455ea052fc555ba0519959172fb9d05f8c06e670c9ed25833fdc818f13e566e5054a481a002ee8f9fb3ce4313f1b93ca5c0ea29d39686dcd7d4b9c9e35439265ef1ccff77138d2f361426ad06e00c2e5884c0c4233b8ea33c51b1775ab7cb1cddf4ccb2f3c3c863b964889328003a4943c502cdd31563e21cf40985730d882a4420039637c36f581e28f9e9334266f3fdc07eaeb88ac99c5cf3e6e028d4b1a79e5b61f728ddaa55b2c1d9a28a625ac0e1880925d3fabaea78efba3654bd781be184aff21d975367c2c75b6c621b41a1ba7799dd4f2dc2f2ecb107af0b94d24c5dff75d75e43e971e9b91f170ce55c92e2d8bfb1076857f96a5cacb40da0b35bb647ec55728b2eedfebf613df5a35b92315daf1914d6ca091be86e383f9e5c954c2e0661b7371d7429e90b16718b1ef399f4ac2a1a63d9021c2c9020334df564e5046924afe856fa9d0df5a9b60b2645382089293cdbf34b78a35382583729c14334b8d2a965e1bf51518268ba9e08c67700d54d9fe405172b0a3b384c32d09baaf449e8135a1ad11a35c89b52fe8ceedfcbbd861377e7029b6c20e6e6e5eec9f2c7fa392b6b1440e9a965a9d05a6781b737a08120235f2e19afaa59769e94374e68dc53d3057a5b09bb6c945e0375f8e6e0e10105ba202bbf0b19871ffdcc69aef57ec4dd6c421dd52941e98c8a6efcae636a4cc00ae8fed21d75c34411419b1cbb413e3e9e563131ba95018a1e3aeb7ff1c8bf865c869abc778c283d6943a37c1dece934fed77f7c2178f10db43768fd27ef453c0045b2ae7d4540da1178f8e14850a9b7b1aa2fc6a225b1a0f8cb3aacb3b01964d93284725c525b93cb2afbaaf225a2bede4eeed88e9c13e0cf43c8a39b68b69ac2571005cfa1d70d4c3e1ba4f690991be2f806c067affc226606771277dc2e91ed3d7f1a4084ca584265a06c0ef1c1acc07ed71eb9c4b5a7ab0919e8a5f45bfa92b5dc1c06876a76835e3b5a1af11509b34b6f5852f36f5c4471a9ab2075c05d688878f978df10fbf0f9bef23a1c601fe3e646e9b4496207e3ee40000000000", &(0x7f00000001c0)=""/64}, 0x18) connect$unix(r1, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) clone(0x700, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) mmap$binder(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x2, 0x12, r4, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000000)) 22:08:32 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000080)=0xffff, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000000c0)="0a0775b06a0700ffffc0661bd476a0bffe10d1ecdb97db2e069f6b8aae4ab76baf26b5fb07c9e36f3a8f1c49c8a55f0e52a791a9db5f37e55beaeeaa3c", 0xfe6b) write$P9_RWSTAT(r1, &(0x7f0000000140)={0x7}, 0xfdef) 22:08:32 executing program 0: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x14, &(0x7f0000000040)=@req3, 0x1c) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000080)='./file0\x00', 0xffff, 0x4, &(0x7f0000000400)=[{&(0x7f00000000c0)="066c47d7c2d8006a5889869df8dc1bb8faaa2c28aa8f77abf6501b509f1b0785dda04cf1aac8fce6", 0x28, 0x100}, {&(0x7f0000000100)="6e311f1c40edfed9bbf1d3d51ea9e5fbda5c65c60b923b156ef49f6e8bb3f3e40a05bde807f6f52f2826bf1873509409debd50755c86cccd5c651b1aeedfc0e44650a026eacd6745ec69d43211b08ef19b03b9bf9fd4eedb96503c51dea71f1899e9ad7fe4b1ede8f5f50b90beabad8bad4701dc1bfd74a782c499ccd32bb14e24e91933e910c2e3c9ce209553319a267c905e6877ff226120970eefdc77c13c5a159921a9fa0e494f9702f0d524aa0ed51218dd15e370d54ecf3e9069882013d63f7570695b159992ffc37f7e6995b82a5a925da6fe6dfe61679afb4a282f91e53e05da9f3e9db66a5673", 0xeb, 0x40}, {&(0x7f0000000200)="7b7ebd8f34b0b2bb3f6f485a15e4472fdf3606b28f33589352be1cd904baec8f9ec6a0793e27d3f12e6722e75df2a3da5849e81a282497f53ccdd0b5d6650c90a20e36660d3e1bdb0ba6dc43175bcbe40a354b0ddb6d53057ce4083d42e132b927255a4dc862d0b72215e0b0aa0b46d6df5327f74dbd9867cec073060f0a4bdecfe6eca7ea0262e9fa0b60e54556d5409eea72808a506593a7154705e59425363132d9023f2ea46b17eed30a43fbe9ac1e0c7ac73d59990362e4a6cc3828ffef60508d5ed9211f2681", 0xc9, 0x6}, {&(0x7f0000000300)="2a0fb026716fbe924f97780ada0d080caeed0a8f7717e8ad4b135395ed8e85bbc734cec6bcc28f077ebfb9b7560d83bf3745e75faf932799e30da48d2bd80421fd30aedccdfba3e865b2c69b40f7b8897cfc6cd56089bfd982ed05e5c54cc33ba8379fb6bc85350ed8566d8f2e35b57cdac2a271a0c51d7311f5c77ae2ff109c074e0487815edd36e390847c90080593e1f0ff103d79e5ea8715d0766f62fd72a726fe153f9c38ef610710ba0d10d252691b6895ebed2c241bc1a47e0bccf252d4c41615cda91ad53a8f153ea396cc32c66bb8cee5a56a547367f98d5585ba0f039878c66c1361b51ca5e06e0dfcbb88800de811", 0xf4, 0x5}], 0x21, &(0x7f0000000480)='\x00') [ 277.154951] binder: binder_mmap: 7817 20003000-20005000 bad vm_flags failed -1 22:08:32 executing program 5: syz_emit_ethernet(0x6e, &(0x7f00000000c0)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x0, {0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001, 0x0, @local, @dev, {[@timestamp={0x8, 0x30, 0x0, 0x0, 0x0, [{[@rand_addr]}, {[@multicast2]}, {[@multicast1]}, {}, {[@loopback]}, {[@broadcast]}]}]}}}}}}}, &(0x7f0000000000)={0x0, 0x0, [0x0, 0xaef]}) 22:08:32 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r3 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r3, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r4 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r5, r4) ioctl$RTC_WIE_ON(r5, 0x700f) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_GET_FEATURES(r2, 0x80044dfd, &(0x7f0000000140)) 22:08:32 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:32 executing program 5: r0 = socket(0x40000000002, 0x3, 0x67) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = add_key$user(&(0x7f0000000000)='user\x00', 0xfffffffffffffffd, &(0x7f0000000040), 0x0, 0xffffffffffffffff) r3 = getuid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) keyctl$chown(0x4, r2, r3, r4) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendto$unix(r0, &(0x7f0000000080), 0xffeb, 0x0, &(0x7f0000000d00)=@abs={0x0, 0x0, 0xd0000eb}, 0x63) [ 277.284360] binder: binder_mmap: 7817 20003000-20005000 bad vm_flags failed -1 22:08:32 executing program 3: r0 = eventfd2(0x0, 0x0) r1 = socket$key(0xf, 0x3, 0x2) io_setup(0x206, &(0x7f0000000480)=0x0) r3 = creat(0xfffffffffffffffe, 0x84) ioctl$VHOST_GET_FEATURES(r3, 0x8008af00, &(0x7f0000000000)) io_submit(r2, 0x1, &(0x7f0000001800)=[&(0x7f0000000500)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f0000000380), 0x1d0, 0x0, 0x0, 0x0, r0}]) 22:08:32 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r3 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r4, r3) ioctl$RTC_WIE_ON(r4, 0x700f) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) 22:08:32 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_ethernet(0x3e, &(0x7f0000000500)={@link_local={0x1, 0x80, 0xc2, 0x3a000000}, @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "093a06", 0x2, 0x2f, 0x0, @remote, @mcast2, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) ioprio_set$pid(0x0, 0x0, 0x10005) [ 277.431830] raw_sendmsg: syz-executor5 forgot to set AF_INET. Fix it! 22:08:32 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x2000, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) close(r0) 22:08:32 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000040)={'ah\x00'}, &(0x7f0000000080)=0x1e) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7601, 0x2) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f00000000c0)) 22:08:32 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) 22:08:32 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x22, &(0x7f0000000000)=[@in={0x2, 0x0, @remote, [0x0, 0x0, 0x0, 0x0, 0x2]}], 0x10) close(r2) close(r2) 22:08:33 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r3 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r4, r3) ioctl$RTC_WIE_ON(r4, 0x700f) 22:08:33 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc0\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$RTC_AIE_ON(r0, 0x7001) ioctl$RTC_ALM_SET(r0, 0x40247007, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) close(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r2 = perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001b40)="2f6a7374617400c65381b47aaedf2af5c8af3423fc41891bd2a3c56d8c88e29bad43f1da906e855ff182de04227edcbbc2b1df8f180e158e8abd442cc049cffda030ff277875ee010000000000000000000000000000000000000000000000f532144d1671a6cdf5069e5bddcf25cd7f23956b4a82df900f5eb5763b4fe8cc7172962d2590b2dca2a1308c382541b053194d9027d83ee7ba2e3280857f8f9f63fc90bae959c6e67078bf97e615bfd9409914958aadcfb37973543c60d83526e5c267f7dfa54bd524cc9671dedd665199322bdadee125a35b40b7be0c07301f439a7edfa26fa98277c8078b02e2076291c33787c58b0eabbc39288fc10509409de108f5ca26a8c8e1afb70b2a9569cf8f4cdb6d4e97eb7fdf241dee160e6071618333cc0b0e8bc6a17a0b7d604550fd149ad078ffe54c6392fba29015a3ae73774cd12c9c0ed251a7cf843d712d", 0x2761, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfcfd, &(0x7f0000000180), 0x0, &(0x7f0000000700), 0x365}, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r3, 0x4030582a, &(0x7f0000000000)) fcntl$getownex(r2, 0x10, &(0x7f0000000080)={0x0, 0x0}) ptrace$peek(0xffffffffffffffff, r4, &(0x7f0000000180)) r5 = socket$inet6(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x200) dup2(r5, r6) clone(0x802102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000040), 0xffffffffffffffff) getpid() ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000100)=ANY=[@ANYRESDEC=r2]) 22:08:33 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}) r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x400000) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000001000/0x2000)=nil, 0x2000}, &(0x7f0000000180)=0x10) accept4$inet(r3, 0x0, &(0x7f00000001c0), 0x80000) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000300)={0x0, 0xdb, "01e7ec035269807b3056a745785465f7580aefaf3fc8cbc50b7973bff79b43aa344828a8d804f0d24fb210d4120e990771573547b8ef3dc1ff8b9f399cac8985915c6ed725d4d0ee4dcaef8c2afbf586224543cd190e86377c1c11712df37f67840fcdf2174e0419d4fb4634b48af8f2b2e63a8c00bc7a14292c96a3623403950f8538c4037b48fe9b651a7e5ef3920236af4fe4e51a044db15211050fad86cb714bbb6491228dc054287af3ba50145497d4a36cf5b7e15e07a32900697e71cec7ee47616862cec209a1fd7b758037018fc57d6df657c8e368b0eb"}, &(0x7f0000000200)=0xe3) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000013c0)={r4, 0x1000, "3f1158ade098fbd95a8a3f2947a13aa6657d753d3426617b4e0c53f29f6e761e2f0d8f032a369419ac90e014f13897f10939c2a75479f9d2b55ee5f85656c9ef9aad4e901ee5348c12e0a52c7b1cfc72cb32b27c69a1a2833486e53601c4b2bd88de9a8365d5594b282773bf5461c76962d6ff533a51fa8c0b22183a31efec621fdbd7df742ef5d68ac5ae4e6e83808316f4761e8c01b33e28ba9afd457219f894374807b9cae5f56bc40cddf65523a481b2528c74cc4bda4807f1ec4a723785ea252c6c2929097d6f936e6b219b91ce817cb912f1c7c749d1076b510b85e49850c7ab12dc1175a6d634cc37c9b41117ff447463b3ce2387a40b080c9d4d735cbb69a0568acf2c798be0e9b5fec77c559690548eb55ecc9c570942f7e30e62a934e225453cd9d2b964c8ea62452258501fee843627ec0561307055cb2b7b13b5b62bab9c8e489981c751b1a8eedf665adc4113e7c9d1df585914aa847d03aea3f5655e8c385fc954d06736369353ecd1dca06c85bd03d1578db3b966979b3ea36b49c203a6a3d275bc61ca5db28554e3ba29cb871e3cf9bbe104386e450ac62ab85f1d1ef691f1868ddacb6e0f540c2169ec6c90c0a908a6f5f763467aa2dfa936dd202ab2499c3a2712f67d174668bea83069f98538af40f98ca4df98141af8539149ab293fcce01dcd4d9f06967ed64b36023713988b8ad003cb6f9afeb8a726847c38662f1622220a25866b90df76926ab8843ca5d37a2bddf1efc5ab4d47c7e14bb91fd8eb8cf07f8336b13423b6410985923bf4ba31c007f1eaccc49326170e36e69f8abac86ad26ed140acb215447ca81893e5107cea773d6e747527a56c35eff480c4ab39e3993ef125b7aa13216aa292b29adb17612359d5a409721bde6ca397bc521c7de86ec8aa9e2e8d48dc2ef1177d9f7687d4a25920b37c75ee9109bae96d53c80c9c8630b48a427c915d6adb86bf9914260c7210cc33c2119400046fd26519f431ce68b6b7a7410c418036315b7cacd6a85d3f4c276c03a888997f0fdd287b0e3a06a8da1362199731edc9b0d6addd7df49bb7cb9312208e120d933dbb02f98ef74edce0c1c5bea23a597911f104b1095f2913f770f9a316c99bbed6e2ae4523430d9949128b567acfc380f33d80e621bd935cd18fbc95cc737dec1c61a3b19a90658c3fbb9ededb936b8c71e9b4c3115fd372df0b1eb4086e7ee4d233e8bf5e9c5cd32d3b35f0cbbd35c0c3a4524c610342269022008761dff647b0df6c85543fe04b869ff8fc59910a63a3cb83c2b34ded3e39f426b2e4437387ca7f5f16203dd8854b480019d75130a4f083bb4cab2221460aadb838e671f6bbf714e689ede58d43a8a41f1f94ee346c892dd5367082e487ce4e53e6e4778a4339d7ff4e22930a279dffacc1e763b265062e192237f03e3f16201d28434f910ae7a6689f630bce6626dae71e41f8fe7a24fd640b9f83eeb1225a64a467d9187aa3c43aa1ec31711f910eb66261bffa04b75b1a5d861dcfb278e226a54fcd610d2c1d7c4cc73f8be1fcd8253a6c18aa7f232ffa2f3b6b9331fcd9b957860218e7c4d718cbe5336af9f94b9cfe2b9bd837690fd9bb398a7a4dc2f2e78337929e8179e37d3ed95183c65c4256243ea2e87bdaebd326b61547d13653648c2371a0404a42553d8a1e205c0f7aa1d9c729bf1ca05d6570930ab515f4bfbe27bf43861f98714866868fbb5f383065624c07dc994eaaaec1a14f09e7194cad913a735ad804467ff2b459f0ad326c7de02ec0a57c5ab67775d5f6356448517b21af786c6c4e7381e12ed3766ff3a16399baa1ba6c91a73f7dc6707ddf33599cf9b341fc6e4c8917593c6eeca569c99c70e5e80f4ad62071114a4971bd47fe125feafb3e09e1e0d729988cc5aac5dafbbed73c9611e4dafbfa4062f756750ef8b44c7aabe83a25288926894774f2c1985c91df7b29d8c989222a0e476169f2eeb3c8c659af191855fcfe4723c35f4d496153fb1392befaca9ffb6dad545518d82398bb8e05dd7e9c6eb71ba1868cd432401f8efe112afe05679d5e91ff682e2eaa47450d9250881dc40cf0dee2512ab08ae5f4044ac4ebbea96ac9b54b8239b8c642424e8d79ba2f0201819b90871148072345d6fda387093340a2972aa1581e6123a24870fcbacd97b3ae7c80ac486b5273df1d5df00ac02d03501a811cabd9490bb15db28178312d6253b42583527831e7e7ae869b22c088dc21f5baf3bcb080e8702b4921d56e93a454700ebdf3bff9c29c604538fa020e19d7cbdccbe2033f0e68477eb84c795e050fc91d315c2d3aac4af4d0e69f30c80d143b69cf57650035a95a1fed136b75539c2ed96f20545072c2cb110b3476db19cef99ba686f3982eb40840b03b4691de874fa92d7b52443b423bb234d8add8d94b4d9e60452bb8423775c3e943caea9b08578a4b042c5945207c77a12a44574e863da1d538ade71d84767e2e412997fbed8f128ed85ef6692bbe29794ce1e5174852d1e3ec9e6b79c4862040f9c5935260fea6a44232e68ae3bfe9ce612b61a269c370406b702a96f9ffb5ce397147bcbfb053b1820e2550e84aab5c2f3ad27d6c3bcd7231e4b3a442c0b2cd1b1574e1ccce2727709cdf408eec86ff994b438adab9b85f39156e722f08afb9b9dc31e18f46bf7d2e7cbde1c9d5d926f8ca3fcf82eefc77ce56e17ca8b84059fdf86d36f9b9a4336bc84ae845f3303f5e24b5bec45a76d7817f3e4bb1ccacf1e25d0e68df78bf76a245cbd5c4c6ed1bac3587f4d6ddc4b8252f9fbee72a76d85d61d46120bf3f5ff8a2bd98be614e8c7365f4f9e369c17d39b7f5209ed0968ff727439f714a9def1e9901e331173478f8e12505a941e52a66fcf6b2f8309ba716ba9801b9cfdfa6152cbdf977d5b01f456162f2e36066d5d3ec7a2c98761071eb253751804b159af0f5551f9b44c3a18ce3db10720a328c694850689f75c4668b323b5419fcc3dfbb3908f97a40643ad64e551678f76f8046d1c08189fee841cd31fef1065b6501ca8c884e8f8cf9b97ae7df81fb11626a5777876e3e7b575157262d9383a8724ff0ff3ec92a2f54621a85d58e2cb3ad61e3ebb0ba138e1505aef2c90a2fd21769967b42daabf604a7f4f076e534bb43a179e254341d437e39940a3a97bdf30e21e660dce9b3b7101509266fe89d8a8e97c5f8d866f2de4e62f8e8b89128bcd9e1d1892ab7ebafdbca05d24011980df124e2b7c8b6ec71c76fbf8ac0ac54526f617dab3739edab657455ee94e34e572f25d2cd6ff56f3abff3ea30fc6a496eab6b022d319aa90f183ab64373be8f21214e48d812d995197205ca24dec8a084990aea5fb27b26c8ee1047714a83a6ebdfaf7d27b2cc7f9b805eff69a0b6151f9bb1b22c5ba44172cc496c2ed367b5769bd172f522824d455a322ac1a49e314fc2e4787dc86fb9e9d8868b2aa399cf501aa333a4a38089ddfc6f778f66a15d53db1dfec22c3ea79a8eae51f17ca3c3e832507f05ed71e35bb0be8425d2062bf339711d37c31d09f6697604d4dabd86b96bdd78c7dc85a2f3110e0e765d68a241bdf95f10e11d5a221ead87aea77ceb9e935b6110d5db8398a1be28143b208957839369ae8c8d7cd98c73a5477e968a190b94911c6a1f646383c2d6294fb4a38eb728c78f652e56bec73258df2adfd40bebe422f74dcf6a3f9f0f61f9e2e4082c113fe849bb43f1ca926ae6f029870a86afff06e112abacc27004cbe07204528691f5dc3b212aa230bbc5bf625b84167bf56e9e2c58f31b51e4b76ea38054b3cb118cc6c714bec710e6e71505d216a963db2c2dc8e568e47d5064b9c67ebd95922fd5dc3c9d1ec0ed17d2becda5df99ccd421efbf44b53c8fdb5ce04fe382ff29e9fddc08547cfddc142aa563a6ce178e5d90e9a5a501996048c19c31685e65f8085cdcb69007b4f6562b93e305891c50a3a1e510cbf5ac6f28cc9f50b8d74f02082ad6a4eb81d2884095af9ef970dccdf9fd75bee2a9d0fa13217edfde3b8a993bf1f56d061dd675798ce94512ed3f32257c219ff5580da520c01b1170529cadedbc6e4daf397f460aa5e2a20b7bf1f950f3f6b0ffa7b5b83a51f5a79c7eda79e72cab3e1aff561136c5f25fc4c15c82ab63c24c3090646123a5f6bccca5f2c1e6f79bcfc70103338b9bfbe2620f76d4195a64d9a1aad73916b10bf3cd729b436ec68ce0440b31d38e97d6044a25a87442adfc8f091dba414b163c5f83bbff347e874d4a63852809d9478ab3b799f99afa5cf3ff8ba1c1580f3fec4a02d81dda73d60db2145feb72e7d3eb40ca37af809c3c007f3719e4b066cebafa8562ddf76da163114f728f3a1e79be1cf47cbf8253882fc316cedc8246c4ba81a52563153f173439dceba03a7117f6599d64f4f576b3b8d1f2a911e883880246aeb52efd2c858c02bd4f7b2b53a76ec38e5bf12f094fcd432832d1210532b91dc295d3758dbaa2833d7c80422cdf99733d2797e50e7949155d7e63d9d40dee4214675013aa72f3287a874e2c947c84209ca1b0dda609eee89f3241a342ed95ddc66a3b871401a4201c93746aa4fca1347bd8f94a4275a79e8bf0cda1d7597748089dab3a6a1fe81eb9ab4d75060b7898e49936f4a21cb3a63e7ed60dc047eb0a086a650b27c02407bd52b2a83f2444be61ac3bf906a19ff21af9dd3bd6a19a6afe5fcadf5679789e9df707fc83259b60d91e2fb1195c60a8c78b016a96fec9a19ef3a5a97f3090844014abf1adec286150bcb4c1a528bcda3b754ce8fb0e485eb7025cfc52526949d8a79f6714166c08d0cb05d29e119557f76abfa3f7f3f7269add5efa5adff3b8c5fbbb12b7b4d1b38d9e62cc720378842d0e769363abbf77aec8c0d2d703e64f3334f3dd65bd52002f539a7690cb12e980872d6fecaf8ef573384f9e9a15569d221f794b49258fa058b8648c7b0bb2a4c8d24bafbc99a43eb25551e176eeb4c29ee2020466cab93c0a641f569e2d6b19ae1e0d711bfdc7453ed65b1deb3eec7ba842b262a8bc294d197e3f7e658b9ac6b2958cc8594b181230fcefaabf9282e3fe4bcd6bd3aca5e48fa6d40d8c530881bc57395312bf841e1bd953ae3867a7c42df094dab221b2803b988d9f05732f1c26026cba3099362b396d972897b3dad13a26e834bce74e13966683f93852d1a063bc570635cf10f16aadc272730222e4c986a5dd1db50feca25a60b1828aa30987a17d01d6713576d9f1b4a2e4a73c5570cd48e7ab5a045cdba3be368590d4d9f8441d7665680401b55e50c6fb1ccdd039fbb380165a731c50646858ed67597fd0f4407e7e034252352b2df2471d8ef0204814788f550de1654a3b5f5ac003124001bbd611550dcda45a78c9c99155e6a0fd4aa1eea01d63e7efb40226da278bade9e6f54f3d99f0b85506548009acb75927ff30c5fa7f93ea2a46321f67310ed4cbeca5c44bf5ae813be03f2c7471c22d0acd405e8b5868b852cdf5cbec0de64304fd55229d2cbaeba0a3b560297aed6ed8aaacdf745797d875669dc936a6f5cb1762bed556524c736145d972b1f16f986ab9db2bd12fea109a5fdccfd4aaea70cbf13cdce757aedf4803e0e1130ee41d32922bedffd386338eb35acba18178cabdb644f5f4b8bc5f389f1089efd9ad8098ab318dd170d4ccba30efd79174c43af89faa740e810df9ae5ec238e0201e7b8b06f7324fb7d0f198f8a0f5c0a1bcfe96dc78234eccbba9261c12624010364634df219464553d203ed00894dc7ad66ecd6c"}, &(0x7f0000000240)=0x1008) ioctl$KVM_NMI(r2, 0xae9a) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000001380)=ANY=[@ANYBLOB="f10fcd"], 0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) 22:08:33 executing program 5: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) sched_setscheduler(r0, 0x0, &(0x7f0000000000)=0xa4) socketpair$unix(0x1, 0x100000000005, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020a043e07000000000013002d5c036205001a0000007d25a3790000000000d77f6046e8195f8f829a6d0007f3ffffff000b024000264423"], 0x38}}, 0x0) sendmmsg(r2, &(0x7f0000000180), 0x20, 0x0) 22:08:33 executing program 3: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/uinput\x00', 0x0, 0x0) clone(0x402102001ff5, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000140)) ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x20) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8) r3 = getegid() r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r4, 0xc0505405, &(0x7f0000000200)={{0xffffffffffffffff, 0x3, 0x8001, 0x3, 0xfffffffffffffffc}, 0x34f, 0x1000, 0xffffffffffffff42}) fchown(r0, r2, r3) 22:08:33 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r3 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r4, r3) 22:08:33 executing program 5: r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x6}, 0x4) getpgrp(0x0) setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f00000002c0)=0x6, 0x4) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x200000, 0x0) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x7) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000300)) pkey_alloc(0x0, 0x3) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000200)) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x0, &(0x7f0000000140)}, 0x10) 22:08:33 executing program 3: ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000008c0)={{{@in=@remote, @in6}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f00000009c0)=0xe8) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa6705ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfded84b520d7e67ed6bd983225202ef998fcc89cf3d0810b1111639e011ded34083cb422bc94e62d7acc19668dba9e21056fe20f28c4f9d20845a35c38a0000000000936bb1387121ea541c57800cc0921cb8487b34e3966a8ad3a0592b39db49078c0a4e1dc9bdd2707468809dbf301b5a43b62bd30a3f7856a6da66cde878dbb087f4b39b2316311c91"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="ff7f00000042010001000000bae5f81571caa58953001ac15de730cdc0c6afa993724eb05daec47c930000000000000000000000000000d81257"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote, 0x0}, &(0x7f00000003c0)=0x14) r5 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r5, 0xc058534b, &(0x7f00000007c0)={0x0, 0xfff, 0x9, 0x7, 0x8, 0x5}) socketpair(0x19, 0x80801, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000a00)={r4, @remote, @local}, 0x36) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000200)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r5, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='ns\x00') fcntl$notify(r7, 0x402, 0x12) r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/fuse\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f00000000c0), &(0x7f0000000100)=0x4) exit(0x0) getdents64(r7, &(0x7f0000000340)=""/57, 0x39) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r8) r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r9, 0x84, 0xf, &(0x7f0000000c00)={r6, @in6={{0xa, 0x4e20, 0x1ff, @local, 0x1}}, 0x9, 0x7, 0x8, 0x5, 0x4}, &(0x7f0000000340)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000080)={r6, 0x9, 0x20}, &(0x7f00000000c0)=0xc) sendto$inet(r1, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000840), &(0x7f0000000480)) 22:08:33 executing program 0: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x20000000000002, 0x404) mq_getsetattr(r0, &(0x7f0000000000)={0x80000000, 0x200, 0x26440a99, 0x9, 0x9, 0x5265, 0x1, 0x7}, &(0x7f0000000040)) r1 = socket(0x1f, 0x4, 0x64fe) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)={0x0, 0x1000, 0x3, [0x1f, 0x7, 0x7]}, &(0x7f0000000140)=0xe) r3 = syz_open_dev$sndpcmc(&(0x7f00000001c0)='/dev/snd/pcmC#D#c\x00', 0x9, 0x24000) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f00000002c0)={@in6={{0xa, 0x4e21, 0x9, @mcast1, 0x5}}, 0x3ff, 0x7, 0x1000, "d78a2678578ac6bbc9a2ab34db1c7ed06dc82b911961b4e136bd0318036f8e24ae8ab420f4979ad3d8fe5bc3722166bdc4121ea3622dc4ec3ec3d656d7f6f35eb966597bf3b464e36693ac82321f68b6"}, 0xd8) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) mq_timedsend(r3, &(0x7f0000000200)="192a7225f77310030203c42bb1f17dcc0ef8150935b2d347f7ce1551240c343dccdf8f7d48a4685817d80505ceca524d6d38", 0x32, 0x1, &(0x7f0000000280)={r4, r5+10000000}) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000180)={0x5, 0x8000, 0x2, 0x3f, 0x401, 0x5, 0x1, 0x6e, r2}, 0x20) write$evdev(r0, &(0x7f0000000100)=[{{}, 0x1, 0x53, 0x2}, {{0x77359400}}], 0x30) 22:08:33 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000bc0)='./file1\x00', &(0x7f0000000c00)='trusted.overlay.nlink\x00', &(0x7f0000000c40)={'L-', 0xfff}, 0x28, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/net/pfkey\x00', 0x180, 0x0) ioctl$KDADDIO(r0, 0x4b34, 0x0) ioprio_set$uid(0x0, 0x0, 0xb9) syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f0000000080)='./file1\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000140)=ANY=[]) mount$overlay(0x400000, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="7505f7ac51707065728569723d2e2f66696c65302c6c6f7765726469723d2e2f66696c65302c776f726b6469723d2e2f66696c"]) r1 = open(&(0x7f0000021000)='./file0\x00', 0x0, 0x112) open(&(0x7f00000004c0)='./file0\x00', 0x1, 0x2) fchdir(r1) r2 = open(&(0x7f0000000600)='./file0\x00', 0x141042, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) write$binfmt_aout(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="002232fc08f204dbb7639b4ca73bb6443dcf23fa9e6c"], 0x8) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendfile(r2, r2, &(0x7f0000000140), 0xd1) getsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f00000001c0)={0x0, 0x2, 0xfff, 0x1}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e22, 0x7f, @dev, 0x2}}}, &(0x7f0000000300)=0x84) getsockopt$inet_sctp_SCTP_STATUS(r3, 0x84, 0xe, &(0x7f00000003c0)={r4, 0x0, 0x0, 0x401, 0x6, 0x3ff, 0x8, 0x1, {r5, @in6={{0xa, 0x0, 0x9, @loopback, 0x401}}, 0x2, 0x200, 0x8, 0xffffffff00000001, 0x2}}, &(0x7f0000000340)=0xb0) fsync(r1) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000640)={r6, 0xee, "a4124aa0925b51ed282e0b9dbddf2364b820690b20fe7987977822f246ca4df36f79974e64c219e4b080ddb5cbf84e0bf5aa35998c4e8bfd562b7ee1e97f82a7fb5cdc8b878394ecd5df88dfc47fa5c3faaf3b8b66d2dfb6c2ce5c34f73abc7519dd3f3c058b2e8f7eae8c29d8ceda24ee6a5524512a6a2e718f34c0c64eb7c0e98c03960aa3e1fa3b4647773591272141b2a6cadeca0cca5fd1b009d91cb345f3576da517e051b3b7e83c654a8bea39d329f05958b8c2447ed02ac09fcbe09b4fc694a29bf43b6c84cc436bf6654d1958cbd6ebdd23709008332ea770b0396bc782af7a4a64148676438decd5f7"}, &(0x7f0000000380)=0xf6) [ 278.104092] __ntfs_error: 1 callbacks suppressed [ 278.104102] ntfs: (device loop0): ntfs_fill_super(): Unable to determine device size. [ 278.148264] overlayfs: unrecognized mount option "u÷¬Qpper…ir=./file0" or missing value [ 278.344198] overlayfs: unrecognized mount option "u÷¬Qpper…ir=./file0" or missing value [ 278.351241] ntfs: (device loop0): parse_options(): Unrecognized mount option Ñ. [ 278.362660] audit: type=1804 audit(1540850913.683:42): pid=7946 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor0" name="/root/syzkaller-testdir066658280/syzkaller.XAGmrX/28/file0/file0" dev="sda1" ino=16564 res=1 22:08:33 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) [ 278.387542] audit: type=1804 audit(1540850913.713:43): pid=7959 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor0" name="/root/syzkaller-testdir066658280/syzkaller.XAGmrX/28/file0/file0" dev="sda1" ino=16564 res=1 22:08:33 executing program 1: r0 = socket(0x1e, 0x1, 0x0) sendmsg(r0, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x2ef, &(0x7f0000d1b000), 0x4b, &(0x7f000012e000)}, 0x0) recvmsg$kcm(r0, &(0x7f0000000d40)={&(0x7f0000000800)=@l2, 0x80, &(0x7f0000000c00)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, &(0x7f0000000cc0)=""/71, 0x47}, 0x40000100) write$binfmt_elf32(r0, &(0x7f00000015c0)=ANY=[@ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16]], 0xfffffd6d) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000200)="0a5c2d0240316285717070") getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, [], 0xc}, 0x100000001}}, 0x2b13, 0x9, 0x43f, 0x9, 0xc}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x61b1, 0x100000001, 0x8, 0x1, 0x10000, 0x7fffffff, 0x2, 0x80, r2}, &(0x7f0000000180)=0x20) 22:08:33 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r3 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, r3) 22:08:33 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000280)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:33 executing program 0: r0 = socket$packet(0x11, 0x4, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000210000)=0x2, 0xfffffffffffffdc3) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x1000, 0xffffffffffff8000, 0x0, 0x0, 0x0, 0x15c7}, 0x1c) getsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000000), &(0x7f0000000040)=0x10) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000080), &(0x7f0000000100)=0x30) 22:08:33 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x20000, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000300)={0x0, 0x0, 0x2080}) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000280)={0x77, 0x0, [0x40000000, 0x800002c0, 0x40000001]}) 22:08:33 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) ioctl(r2, 0x8912, &(0x7f00000000c0)="153f6234418dd25d766070") r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r3, 0xffffffffffffffff) 22:08:34 executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) r1 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r0, 0x6) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000140)={@empty, @multicast2}, 0x8) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @loopback=0x7f000002}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xbf, &(0x7f0000000280), &(0x7f0000000100)=0x4) setsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="46c248eec7414b638251c22bce68fac17f4d0dd375629bb51b36128829ccb97d09b2735fa829457f5974e92d905fc3d2e680047b6ddd77d8900019bc47491b735fd42232e7fa88d9b75e164c0f4f2ba88536b534eb19759659b196a4f13b25f6dd4b02e083334506b6"], 0x6) 22:08:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000280)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:34 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) socket$l2tp(0x18, 0x1, 0x1) r2 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r3, r2) 22:08:34 executing program 3: ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000008c0)={{{@in=@remote, @in6}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f00000009c0)=0xe8) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa6705ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfded84b520d7e67ed6bd983225202ef998fcc89cf3d0810b1111639e011ded34083cb422bc94e62d7acc19668dba9e21056fe20f28c4f9d20845a35c38a0000000000936bb1387121ea541c57800cc0921cb8487b34e3966a8ad3a0592b39db49078c0a4e1dc9bdd2707468809dbf301b5a43b62bd30a3f7856a6da66cde878dbb087f4b39b2316311c91"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="ff7f00000042010001000000bae5f81571caa58953001ac15de730cdc0c6afa993724eb05daec47c930000000000000000000000000000d81257"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote, 0x0}, &(0x7f00000003c0)=0x14) r5 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r5, 0xc058534b, &(0x7f00000007c0)={0x0, 0xfff, 0x9, 0x7, 0x8, 0x5}) socketpair(0x19, 0x80801, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000a00)={r4, @remote, @local}, 0x36) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000200)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r5, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) r7 = syz_open_procfs(0x0, &(0x7f00000002c0)='ns\x00') fcntl$notify(r7, 0x402, 0x12) r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/fuse\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f00000000c0), &(0x7f0000000100)=0x4) exit(0x0) getdents64(r7, &(0x7f0000000340)=""/57, 0x39) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r8) r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r9, 0x84, 0xf, &(0x7f0000000c00)={r6, @in6={{0xa, 0x4e20, 0x1ff, @local, 0x1}}, 0x9, 0x7, 0x8, 0x5, 0x4}, &(0x7f0000000340)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000080)={r6, 0x9, 0x20}, &(0x7f00000000c0)=0xc) sendto$inet(r1, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback}, 0x10) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000840), &(0x7f0000000480)) 22:08:34 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000340), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0x10) r1 = dup2(r0, r0) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="32812b81ba7750edbe4ad85532a20522b9670e8a27088efcb1c128e03cda5d5e8dc66d029ceece8d7c2f49bad9b3b2771afd17caa35c839a2afbe82a0f49a7b11daf253c5352ee9832d2c7b713e3b61208aff3867b63e100000000"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x40002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200), 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000004000, @empty, [0x0, 0x3e8, 0x0, 0x0, 0x5000000]}, 0x0) ustat(0x80000000, &(0x7f0000000180)) fdatasync(r1) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000340), &(0x7f0000000380)=0x4) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8) fcntl$getownex(r0, 0x10, &(0x7f0000000280)) r2 = socket$inet(0x2, 0x7, 0x85) clock_gettime(0x0, &(0x7f0000000240)) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000440)) 22:08:34 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) 22:08:34 executing program 1: r0 = socket(0x1e, 0x1, 0x0) sendmsg(r0, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x2ef, &(0x7f0000d1b000), 0x4b, &(0x7f000012e000)}, 0x0) recvmsg$kcm(r0, &(0x7f0000000d40)={&(0x7f0000000800)=@l2, 0x80, &(0x7f0000000c00)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, &(0x7f0000000cc0)=""/71, 0x47}, 0x40000100) write$binfmt_elf32(r0, &(0x7f00000015c0)=ANY=[@ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16]], 0xfffffd6d) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f0000000200)="0a5c2d0240316285717070") getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, [], 0xc}, 0x100000001}}, 0x2b13, 0x9, 0x43f, 0x9, 0xc}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x61b1, 0x100000001, 0x8, 0x1, 0x10000, 0x7fffffff, 0x2, 0x80, r2}, &(0x7f0000000180)=0x20) 22:08:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000280)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:34 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r3, r2) 22:08:34 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000340), 0x0, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000015c0)="766574683100000000ffffffffffef00", 0x10) r1 = dup2(r0, r0) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="32812b81ba7750edbe4ad85532a20522b9670e8a27088efcb1c128e03cda5d5e8dc66d029ceece8d7c2f49bad9b3b2771afd17caa35c839a2afbe82a0f49a7b11daf253c5352ee9832d2c7b713e3b61208aff3867b63e100000000"], 0x1}}, 0x44801) sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000880)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x4000000004}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)=ANY=[@ANYPTR=&(0x7f0000000680)=ANY=[]], 0x1}, 0x1, 0x0, 0x0, 0x4004}, 0x40002) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000200), 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f0000000000)={0x2, 0x500000000004000, @empty, [0x0, 0x3e8, 0x0, 0x0, 0x5000000]}, 0x0) ustat(0x80000000, &(0x7f0000000180)) fdatasync(r1) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000340), &(0x7f0000000380)=0x4) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000100)=0x8) fcntl$getownex(r0, 0x10, &(0x7f0000000280)) r2 = socket$inet(0x2, 0x7, 0x85) clock_gettime(0x0, &(0x7f0000000240)) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000440)) 22:08:34 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r3, r2) 22:08:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000280)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:34 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:34 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) pipe(&(0x7f0000000280)) 22:08:35 executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x9, 0x0, 0x0, 0x468ce2c679cd9c8}}, &(0x7f0000000400)=""/134, 0x1a, 0x86, 0x1}, 0x20) 22:08:35 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$inet6(0xa, 0x80002, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000140)={{{@in, @in6=@dev}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f0000000240)=0xe8) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x2}, 0x1c) setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x2, &(0x7f0000000000), 0x4) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={'bridge_slave_0\x00', {0x2, 0x4e22, @rand_addr=0x9}}) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x200002, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x40000, 0x0) 22:08:35 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:35 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:35 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCFLSH(r1, 0x80045440, 0x70e000) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80, 0x0) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000000040)={0x7baa, 0x2244, 0x7, 0x2, 0xfffffffffffff001}) 22:08:35 executing program 1: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x100000fffffffe) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x40802, 0x0) acct(&(0x7f0000000140)='./file0/file0\x00') write$P9_RREAD(r1, &(0x7f0000000200)={0x87, 0x75, 0x1, {0x7c, "4a42d6a74bd560f471df53ea658a80c30735e695ca2f283b5198347e63c182cb61a105dc8eb3225db13831f318587746467966f6e3b3a0643ae9d3a7ff0a002f9692e475485b289c0987d8154a4434df3594b7a1fc5e839d8e36b427286438088cdba37314cfbc6e7f60fec7047092c855a4541d3b7480aa24a31f35"}}, 0x87) ioctl$ASHMEM_SET_NAME(r0, 0x41007701, &(0x7f00000001c0)='/dev/usbmon#\x00') r2 = socket$inet6_udp(0xa, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000000)=@dstopts, 0x8) write$P9_RREAD(r1, &(0x7f0000000380)={0x72, 0x75, 0x1, {0x67, "89d305ba705a8adbf615418d4f2eaafcd8173f951a14c788ec288826d622ba8b3416340eab47776828765529a1d52485e1a7f14097f8ea98ee4a8c0f9a074e8bfc011271697ef15223e244dc08737845d0b009bb557d57881467ae0917755ba174627d2ae3058e"}}, 0x72) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c) write$P9_RXATTRWALK(r1, &(0x7f0000000400)={0xf, 0x1f, 0x2, 0x200}, 0xf) r3 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r3, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r2, &(0x7f0000005fc0), 0x8000000000000fc, 0x8000000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x4000000004002, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000440)={0x2710, 0x3, 0xd000, 0x1000, &(0x7f0000ffc000/0x1000)=nil}) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f00000002c0), 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r4, 0x0) lstat(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000500)) sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005ff0)={&(0x7f0000008000)=ANY=[@ANYBLOB="0500000004000000000000000000000000000000000000020100000000008000"], 0x20}}, 0x0) ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, &(0x7f00000000c0)=ANY=[@ANYBLOB]) write$binfmt_misc(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="164e9096ce016540627accafc3d41db9c916981893d5440ab73545e08303ad6c318837d35f2292a9798689962087eed30150286b08082d6b4c39248ed584992e1d80519d2cdbb81325cb69427160055ecabbdd738d10642a99a3ab75f00c13957af67f309b6af3cc00df5f98fcdfec2e266edde059804973710387b8e3c6b4fd0715d1c9aee90b13035813357bff93ce545186ae7817880c3433c69215"], 0x9d) write$P9_RFLUSH(r1, &(0x7f0000000480)={0x7, 0x6d, 0x1}, 0x7) 22:08:35 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:35 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:35 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x3fc, 0x105) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x8, 0x4b79, 0xffffffffffffffb6, 0x800, 0x3}, 0x14) mmap(&(0x7f0000000000/0xaa1000)=nil, 0xaa1000, 0x44, 0x32, 0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x82000300}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0c0028bd06000000df210300000008000100000000000c00040004000000000000000c0000000000000c00080006000000000000006f2d3e4681612abd1dd3879b469d3e60b794111c57f318a99e91591485500000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x800) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r2, 0x0, 0x2000000000480, &(0x7f0000059fe8)=""/24, &(0x7f0000c5dffc)=0xfdc0) 22:08:35 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:35 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:35 executing program 0: pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={0x0, r0, 0x0, 0xd, &(0x7f00000000c0)='lonodev\\self\x00'}, 0x30) listen(r1, 0x4) perf_event_open(&(0x7f0000000040)={0x7, 0x70, 0x2, 0x88, 0x10000, 0x9, 0x0, 0xbf2, 0x10048, 0x4, 0x100000001, 0xffff, 0x3, 0xffffffffffffffe1, 0x7, 0xffff, 0x8de, 0xa5, 0x9, 0x10001, 0x0, 0x3, 0x7, 0x2, 0x1, 0x800, 0x2, 0x0, 0x7, 0x14085e43, 0x7, 0x2, 0x101, 0x3, 0x8c4, 0x401, 0x5, 0x3, 0x0, 0x1172, 0x0, @perf_bp={&(0x7f0000000000), 0xe}, 0x400, 0x1, 0x8001, 0x1, 0xffffffff, 0x4, 0x5}, r2, 0x5, r1, 0x3) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f0000000200)) fcntl$setpipe(r0, 0x407, 0xffffffffffffffff) 22:08:35 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0/file0\x00', 0x3fc, 0x105) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0x8, 0x4b79, 0xffffffffffffffb6, 0x800, 0x3}, 0x14) mmap(&(0x7f0000000000/0xaa1000)=nil, 0xaa1000, 0x44, 0x32, 0xffffffffffffffff, 0x0) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x82000300}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0c0028bd06000000df210300000008000100000000000c00040004000000000000000c0000000000000c00080006000000000000006f2d3e4681612abd1dd3879b469d3e60b794111c57f318a99e91591485500000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x800) r2 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r2, 0x0, 0x2000000000480, &(0x7f0000059fe8)=""/24, &(0x7f0000c5dffc)=0xfdc0) 22:08:35 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:35 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:35 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) signalfd4(r1, &(0x7f0000000040)={0x3}, 0x8, 0x80800) close(r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = memfd_create(&(0x7f0000000100)="9099f73a1c7a8d070fc9118d5475663b2ed16f0008f441b01fd923c640a21c6619ecb5cf774b4a64549d57962a838f8edd993560a2f848bc483a9d16f602d4739aa45b3d5930d1865232afa712497380f8733173c58546fb224a6dd2e652c54dc25570fce3a59c1ee353a2dcdd719edc15752cee6ea21a24186d1ba23b0b61719b96815f5cbbb9", 0x0) write(r2, &(0x7f0000000540)='i', 0x1) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000080)) 22:08:35 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:35 executing program 3: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x400000, 0x0) ioctl$VIDIOC_STREAMON(r0, 0x40045612, &(0x7f00000000c0)=0x8) socketpair$unix(0x1, 0x4000005, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="0800000000000000f3ffffff018000007a0a00fffffffffd630108"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000040)=@framed={{}, [@jmp]}, &(0x7f0000000200)='syzkaller\x00', 0x84000001, 0x3259, &(0x7f0000000400)=""/187}, 0x48) 22:08:35 executing program 4: r0 = inotify_init() fremovexattr(r0, &(0x7f0000000000)=@known='system.sockprotoname\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:35 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) r2 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:36 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:36 executing program 4: inotify_init() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:36 executing program 1: syz_mount_image$vfat(&(0x7f0000000240)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x168e, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000040)="eb58906d6b66732e66617400100110", 0xf}], 0x0, &(0x7f0000000180)) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80000, 0x0) write$P9_RLCREATE(r0, &(0x7f0000000080)={0x18, 0xf, 0x1, {{0xc1, 0x4, 0x5}, 0x3}}, 0x18) 22:08:36 executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000200)={0x6, {{0xa, 0x4e23, 0x40, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x10}}, 0x8001}}}, 0x88) r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0) r2 = memfd_create(&(0x7f0000000100)="74086e750000000000000000008c00", 0x0) socketpair$unix(0x1, 0x40100000005, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0xa01, 0x0, 0x32e2}]}) ioctl$LOOP_SET_FD(r1, 0x1265, r2) 22:08:36 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) [ 280.923348] FAT-fs (loop1): bogus number of FAT structure [ 280.937957] FAT-fs (loop1): Can't find a valid FAT filesystem 22:08:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 3: sched_setaffinity(0x0, 0xfffffffffffffcbf, &(0x7f00000000c0)=0x8000009) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) set_robust_list(&(0x7f00000002c0)={&(0x7f0000000140)={&(0x7f0000000080)}, 0xb3f, &(0x7f0000000240)={&(0x7f0000000180)}}, 0x18) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$inet(0x2, 0x6000000000000003, 0x6) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000000)='tunl0\x00', 0x10) sendto$inet(r3, &(0x7f0000000100), 0x0, 0x404c0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10) sendto$inet(r3, &(0x7f00000003c0)="fb8198ae942ec5bea54ecaa27f98cc9c58dcd75537dd43046184c31e3be821bd0191fa65ef4e7aa37c4c37bf7aae751274bfecb0e07a400d4b774654758d532490a692", 0x43, 0x800, &(0x7f00000001c0)={0x2, 0x0, @broadcast}, 0xfffffee3) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$TIOCSCTTY(r0, 0x540e, 0xf9b) ioctl$SG_GET_COMMAND_Q(r0, 0x2270, &(0x7f0000000540)) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) write$FUSE_POLL(0xffffffffffffffff, &(0x7f0000000200)={0x18, 0x0, 0x6, {0xffffffffffffffff}}, 0x314) getpeername$unix(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)=0x6e) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000640), 0xffffffffffffffff) ioctl$KVM_GET_XCRS(r1, 0x8188aea6, &(0x7f0000000300)={0x3, 0x472815dd, [{0x3b0, 0x0, 0x3071f229}, {0x1, 0x0, 0x3a48}, {0x835, 0x0, 0x3}]}) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f0000000280)) sendmsg$nl_generic(r0, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB="900000002c00000129bd7000fbdbdf250600000014006b00fe8000000000000000000000000000bb040088005400010003c316a62737296f634d93a552305829c5e20cf9278cc809159db93e6dc17e584ab981865f1eb8250c824641924c1add90d4ffffd3ef5197487822048a617f61699ca85b52c29d37c9954c055909cd3b2a5642c2472e00100068004b6071250a"], 0x90}, 0x1, 0x0, 0x0, 0x4010}, 0x4) 22:08:36 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:36 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:36 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:36 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000005fd8)={'vcan0\x00'}) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") accept(r0, &(0x7f0000000080)=@can, &(0x7f0000000000)=0x80) sendmsg$can_raw(r0, &(0x7f0000001fc8)={&(0x7f000000a000), 0xffd1, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5f700000000000000004e2f9663a918fa1efd9b0b"}, 0xfeb8}}, 0x0) pipe(&(0x7f0000000040)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x3) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) unshare(0x20400) r3 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff) ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0) 22:08:36 executing program 5: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:36 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000300)={0x4, 0x3, 0x6, {0xf, @sdr={0x30395056, 0x3}}}) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:36 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:36 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:36 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r1, r0) 22:08:37 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f00000005c0)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000004000000000000000000001b"], 0x1) kexec_load(0x0, 0x7, &(0x7f00000005c0), 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, 0xf15f}) 22:08:37 executing program 1: syz_open_procfs(0x0, &(0x7f0000000000)='net/udp\x00') syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xfff, 0x20841) creat(&(0x7f0000000080)='./file0\x00', 0x40) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000001c0)='pids.max\x00', 0x2, 0x0) sendfile(r1, r1, 0x0, 0x20001) 22:08:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:37 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) r3 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000200)={0x2, "42daafaabbe6a1e8b298a2be96d29802e31db6495472adee317815b20c05ba40", 0x3, 0x1}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r1, r0) 22:08:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:37 executing program 3: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/dev\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000040)={0x5, 0x0, 0xe510a9a29b116a0d, 0x4cf}) ioctl$DRM_IOCTL_AGP_BIND(r2, 0x40106436, &(0x7f0000000080)={r3, 0x9}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffffffffffff018}, {0x80000000006}]}, 0xfffffd66) 22:08:37 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r0 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r1, r0) 22:08:37 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x208000) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:37 executing program 3: set_mempolicy(0x4003, &(0x7f0000000140)=0x6, 0x9) r0 = creat(&(0x7f0000000340)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x44000) fallocate(r0, 0x0, 0x0, 0xa6b9d) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000280)={0x2, 0x5, 0x800, 0x14c, '\x00', 0x6}) io_setup(0x80000002, &(0x7f0000000380)=0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000100)={0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x6c, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x20, &(0x7f0000000040)=[@fda={0x66646185, 0x3, 0x2, 0x18}, @fd={0x66642a85, 0x0, r0, 0x0, 0x1}], &(0x7f0000000080)=[0x0, 0x30, 0xceaa4d5682760d79, 0x48]}}}, @free_buffer={0x40086303, r2}, @enter_looper, @clear_death={0x400c630f, 0x0, 0x1}], 0xff8, 0x0, &(0x7f0000000580)="eecb688f5e945404ee2c0b2628c82927bf11cd1af1d29266dc939619c7eb3fe01677f0c45d5720e71bf16d3f5422167c8d2752401fe8d87b8ca8fe9ef39c3f2e049d5fa9e5d0afb718e54f7b26ff72b0d1e78ce8d1a0a0dfedbcfd35ae865897b803ef5226a9af73ead88054bbb7de735dbb01564e6f204c1aacc06bfb03f9ede974d7ca6fa003838227fb7f7dab941ff9e6bef8292e2f9e2c68f6add5174d2f283219eda049a8e410e4b378d0b9d1c311589860c3dd65e9832d75e0ae0634520f978e89c19eca83186ad22d3636e0819fb0dffe72331182d6c4c3cd3838620be2d4206d1a7b4f01460b8c453fd2d2513ef82f00c4d185c74ae5417cc6ad74599fdc90aef8d628a74ab4472f2a152a812eda9d7c357d409b9589115aabe4a86df9f43188b784941bd5985b3812353d06e3c6d19521e16dd71d67c823ca3d96ee214d24bb47abc6d3fb5837001a48ca3b11586f8345e08c303451d2c8bca29f05e344d011df5ab3d1769fa85f4419f927222e9725cccb0c8f2a4b932ce97ce26c487949b4ac210b47b88a975da2ef054acd115f291fd3ed42825d1d5c7e7da87d51d700eacc7aec48c68df41131c58327f154d043d2c784e260867c693ae556f92aef1662252aebb5b6cfcbfbaf00942b53ce7c09a6d228192fb0f23aa176f7ddf7d49d9856a8f2d31e3b0db94a4e8bd323eb6a09d56d1ed5e978fddb97b66473f8faef39d39f3c00894621723a3f994b67e31673ebd99dd259bd659d0df749f538f7249b4f2f804f04f7028369e901a2153a4a19c27fe120b85a4e62278a600d2189ea3ce6d1279919f8506e0aacef4ff0f52e381e27170c0fb604313b9690b9077ae8ce1799e47b5d3f77fb90e5c95e17b05ec1e372c190650cb86f4b84fa109f12f3f57cedb22881978ae74e00f870939bba689c859c98f0b7288afae11e09e82cba45face8b0628d1d9435cf12e7965ddc0d28a6c5ada04c3c3a398895c3c2be1a6f6ec813a6fbbe1db38201958b3b52c4564d145760662763ac7ffa9ed7e9f2a99eba9aa56ab402a2f70e63696f0c3b6cdc6c685461e3c15e9e2d0977db3063dd90a537d522eba9cf1ce95687975cb915ab2163888c02efe27d0786f92a9e2f56dd712b65cb53c2bea9cd3ee79e9a518f696cf61b15713c8c43abccbf5e37736a765951181272c45a08e34f9db9e06508aaf0d6b99727e5b75161c7f068e2c81a4260f47cf61c057e52e466618bf93a4f71d4b58347a046e9a23e03953c35348391646778d9628c045cba4888addd671a714d6e9c4cf8f49bb5425e5ef1abdb8560114635898f127b743d3c41d306257af002687ffc057fb9a96e5fcf611be35eea02d3e3ed079ac2308bc92b07e6bc20673c2f81165ba4e0dc5b40286a02dfee0f286dd8d2f90f9d4dcb704f4ba90fe54b8bf97ecd9095d87aeee8eb4e8c8c4a09940b3cd0cac30261aa854bf6f07d680abd2d85fb2b536052bb3eb62a465e2f380dc02ed3e8ffafad6d00d9ae6785ffe14aa3acf8b662e668c13cacb71be42b04c3fc134d09320820f89479f18cfe13f7dd2b3e76a9f2a203744986dd498f5895d4f4a6c22b8a0cdaf56b5cb6d7142f590ffac19281f26f4f326905b50b7b73f464ccca7397107f2030de1dc69fd9e62fb96279846f177236c560596ab67c1ad8de5fe82dec8dfb7c6011434e010ebf174292b6f684ff559f3da637d24ab4a26c69a0a025c00cff62a7caf5b0dc21df7d212eecea3dd321b6f8cb7a250905eb78260742192fd45365cc5ad73193be7677c7723767ee7b984cebed60edce64b444e874a9d14abe2a1e39f1c0819c588972b069b8ed1d070d3bfa40491ea50aecd6c2c0c471a93906f25450c9f17d0aa47c5c6530850b5c9c1f980be8b3910124aa8be00e60fb6969e4cc2aabb8f278b0877d285e071e57c0352a606faa555a8ec93fa25e2a10690f8b69fbd0e3865f3a7a096d80a9b20df71451fe95fae62df1907465c6255540ac3c8e1a07a0169ad4e0fa7fe24ba023642aece02c4539fa503f70c174fc48b9105576632a39cfcf170bbf97e7001393df5d34607a26061b51200bbf88d2fc03424a05af22310c8a267711ece8507ca9af3d763cf72ae56fb333d4aa084f66322fec0f7169479c138728e6c2544b0dcb89a5b41b5c830d291e97be0d0bb67a69efc5892db077134964b6ad6860bf50f457886df962ec64fb428c469446b087ef47890515583fcac56218f653e720169a0562428cbadcd16b09dcda25483994a89a679fe74791c3865ca093faadaef6d3d458ddb77928354c824492b9f928da10c97aba66675027cd554bf6b5ad797d80bbcaca10261741b597383a384169a951bb64252bacfd80d61f3c44115e8c884ba96d693ac11384319fa8dd1dcceb7db8445cbf66d1b9435df22d6aaf381efefacc949f0d3063c91864fc00666a129a207ed4c89117414a3564612add521ad56b4274b30b643dac808e8b43dc508f70ebd9d01b83f386f4cb8f7c965e2e6756e868f55c58dc2fc3a6ec6588def030d8f937f9b6f7695d91cc30612a74f380a5cff91d6bc0f00b2bc5a5de675d8e30bc5066ff4363aa4f0e346873ab238e7483b9a630447f4a5145b64d9810486d06f479ffd1cd19be4e9b47d2d14f018d26a52ce58644f0d5060677db45254ddbe85d10e21e5a9e390580bebf42ae4b97163fd75cc3bb03750c6b04a4281cbb2756b28483101b9411a311f621e3ad7abd4cc6357153600def4e0ea5709b1c527259e5f220759804e3c39c34c91cc13b14db434ded7ecd2f013703c22721dfb8d958880e8626907ff0c6c2f3826e5981101c209134d0d35e9c0d7f3bc5d8c6f0f2a75b7197c08ebaab7ac87171890b261800b2d516b6c047d92d7154faf04e1b4a7710773def587692abeeeab29c0d7fef13d4b8567c5a312d6f68e2fc4c20b357ff83f819fecc9df20c95423cb7bb5fadfaea5b9ddd3c3a8e9faec1784d1da372e4a6b395a5b1bdc6e664dcdf346a64936ac28e1fa3ed19acbb77b9ef90de4ac8078084f27ea3f567f84f6b3e88ad85fd3ceca4a95007bd8a9e00c34b05d6e50c1f05876061d903334fd1dd2d9a7bf3eb4df0c7f6c59cc660e30e2bc2fc08e5a441e5609d013ab7afb2c45b561495c9f1793dca4b0e2d013d29002e896bc6ca53fefc1cb8a7e5348f3904691e1dd78d3256d933c94046b697327c5a3bcc969afab96ddc0559fc704c2cd38e6809fa257d8ae304eef10b5fde2fbc682a5e96d81195b90731c61da1f11c7b637265af862a4961dd0bdcfc88da5bb443d6c2f267827934439d2f1d71826794dd44171972de2d5ad67ccd0a20cb9e9d13dd80841bdf2ee6b43ba9612fc1835b3e4e1e9b4c0ac9dd1fa8e1fe9ddd8a9d413268035aa56c640a77d6ab56773e87b81b1a15d1db7dd789a25e3fa40083bde539a5d63bc6a98d43a3ecb3b20c88d26936e62955699fc8abb7a4d1236478f62f754de2d90adfb7e099b3ef4b14fc3ae0fd01fd961c497edae6e1f21fbda63aaf907b6271b24e8a1fd8959c5616bde7cf6137b75de093c658d073ab6a30ea4da8812ad90ee3e4db6c53e4e45859a9289e3dd93753e7b0eedf2f7567ebbe4ac25429845c6c8f637d137a7705ef136a648574eb89bbb364d3a6860ee52ee904eea295521e78deb247e7f39c5cfd5fad4f46a230440273a31a6914607db97ef1a36aa61b180c2a299ef2a70b87b59b94101e9ce8b6ac2c91f40d6b0be13a5d32d8563e8c29e5b32b411b0ef1589139bc654fed3fd7e26e7a24ca86d217c8b5d02173f44bdd6dc15f65e1887efc21b095d5faacf4f58436a1051b20d0273251bb5a4aa644999c4a10436e417962a809c945d553dfb27643dd5dd78486cd8c069cb61a81db5cc59d9cde61499ad76a07fd0179284df15fae9ef3237fe05326f4177122c5482cc37ce61b26bab986eeba12b76b42fd1eb44cd4acd221e0bb454b67d4eb9a46cedba5dd218be06a2d179e82961868bf4e5dd5bd3dc811978833182398ede13bb5edaabf718c5e6b337457ed6dfcb06cdf40cfb7e601383a42e42fcc078b1348db3ebbe18f1fc310e0b9d642801b74903085970d2e7df3a25b55e557fc3a6d33c0d831d59935c388ade256d8a64abbde02542f24f84cf80b8a32ecfdf04c02efa76a6ba2cdb1e9a4539a205abd659b0dceab9b2c35d2ae829fc7b05da9a37b3110c4a31d5540c481ffe8c5ace998694180a466272ffc5040073022971a884d573a57e2b7d7c5ae3fdd34ca8e44c12497ad2833752680cf894ee7edc5e24b1f0e79c8093be2971023a25fafd680b818fead86534591c2db9bdceb67a0323ca925d6198404b53686012bd0417648c1fd97ecdb2514a8186dd279dabdc9323683cb30f09c6fcd065dbdfd9ef0ffe30a25a89996717108520ff9d5745e9585ef27897bb325ab1439f61c92ac8d586a35545aacc2ffaac0be953afcaf0498a6a99fd10ccff90420a8f4f9917ec049dd6125f6ef743d058c1f44b8b786e7457b3b9cda56e106671cfbd944f8e9e03c44a28c56e22b1d761be222675dc29bd3c55380a319e8c53a1edcee26483b5bd06c468c21dd3d66a71ac04ca5cc5d2b9e031824832743cfa7323efdb8d140ec97e707c81549a8d207726ea7b5f89314ec02391cf2056e879956aeffbbaaff7db3b08f400492a0691e5703773765f40b0a21370cb28ae796a6b3d34c3e33d6b4bd85860c5bac19e6d1dc49cd539d226cf780daad4a5d8a67f375f1a3453c81d7cf325a74852adf9f9f934cf6b0d4f1b67222a842426c168c8c97c30b86e88f871600c8ec363dc887d27d362aa161de046243f48c132642901136a118b2429b21aab10f68ee2ee27d26dc42408d3ca9925937ceacdbe48a33be91da8a782d1f6445422ba87c2b16a8fc7845362c2928b5e7b767fb6785ae0c9c95eef3031124152bef49f3c138a0e5f3a8027f398c2d83480ad98a4d0a1f030fecee48fa881325d1e8cef636d75668c7f42a3a87fbce4eece3e9e76f7fa54bafc96c02fb5028fdc2519d46db9d909abd7c05318f736b5d27672bb050d935cdbe5f1b9577202ba0f4928a789d56f11ec6930423436e666ddf35c2dd46a39ed1cea77a799a8857b0a1c8b5624a7280ff9e74457af22d2a47ba1a4168fe4d340b7226a360990084d8372a4b96efc8cf5c1e5f735ed862403fb942a9feb24fc1cd3d18f3474671b3445d24419c68ee5b6748399483929d006453d144da99decb424a3d39f03e1c3da985535d77367265fb4c1091d45fec8bb4fa3469b5242f50c1bd366e61c8d8b671102d1bb2982a7558dd4b3b29ffa215ccbbc57f1af08121b5169cad0c00b84c7760b920d069c137149f1f21a700717f58a10d85a94d17edbd75b3dd6f2361dc0a839f7040d98a8d2b5781ebc350bdebfcb325d24050b462caa98a5a2b89cacf4bc96de35d9d8e3fece88eabb151c44bc9a41cc71dafd126a8410590cd04945b0e44d70de826ff85a6443d4f30622dad33b2eae5b777b8fa1a463d73f125e19aee08495a55fb9eb65252759dead68d1b8ef96e26fe21d76f661ff1abb192bf16fdc54f5ef59adc36a3a976d656d478eebad527d19be9e3564eed39dce9c02474cfa6be55ca05796e5ad58723ead53fd2afdc3da59fd34d0ee2930f1c18bcef73a1b5b3109ff2eca7234ef3511fd3a6dd18c514a93ee8eaca968f8e53ed6c9ad3b07dcb3e5d49d2fe588158dd2a48ba4aa5af3f560cb4f3f4f5b669a9a9d41fe5b4aaccb5f1c463b0da35c"}) io_submit(r1, 0x653, &(0x7f0000000540)=[&(0x7f00000000c0)={0x804000000000000, 0x0, 0x8, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7, 0xc00}]) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) 22:08:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:37 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x600480, 0x40) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000080)=0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r1, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") prctl$setmm(0x23, 0x7, &(0x7f0000fff000/0x1000)=nil) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000040)={@multicast2, @loopback, 0x0}, &(0x7f0000000200)=0xc) sendto$packet(r0, &(0x7f0000000100)="9020292bfb936c0c08532c3dfeff8d6904ea2c4f7dfc884808fa55d880b46cc7f30d8ff6ad83d3dcd9b6a3b2516fbdfba97e8c3973b706a81d920f323b5a0ce0172a262ab8ad4a74a0960328741a51ad87a1ca3c70d7230549245afc73f46192e4aabe4fd20963098f8604a07561273bd522efe22c69c828b5ee73f75d73e9380cf39e591fc83188a8049052d936decc0506b0f0", 0x94, 0x1, &(0x7f0000000240)={0x11, 0x19, r2, 0x1, 0x8, 0x6, @dev={[], 0xe}}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8dc, 0x20}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xd, 0x5, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1, 0x9c}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x14) 22:08:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:37 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:37 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:37 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:37 executing program 3: r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000), 0x17d) unshare(0x400) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x420000) write$P9_RMKNOD(r1, &(0x7f0000000080)={0x14, 0x13, 0x2, {0x80, 0x1, 0x2}}, 0x14) signalfd(r0, &(0x7f00000000c0), 0x8) 22:08:37 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r2, r1) 22:08:38 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(0xffffffffffffffff, r1) 22:08:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:38 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) dup2(r1, 0xffffffffffffffff) 22:08:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:38 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:39 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:39 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:39 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:39 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:39 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x0) 22:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) umount2(&(0x7f0000000040)='./file0\x00', 0x4000000008) 22:08:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:40 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 4 (fault-call:1 fault-nth:0): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 285.550362] FAULT_INJECTION: forcing a failure. [ 285.550362] name failslab, interval 1, probability 0, space 0, times 1 22:08:40 executing program 5 (fault-call:1 fault-nth:0): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:40 executing program 3 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 285.646365] CPU: 0 PID: 8618 Comm: syz-executor4 Not tainted 4.19.0-next-20181029+ #100 [ 285.654628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.664057] Call Trace: [ 285.666738] dump_stack+0x244/0x39d [ 285.670404] ? dump_stack_print_info.cold.1+0x20/0x20 [ 285.672566] FAULT_INJECTION: forcing a failure. [ 285.672566] name failslab, interval 1, probability 0, space 0, times 1 [ 285.675663] ? get_pid_task+0xd6/0x1a0 [ 285.675724] should_fail.cold.4+0xa/0x17 [ 285.694821] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 285.699971] ? __f_unlock_pos+0x19/0x20 [ 285.704016] ? lock_downgrade+0x900/0x900 [ 285.708215] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 285.713772] ? proc_fail_nth_write+0x9e/0x210 [ 285.718274] ? proc_cwd_link+0x1d0/0x1d0 [ 285.722348] ? find_held_lock+0x36/0x1c0 [ 285.726484] ? perf_trace_sched_process_exec+0x860/0x860 [ 285.731944] ? __lock_is_held+0xb5/0x140 [ 285.736062] __should_failslab+0x124/0x180 [ 285.740362] should_failslab+0x9/0x14 22:08:41 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 285.744200] __kmalloc_track_caller+0x2d1/0x760 [ 285.748886] ? strncpy_from_user+0x5a0/0x5a0 [ 285.753300] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 285.758845] ? strndup_user+0x77/0xd0 [ 285.762661] memdup_user+0x2c/0xa0 [ 285.766212] strndup_user+0x77/0xd0 [ 285.769856] ksys_mount+0x3c/0x140 [ 285.773415] __x64_sys_mount+0xbe/0x150 [ 285.777467] do_syscall_64+0x1b9/0x820 [ 285.781410] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 285.786790] ? syscall_return_slowpath+0x5e0/0x5e0 [ 285.791730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 285.796652] ? trace_hardirqs_on_caller+0x310/0x310 [ 285.801684] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 285.806716] ? prepare_exit_to_usermode+0x291/0x3b0 [ 285.811744] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 285.816603] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 285.821793] RIP: 0033:0x457569 [ 285.824995] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 285.843915] RSP: 002b:00007f9081cc8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 285.851638] RAX: ffffffffffffffda RBX: 00007f9081cc8c90 RCX: 0000000000457569 [ 285.858920] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 285.866198] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 285.873473] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9081cc96d4 [ 285.880749] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 285.888645] FAULT_INJECTION: forcing a failure. 22:08:41 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r0, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:41 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 285.888645] name failslab, interval 1, probability 0, space 0, times 1 [ 285.913580] CPU: 1 PID: 8628 Comm: syz-executor5 Not tainted 4.19.0-next-20181029+ #100 [ 285.921776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.931143] Call Trace: [ 285.933763] dump_stack+0x244/0x39d [ 285.937419] ? dump_stack_print_info.cold.1+0x20/0x20 [ 285.942627] ? get_pid_task+0xd6/0x1a0 [ 285.946535] should_fail.cold.4+0xa/0x17 [ 285.950611] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 285.955738] ? __f_unlock_pos+0x19/0x20 [ 285.959731] ? lock_downgrade+0x900/0x900 [ 285.963910] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 285.969456] ? proc_fail_nth_write+0x9e/0x210 [ 285.973965] ? proc_cwd_link+0x1d0/0x1d0 [ 285.978063] ? find_held_lock+0x36/0x1c0 [ 285.982164] ? perf_trace_sched_process_exec+0x860/0x860 [ 285.987634] ? __lock_is_held+0xb5/0x140 [ 285.991718] __should_failslab+0x124/0x180 [ 285.995969] should_failslab+0x9/0x14 [ 285.999777] __kmalloc_track_caller+0x2d1/0x760 [ 286.004460] ? strncpy_from_user+0x5a0/0x5a0 [ 286.008885] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 286.014447] ? strndup_user+0x77/0xd0 [ 286.018265] memdup_user+0x2c/0xa0 [ 286.021824] strndup_user+0x77/0xd0 [ 286.025469] ksys_mount+0x3c/0x140 [ 286.029026] __x64_sys_mount+0xbe/0x150 [ 286.033026] do_syscall_64+0x1b9/0x820 [ 286.036936] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 286.042317] ? syscall_return_slowpath+0x5e0/0x5e0 [ 286.047258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.052111] ? trace_hardirqs_on_caller+0x310/0x310 [ 286.057143] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 286.059026] FAULT_INJECTION: forcing a failure. [ 286.059026] name failslab, interval 1, probability 0, space 0, times 0 [ 286.062175] ? prepare_exit_to_usermode+0x291/0x3b0 [ 286.062198] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.062227] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.088443] RIP: 0033:0x457569 [ 286.091641] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.110554] RSP: 002b:00007fa5d2e2cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 286.118276] RAX: ffffffffffffffda RBX: 00007fa5d2e2cc90 RCX: 0000000000457569 [ 286.125552] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 286.132827] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 286.140100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5d2e2d6d4 22:08:41 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r0, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:41 executing program 4 (fault-call:1 fault-nth:1): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 286.147375] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 286.154681] CPU: 0 PID: 8641 Comm: syz-executor4 Not tainted 4.19.0-next-20181029+ #100 [ 286.162839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.172196] Call Trace: [ 286.174802] dump_stack+0x244/0x39d [ 286.178448] ? dump_stack_print_info.cold.1+0x20/0x20 [ 286.183654] ? __kernel_text_address+0xd/0x40 [ 286.188221] ? unwind_get_return_address+0x61/0xa0 [ 286.193157] should_fail.cold.4+0xa/0x17 22:08:41 executing program 5 (fault-call:1 fault-nth:1): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 286.197223] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 286.202339] ? save_stack+0x43/0xd0 [ 286.205956] ? kasan_kmalloc+0xc7/0xe0 [ 286.209839] ? __kmalloc_track_caller+0x157/0x760 [ 286.214685] ? memdup_user+0x2c/0xa0 [ 286.218416] ? do_syscall_64+0x1b9/0x820 [ 286.222484] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.227854] ? proc_fail_nth_write+0x9e/0x210 [ 286.232356] ? proc_cwd_link+0x1d0/0x1d0 [ 286.236441] ? find_held_lock+0x36/0x1c0 [ 286.240582] ? perf_trace_ext4_ext_in_cache+0x618/0x7b0 [ 286.245968] ? perf_trace_sched_process_exec+0x860/0x860 [ 286.245992] ? lock_release+0xa10/0xa10 [ 286.246004] ? perf_trace_sched_process_exec+0x860/0x860 [ 286.246027] __should_failslab+0x124/0x180 [ 286.246056] should_failslab+0x9/0x14 [ 286.246069] __kmalloc_track_caller+0x2d1/0x760 [ 286.246085] ? strncpy_from_user+0x5a0/0x5a0 [ 286.246099] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 286.265339] ? strndup_user+0x77/0xd0 [ 286.265361] memdup_user+0x2c/0xa0 [ 286.265382] strndup_user+0x77/0xd0 [ 286.294711] ksys_mount+0x73/0x140 [ 286.298273] __x64_sys_mount+0xbe/0x150 [ 286.302268] do_syscall_64+0x1b9/0x820 [ 286.306173] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 286.311552] ? syscall_return_slowpath+0x5e0/0x5e0 [ 286.316488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.321345] ? trace_hardirqs_on_caller+0x310/0x310 [ 286.326376] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 286.331419] ? prepare_exit_to_usermode+0x291/0x3b0 [ 286.336449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.341312] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.346509] RIP: 0033:0x457569 [ 286.349715] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.367363] FAULT_INJECTION: forcing a failure. [ 286.367363] name failslab, interval 1, probability 0, space 0, times 0 [ 286.368624] RSP: 002b:00007f9081cc8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 286.368641] RAX: ffffffffffffffda RBX: 00007f9081cc8c90 RCX: 0000000000457569 [ 286.368650] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 286.368674] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 286.409350] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9081cc96d4 [ 286.416630] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 286.427767] CPU: 1 PID: 8630 Comm: syz-executor3 Not tainted 4.19.0-next-20181029+ #100 [ 286.435934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.445295] Call Trace: [ 286.447909] dump_stack+0x244/0x39d [ 286.451562] ? dump_stack_print_info.cold.1+0x20/0x20 [ 286.456769] ? get_pid_task+0xd6/0x1a0 [ 286.460676] should_fail.cold.4+0xa/0x17 [ 286.464770] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 286.469900] ? __f_unlock_pos+0x19/0x20 [ 286.473899] ? lock_downgrade+0x900/0x900 [ 286.478069] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 286.483622] ? proc_fail_nth_write+0x9e/0x210 [ 286.488133] ? proc_cwd_link+0x1d0/0x1d0 [ 286.492212] ? find_held_lock+0x36/0x1c0 [ 286.496354] ? nsm_mon_unmon+0x468/0x590 [ 286.500448] ? perf_trace_sched_process_exec+0x860/0x860 [ 286.505912] ? __lock_is_held+0xb5/0x140 [ 286.509990] __should_failslab+0x124/0x180 [ 286.514236] should_failslab+0x9/0x14 [ 286.518058] __kmalloc_track_caller+0x2d1/0x760 [ 286.522741] ? strncpy_from_user+0x5a0/0x5a0 [ 286.527159] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 286.532710] ? strndup_user+0x77/0xd0 [ 286.536522] memdup_user+0x2c/0xa0 [ 286.540075] strndup_user+0x77/0xd0 [ 286.543713] ksys_mount+0x3c/0x140 [ 286.547268] __x64_sys_mount+0xbe/0x150 [ 286.551254] do_syscall_64+0x1b9/0x820 [ 286.555156] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 286.560538] ? syscall_return_slowpath+0x5e0/0x5e0 [ 286.565475] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.570332] ? trace_hardirqs_on_caller+0x310/0x310 [ 286.575356] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 286.580385] ? prepare_exit_to_usermode+0x291/0x3b0 [ 286.585413] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.590278] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.595469] RIP: 0033:0x457569 [ 286.598672] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.617586] RSP: 002b:00007f50d0373c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 286.625311] RAX: ffffffffffffffda RBX: 00007f50d0373c90 RCX: 0000000000457569 [ 286.632588] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 286.639862] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 22:08:42 executing program 4 (fault-call:1 fault-nth:2): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:42 executing program 1 (fault-call:2 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:42 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r0, r1, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r0, r0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 286.647146] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f50d03746d4 [ 286.654866] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 286.662203] CPU: 0 PID: 8651 Comm: syz-executor5 Not tainted 4.19.0-next-20181029+ #100 [ 286.670365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.670371] Call Trace: [ 286.670412] dump_stack+0x244/0x39d [ 286.670436] ? dump_stack_print_info.cold.1+0x20/0x20 [ 286.691878] ? __kernel_text_address+0xd/0x40 [ 286.696392] ? unwind_get_return_address+0x61/0xa0 [ 286.701351] should_fail.cold.4+0xa/0x17 [ 286.705430] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 286.705461] ? save_stack+0x43/0xd0 [ 286.705476] ? kasan_kmalloc+0xc7/0xe0 [ 286.705491] ? __kmalloc_track_caller+0x157/0x760 [ 286.705512] ? memdup_user+0x2c/0xa0 [ 286.714253] ? do_syscall_64+0x1b9/0x820 [ 286.714271] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.714288] ? proc_fail_nth_write+0x9e/0x210 [ 286.714303] ? proc_cwd_link+0x1d0/0x1d0 [ 286.714324] ? find_held_lock+0x36/0x1c0 [ 286.723070] ? perf_trace_sched_process_exec+0x860/0x860 [ 286.723088] ? lock_release+0xa10/0xa10 [ 286.723109] ? perf_trace_sched_process_exec+0x860/0x860 [ 286.730869] __should_failslab+0x124/0x180 [ 286.730892] should_failslab+0x9/0x14 [ 286.730908] __kmalloc_track_caller+0x2d1/0x760 [ 286.730928] ? strncpy_from_user+0x5a0/0x5a0 [ 286.730949] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 286.740797] ? strndup_user+0x77/0xd0 [ 286.740818] memdup_user+0x2c/0xa0 [ 286.740837] strndup_user+0x77/0xd0 [ 286.740859] ksys_mount+0x73/0x140 [ 286.800905] __x64_sys_mount+0xbe/0x150 [ 286.804902] do_syscall_64+0x1b9/0x820 [ 286.808804] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 286.814185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 286.819121] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.823970] ? trace_hardirqs_on_caller+0x310/0x310 [ 286.828994] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 286.834020] ? prepare_exit_to_usermode+0x291/0x3b0 [ 286.839070] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 286.843927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 286.849123] RIP: 0033:0x457569 [ 286.852319] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 286.871227] RSP: 002b:00007fa5d2e2cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 286.878957] RAX: ffffffffffffffda RBX: 00007fa5d2e2cc90 RCX: 0000000000457569 [ 286.886237] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 286.893522] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 286.900803] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5d2e2d6d4 [ 286.908080] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:42 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:42 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 286.943222] FAULT_INJECTION: forcing a failure. [ 286.943222] name failslab, interval 1, probability 0, space 0, times 0 [ 286.961475] FAULT_INJECTION: forcing a failure. [ 286.961475] name failslab, interval 1, probability 0, space 0, times 0 [ 286.975250] CPU: 0 PID: 8664 Comm: syz-executor4 Not tainted 4.19.0-next-20181029+ #100 [ 286.983428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 22:08:42 executing program 5 (fault-call:1 fault-nth:2): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 286.992795] Call Trace: [ 286.995416] dump_stack+0x244/0x39d [ 286.999078] ? dump_stack_print_info.cold.1+0x20/0x20 [ 287.004290] ? __kernel_text_address+0xd/0x40 [ 287.008795] ? unwind_get_return_address+0x61/0xa0 [ 287.008820] should_fail.cold.4+0xa/0x17 [ 287.008840] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.008865] ? kasan_kmalloc+0xc7/0xe0 [ 287.017855] ? __kmalloc_track_caller+0x157/0x760 [ 287.017871] ? memdup_user+0x2c/0xa0 [ 287.017887] ? zap_class+0x640/0x640 [ 287.017902] ? do_syscall_64+0x1b9/0x820 [ 287.017919] ? proc_fail_nth_write+0x9e/0x210 [ 287.017933] ? proc_cwd_link+0x1d0/0x1d0 [ 287.017957] ? find_held_lock+0x36/0x1c0 [ 287.055863] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.061334] ? lock_release+0xa10/0xa10 [ 287.065326] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.070855] ? usercopy_warn+0x110/0x110 [ 287.070879] __should_failslab+0x124/0x180 [ 287.079186] should_failslab+0x9/0x14 [ 287.083006] kmem_cache_alloc_trace+0x2d7/0x750 [ 287.083029] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:08:42 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 287.083132] ? _copy_from_user+0xdf/0x150 [ 287.083155] copy_mount_options+0x5f/0x430 [ 287.101727] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 287.107284] ksys_mount+0xd0/0x140 [ 287.107307] __x64_sys_mount+0xbe/0x150 [ 287.107329] do_syscall_64+0x1b9/0x820 [ 287.107346] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 287.107365] ? syscall_return_slowpath+0x5e0/0x5e0 [ 287.107379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.107405] ? trace_hardirqs_on_caller+0x310/0x310 [ 287.107423] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 287.107443] ? prepare_exit_to_usermode+0x291/0x3b0 [ 287.118827] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.153814] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.159015] RIP: 0033:0x457569 [ 287.162233] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.175993] FAULT_INJECTION: forcing a failure. [ 287.175993] name failslab, interval 1, probability 0, space 0, times 0 [ 287.181146] RSP: 002b:00007f9081cc8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.181161] RAX: ffffffffffffffda RBX: 00007f9081cc8c90 RCX: 0000000000457569 [ 287.181169] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 287.181178] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 287.181187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9081cc96d4 [ 287.181196] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 287.196335] CPU: 0 PID: 8661 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 287.244791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.254157] Call Trace: [ 287.256760] dump_stack+0x244/0x39d [ 287.260415] ? dump_stack_print_info.cold.1+0x20/0x20 [ 287.265625] ? get_pid_task+0xd6/0x1a0 [ 287.269538] should_fail.cold.4+0xa/0x17 [ 287.273620] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.278746] ? __f_unlock_pos+0x19/0x20 [ 287.282738] ? lock_downgrade+0x900/0x900 [ 287.286919] ? mark_held_locks+0xc7/0x130 [ 287.291104] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 287.295891] ? find_held_lock+0x36/0x1c0 [ 287.300072] ? e1000_check_for_copper_link_ich8lan+0x4b8/0x24a0 [ 287.306178] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.311652] ? retint_kernel+0x2d/0x2d [ 287.315583] __should_failslab+0x124/0x180 [ 287.319853] should_failslab+0x9/0x14 [ 287.323700] __kmalloc_track_caller+0x2d1/0x760 [ 287.328393] ? strncpy_from_user+0x5a0/0x5a0 [ 287.332839] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 287.338408] ? strndup_user+0x77/0xd0 22:08:42 executing program 4 (fault-call:1 fault-nth:3): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 287.342237] memdup_user+0x2c/0xa0 [ 287.345796] strndup_user+0x77/0xd0 [ 287.349458] ksys_mount+0x3c/0x140 [ 287.353042] __x64_sys_mount+0xbe/0x150 [ 287.357055] do_syscall_64+0x1b9/0x820 [ 287.360959] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 287.366377] ? syscall_return_slowpath+0x5e0/0x5e0 [ 287.371339] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.376202] ? trace_hardirqs_on_caller+0x310/0x310 [ 287.376220] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 287.376237] ? prepare_exit_to_usermode+0x291/0x3b0 [ 287.376266] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.391326] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.391341] RIP: 0033:0x457569 [ 287.391358] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.391368] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.391384] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 287.391399] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 287.391414] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 287.430736] FAULT_INJECTION: forcing a failure. [ 287.430736] name failslab, interval 1, probability 0, space 0, times 0 [ 287.431240] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 287.431251] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 287.481218] CPU: 1 PID: 8677 Comm: syz-executor5 Not tainted 4.19.0-next-20181029+ #100 [ 287.489383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.498747] Call Trace: [ 287.501354] dump_stack+0x244/0x39d [ 287.505005] ? dump_stack_print_info.cold.1+0x20/0x20 [ 287.510218] ? __kernel_text_address+0xd/0x40 [ 287.514730] ? unwind_get_return_address+0x61/0xa0 [ 287.519917] should_fail.cold.4+0xa/0x17 [ 287.523999] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.529136] ? kasan_kmalloc+0xc7/0xe0 [ 287.533039] ? __kmalloc_track_caller+0x157/0x760 [ 287.537909] ? memdup_user+0x2c/0xa0 [ 287.541643] ? zap_class+0x640/0x640 [ 287.545365] ? do_syscall_64+0x1b9/0x820 [ 287.549436] ? proc_fail_nth_write+0x9e/0x210 [ 287.553940] ? proc_cwd_link+0x1d0/0x1d0 [ 287.558018] ? find_held_lock+0x36/0x1c0 [ 287.562173] ? udf_setsize+0x988/0x1080 [ 287.566173] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.571629] ? lock_release+0xa10/0xa10 [ 287.575610] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.581080] ? usercopy_warn+0x110/0x110 [ 287.585155] __should_failslab+0x124/0x180 [ 287.589406] should_failslab+0x9/0x14 [ 287.593215] kmem_cache_alloc_trace+0x2d7/0x750 [ 287.597905] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 287.603461] ? _copy_from_user+0xdf/0x150 [ 287.607633] copy_mount_options+0x5f/0x430 [ 287.611887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 287.617451] ksys_mount+0xd0/0x140 [ 287.621013] __x64_sys_mount+0xbe/0x150 [ 287.625012] do_syscall_64+0x1b9/0x820 [ 287.628917] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 287.634742] ? syscall_return_slowpath+0x5e0/0x5e0 [ 287.639694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.644556] ? trace_hardirqs_on_caller+0x310/0x310 [ 287.649592] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 287.655138] ? prepare_exit_to_usermode+0x291/0x3b0 [ 287.660180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.665052] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.670272] RIP: 0033:0x457569 [ 287.673485] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n.sd\x00', 0x0, &(0x7f0000000100)) [ 287.692399] RSP: 002b:00007fa5d2e0bc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.700128] RAX: ffffffffffffffda RBX: 00007fa5d2e0bc90 RCX: 0000000000457569 [ 287.707413] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 287.714696] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 287.721977] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa5d2e0c6d4 [ 287.729256] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 287.736565] CPU: 0 PID: 8681 Comm: syz-executor4 Not tainted 4.19.0-next-20181029+ #100 22:08:43 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 287.744731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 287.754099] Call Trace: [ 287.756706] dump_stack+0x244/0x39d [ 287.760345] ? dump_stack_print_info.cold.1+0x20/0x20 [ 287.765545] ? find_held_lock+0x36/0x1c0 [ 287.769619] should_fail.cold.4+0xa/0x17 [ 287.773691] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 287.778868] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 287.783812] ? kasan_check_read+0x11/0x20 [ 287.788012] ? rcu_softirq_qs+0x20/0x20 [ 287.792003] ? rcu_softirq_qs+0x20/0x20 [ 287.795989] ? unwind_dump+0x190/0x190 [ 287.799892] ? find_held_lock+0x36/0x1c0 [ 287.804040] ? btrfs_fallocate_update_isize+0x118/0x1a0 [ 287.809437] ? perf_trace_sched_process_exec+0x860/0x860 [ 287.814893] ? save_stack+0xa9/0xd0 [ 287.818528] ? kmem_cache_alloc_trace+0x152/0x750 [ 287.823375] ? copy_mount_options+0x5f/0x430 [ 287.827793] __should_failslab+0x124/0x180 [ 287.832047] should_failslab+0x9/0x14 [ 287.835855] kmem_cache_alloc+0x2be/0x730 [ 287.840195] ? find_held_lock+0x36/0x1c0 [ 287.844314] getname_flags+0xd0/0x590 [ 287.848127] user_path_at_empty+0x2d/0x50 [ 287.852284] do_mount+0x180/0x1ff0 [ 287.855830] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 287.861376] ? rcu_pm_notify+0xc0/0xc0 [ 287.865275] ? copy_mount_string+0x40/0x40 [ 287.869523] ? copy_mount_options+0x5f/0x430 [ 287.873941] ? rcu_read_lock_sched_held+0x14f/0x180 [ 287.878964] ? kmem_cache_alloc_trace+0x353/0x750 [ 287.883816] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 287.889363] ? _copy_from_user+0xdf/0x150 [ 287.893523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 287.899073] ? copy_mount_options+0x315/0x430 [ 287.903580] ksys_mount+0x12d/0x140 [ 287.907220] __x64_sys_mount+0xbe/0x150 [ 287.911203] do_syscall_64+0x1b9/0x820 [ 287.915093] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 287.920466] ? syscall_return_slowpath+0x5e0/0x5e0 [ 287.925404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.930270] ? trace_hardirqs_on_caller+0x310/0x310 [ 287.935302] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 287.940338] ? prepare_exit_to_usermode+0x291/0x3b0 [ 287.945374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 287.950240] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 287.955435] RIP: 0033:0x457569 [ 287.958634] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 287.977548] RSP: 002b:00007f9081cc8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 287.985275] RAX: ffffffffffffffda RBX: 00007f9081cc8c90 RCX: 0000000000457569 [ 287.992562] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 287.999844] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 288.007122] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9081cc96d4 [ 288.014408] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:43 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:43 executing program 1 (fault-call:2 fault-nth:1): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n/sd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n.sd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:43 executing program 0 (fault-call:1 fault-nth:0): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:43 executing program 4 (fault-call:1 fault-nth:4): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 288.364301] FAULT_INJECTION: forcing a failure. [ 288.364301] name failslab, interval 1, probability 0, space 0, times 0 22:08:43 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66731100", 0x0, &(0x7f0000000100)) [ 288.425158] FAULT_INJECTION: forcing a failure. [ 288.425158] name failslab, interval 1, probability 0, space 0, times 0 [ 288.443058] CPU: 1 PID: 8725 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 288.451250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.460623] Call Trace: [ 288.463240] dump_stack+0x244/0x39d [ 288.466910] ? dump_stack_print_info.cold.1+0x20/0x20 [ 288.472134] ? get_pid_task+0xd6/0x1a0 [ 288.472156] should_fail.cold.4+0xa/0x17 [ 288.472176] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.485243] ? __f_unlock_pos+0x19/0x20 [ 288.489239] ? lock_downgrade+0x900/0x900 [ 288.493412] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 288.498973] ? proc_fail_nth_write+0x9e/0x210 [ 288.503488] ? proc_cwd_link+0x1d0/0x1d0 [ 288.507577] ? find_held_lock+0x36/0x1c0 [ 288.511684] ? perf_trace_sched_process_exec+0x860/0x860 [ 288.517158] ? __lock_is_held+0xb5/0x140 [ 288.518056] FAULT_INJECTION: forcing a failure. [ 288.518056] name failslab, interval 1, probability 0, space 0, times 0 [ 288.521247] __should_failslab+0x124/0x180 [ 288.521269] should_failslab+0x9/0x14 [ 288.521298] __kmalloc_track_caller+0x2d1/0x760 [ 288.545191] ? strncpy_from_user+0x5a0/0x5a0 [ 288.549622] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 288.555183] ? strndup_user+0x77/0xd0 [ 288.559009] memdup_user+0x2c/0xa0 [ 288.562582] strndup_user+0x77/0xd0 [ 288.566232] ksys_mount+0x3c/0x140 [ 288.569792] __x64_sys_mount+0xbe/0x150 [ 288.573788] do_syscall_64+0x1b9/0x820 [ 288.577693] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 288.583086] ? syscall_return_slowpath+0x5e0/0x5e0 [ 288.588052] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.592924] ? trace_hardirqs_on_caller+0x310/0x310 [ 288.597967] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 288.603006] ? prepare_exit_to_usermode+0x291/0x3b0 [ 288.608072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.612947] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.618151] RIP: 0033:0x457569 [ 288.621357] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.640277] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 288.648009] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 288.655828] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 288.663118] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:43 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n/sd\x00', 0x0, &(0x7f0000000100)) [ 288.670402] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 288.677689] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 288.685000] CPU: 0 PID: 8726 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 288.693206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.702576] Call Trace: [ 288.705184] dump_stack+0x244/0x39d [ 288.708833] ? dump_stack_print_info.cold.1+0x20/0x20 [ 288.714054] ? __kernel_text_address+0xd/0x40 [ 288.718732] ? unwind_get_return_address+0x61/0xa0 [ 288.723689] should_fail.cold.4+0xa/0x17 [ 288.727777] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.732911] ? save_stack+0x43/0xd0 [ 288.736564] ? kasan_kmalloc+0xc7/0xe0 [ 288.740478] ? __kmalloc_track_caller+0x157/0x760 [ 288.745339] ? memdup_user+0x2c/0xa0 [ 288.749078] ? do_syscall_64+0x1b9/0x820 [ 288.753161] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.758553] ? proc_fail_nth_write+0x9e/0x210 [ 288.763075] ? proc_cwd_link+0x1d0/0x1d0 [ 288.767162] ? find_held_lock+0x36/0x1c0 [ 288.771304] ? __ia32_sys_mremap+0x5d8/0xd77 [ 288.775746] ? perf_trace_sched_process_exec+0x860/0x860 [ 288.781216] ? lock_release+0xa10/0xa10 [ 288.785206] ? perf_trace_sched_process_exec+0x860/0x860 [ 288.790682] __should_failslab+0x124/0x180 [ 288.794934] should_failslab+0x9/0x14 [ 288.798751] __kmalloc_track_caller+0x2d1/0x760 [ 288.803440] ? strncpy_from_user+0x5a0/0x5a0 [ 288.807861] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 288.813425] ? strndup_user+0x77/0xd0 [ 288.817249] memdup_user+0x2c/0xa0 [ 288.820807] strndup_user+0x77/0xd0 [ 288.824448] ksys_mount+0x73/0x140 [ 288.828001] __x64_sys_mount+0xbe/0x150 [ 288.831998] do_syscall_64+0x1b9/0x820 [ 288.835898] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 288.841283] ? syscall_return_slowpath+0x5e0/0x5e0 [ 288.846233] ? trace_hardirqs_on_caller+0x310/0x310 [ 288.851270] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 288.856379] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 288.863086] ? __switch_to_asm+0x40/0x70 [ 288.867175] ? __switch_to_asm+0x34/0x70 [ 288.871277] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 288.876150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 288.881364] RIP: 0033:0x457569 [ 288.884580] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 288.903498] RSP: 002b:00007fc6790fec78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 288.911230] RAX: ffffffffffffffda RBX: 00007fc6790fec90 RCX: 0000000000457569 [ 288.918526] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 288.925812] RBP: 000000000072c040 R08: 0000000020000100 R09: 0000000000000000 [ 288.933098] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6790ff6d4 [ 288.940378] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 288.947703] CPU: 1 PID: 8730 Comm: syz-executor4 Not tainted 4.19.0-next-20181029+ #100 [ 288.955871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.965246] Call Trace: [ 288.967856] dump_stack+0x244/0x39d [ 288.971524] ? dump_stack_print_info.cold.1+0x20/0x20 [ 288.976740] ? filename_lookup+0x39a/0x520 [ 288.980998] ? user_path_at_empty+0x40/0x50 [ 288.985348] ? do_mount+0x180/0x1ff0 [ 288.985365] ? ksys_mount+0x12d/0x140 [ 288.985385] ? do_syscall_64+0x1b9/0x820 [ 288.985405] should_fail.cold.4+0xa/0x17 [ 288.985424] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 288.992949] ? mntput+0x74/0xa0 [ 288.992976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 288.993001] ? zap_class+0x640/0x640 [ 288.993020] ? find_held_lock+0x36/0x1c0 [ 289.022960] ? perf_trace_sched_process_exec+0x860/0x860 [ 289.024464] FAULT_INJECTION: forcing a failure. [ 289.024464] name failslab, interval 1, probability 0, space 0, times 0 [ 289.028438] ? lock_downgrade+0x900/0x900 [ 289.028465] __should_failslab+0x124/0x180 [ 289.028486] should_failslab+0x9/0x14 [ 289.028502] kmem_cache_alloc_trace+0x2d7/0x750 [ 289.028522] ? kasan_check_write+0x14/0x20 [ 289.028637] vfs_new_fs_context+0x5e/0x77c [ 289.065049] do_mount+0x1816/0x1ff0 [ 289.068699] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 289.074262] ? copy_mount_string+0x40/0x40 [ 289.078521] ? copy_mount_options+0x5f/0x430 [ 289.082947] ? kmem_cache_alloc_trace+0x353/0x750 [ 289.087812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.093365] ? _copy_from_user+0xdf/0x150 [ 289.097537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 289.103091] ? copy_mount_options+0x315/0x430 [ 289.107613] ksys_mount+0x12d/0x140 [ 289.111252] __x64_sys_mount+0xbe/0x150 [ 289.115246] do_syscall_64+0x1b9/0x820 [ 289.119141] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 289.124516] ? syscall_return_slowpath+0x5e0/0x5e0 [ 289.129451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.134304] ? trace_hardirqs_on_caller+0x310/0x310 [ 289.139331] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 289.144356] ? prepare_exit_to_usermode+0x291/0x3b0 [ 289.149395] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.154257] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.159457] RIP: 0033:0x457569 [ 289.162660] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.181576] RSP: 002b:00007f9081cc8c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.189297] RAX: ffffffffffffffda RBX: 00007f9081cc8c90 RCX: 0000000000457569 [ 289.196576] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 289.203863] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 289.211147] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9081cc96d4 [ 289.218434] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:44 executing program 0 (fault-call:1 fault-nth:1): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 289.225738] CPU: 0 PID: 8745 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 289.233906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.243267] Call Trace: [ 289.245882] dump_stack+0x244/0x39d [ 289.249538] ? dump_stack_print_info.cold.1+0x20/0x20 [ 289.254753] ? __kernel_text_address+0xd/0x40 [ 289.259283] ? unwind_get_return_address+0x61/0xa0 [ 289.264240] should_fail.cold.4+0xa/0x17 [ 289.268326] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 289.273460] ? save_stack+0x43/0xd0 [ 289.277103] ? kasan_kmalloc+0xc7/0xe0 [ 289.281001] ? __kmalloc_track_caller+0x157/0x760 [ 289.285871] ? memdup_user+0x2c/0xa0 [ 289.289606] ? do_syscall_64+0x1b9/0x820 [ 289.293690] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.299082] ? proc_fail_nth_write+0x9e/0x210 [ 289.303598] ? proc_cwd_link+0x1d0/0x1d0 [ 289.307681] ? find_held_lock+0x36/0x1c0 [ 289.311763] ? pull_dl_task+0x13e8/0x1ca0 [ 289.315937] ? perf_trace_sched_process_exec+0x860/0x860 [ 289.321409] ? lock_release+0xa10/0xa10 [ 289.325399] ? perf_trace_sched_process_exec+0x860/0x860 [ 289.330873] __should_failslab+0x124/0x180 [ 289.335129] should_failslab+0x9/0x14 [ 289.338944] __kmalloc_track_caller+0x2d1/0x760 [ 289.343629] ? strncpy_from_user+0x5a0/0x5a0 [ 289.348057] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.353604] ? strndup_user+0x77/0xd0 [ 289.357425] memdup_user+0x2c/0xa0 [ 289.360975] strndup_user+0x77/0xd0 [ 289.364611] ksys_mount+0x73/0x140 [ 289.368159] __x64_sys_mount+0xbe/0x150 [ 289.372141] do_syscall_64+0x1b9/0x820 [ 289.376039] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 289.381416] ? syscall_return_slowpath+0x5e0/0x5e0 [ 289.386357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.391217] ? trace_hardirqs_on_caller+0x310/0x310 [ 289.396249] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 289.401293] ? prepare_exit_to_usermode+0x291/0x3b0 [ 289.406325] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.411189] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.416384] RIP: 0033:0x457569 [ 289.419588] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 289.438498] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 289.446218] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 289.453503] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 289.460791] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 289.468076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 22:08:44 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:44 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 289.475364] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:44 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736406", 0x0, &(0x7f0000000100)) 22:08:45 executing program 1 (fault-call:2 fault-nth:2): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:45 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66731100", 0x0, &(0x7f0000000100)) 22:08:45 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:45 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n.sd\x00', 0x0, &(0x7f0000000100)) 22:08:45 executing program 0 (fault-call:1 fault-nth:2): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:45 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 289.744202] FAULT_INJECTION: forcing a failure. [ 289.744202] name failslab, interval 1, probability 0, space 0, times 0 [ 289.802503] CPU: 1 PID: 8770 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 289.810695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.820070] Call Trace: [ 289.822689] dump_stack+0x244/0x39d [ 289.826349] ? dump_stack_print_info.cold.1+0x20/0x20 [ 289.831564] ? __kernel_text_address+0xd/0x40 [ 289.836078] ? unwind_get_return_address+0x61/0xa0 [ 289.841044] should_fail.cold.4+0xa/0x17 [ 289.843634] FAULT_INJECTION: forcing a failure. [ 289.843634] name failslab, interval 1, probability 0, space 0, times 0 [ 289.845129] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 289.845156] ? kasan_kmalloc+0xc7/0xe0 [ 289.845172] ? __kmalloc_track_caller+0x157/0x760 [ 289.845189] ? memdup_user+0x2c/0xa0 [ 289.845222] ? zap_class+0x640/0x640 [ 289.877653] ? do_syscall_64+0x1b9/0x820 [ 289.881739] ? proc_fail_nth_write+0x9e/0x210 [ 289.886258] ? proc_cwd_link+0x1d0/0x1d0 [ 289.890347] ? find_held_lock+0x36/0x1c0 [ 289.894449] ? perf_trace_sched_process_exec+0x860/0x860 [ 289.899923] ? lock_release+0xa10/0xa10 [ 289.903927] ? perf_trace_sched_process_exec+0x860/0x860 [ 289.909399] ? usercopy_warn+0x110/0x110 [ 289.913490] __should_failslab+0x124/0x180 [ 289.917750] should_failslab+0x9/0x14 [ 289.921579] kmem_cache_alloc_trace+0x2d7/0x750 [ 289.926314] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.931876] ? _copy_from_user+0xdf/0x150 [ 289.936064] copy_mount_options+0x5f/0x430 [ 289.940329] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 289.945900] ksys_mount+0xd0/0x140 [ 289.949471] __x64_sys_mount+0xbe/0x150 [ 289.953480] do_syscall_64+0x1b9/0x820 [ 289.957387] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 289.962790] ? syscall_return_slowpath+0x5e0/0x5e0 [ 289.967741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.972612] ? trace_hardirqs_on_caller+0x310/0x310 [ 289.977656] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 289.982697] ? prepare_exit_to_usermode+0x291/0x3b0 [ 289.987747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 289.992617] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 289.997822] RIP: 0033:0x457569 [ 290.001039] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.019957] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.027684] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 290.034972] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 290.042262] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:45 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n/sd\x00', 0x0, &(0x7f0000000100)) [ 290.049547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 290.056835] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 290.064163] CPU: 0 PID: 8780 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 290.072327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.081878] Call Trace: [ 290.081907] dump_stack+0x244/0x39d [ 290.081927] ? dump_stack_print_info.cold.1+0x20/0x20 [ 290.081943] ? should_fail+0x913/0xd01 [ 290.081961] should_fail.cold.4+0xa/0x17 [ 290.081980] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.106446] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.111233] ? retint_kernel+0x2d/0x2d [ 290.115159] ? lock_release+0x4ea/0xa10 [ 290.119221] ? ext4_mb_free_metadata+0x2a8/0xc90 [ 290.124018] ? perf_trace_sched_process_exec+0x860/0x860 [ 290.129503] ? lock_release+0xa10/0xa10 [ 290.133519] __should_failslab+0x124/0x180 [ 290.137866] should_failslab+0x9/0x14 [ 290.141688] kmem_cache_alloc_trace+0x2d7/0x750 [ 290.146377] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:08:45 executing program 0 (fault-call:1 fault-nth:3): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 290.151944] ? _copy_from_user+0xdf/0x150 [ 290.156118] copy_mount_options+0x5f/0x430 [ 290.160376] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.165941] ksys_mount+0xd0/0x140 [ 290.169509] __x64_sys_mount+0xbe/0x150 [ 290.173500] ? do_syscall_64+0xca/0x820 [ 290.177492] do_syscall_64+0x1b9/0x820 [ 290.177509] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 290.177526] ? syscall_return_slowpath+0x5e0/0x5e0 [ 290.177540] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.177558] ? trace_hardirqs_on_caller+0x310/0x310 [ 290.177574] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 290.177590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.177610] ? prepare_exit_to_usermode+0x291/0x3b0 [ 290.186908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.186931] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.186944] RIP: 0033:0x457569 [ 290.186960] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:45 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:45 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f9", 0x0, &(0x7f0000000100)) 22:08:45 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 290.186968] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.186983] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 290.186992] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 290.187000] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 290.187008] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 290.187017] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:45 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:45 executing program 1 (fault-call:2 fault-nth:3): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 290.315993] FAULT_INJECTION: forcing a failure. [ 290.315993] name failslab, interval 1, probability 0, space 0, times 0 [ 290.389979] CPU: 0 PID: 8798 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 290.398193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.407563] Call Trace: [ 290.410176] dump_stack+0x244/0x39d [ 290.413830] ? dump_stack_print_info.cold.1+0x20/0x20 [ 290.419052] ? find_held_lock+0x36/0x1c0 [ 290.423142] should_fail.cold.4+0xa/0x17 [ 290.427227] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.432350] ? rcu_read_unlock_special+0x1c0/0x1c0 22:08:45 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 290.437317] ? kasan_check_read+0x11/0x20 [ 290.441494] ? rcu_softirq_qs+0x20/0x20 [ 290.445490] ? rcu_softirq_qs+0x20/0x20 [ 290.449489] ? unwind_dump+0x190/0x190 [ 290.453421] ? find_held_lock+0x36/0x1c0 [ 290.457530] ? perf_trace_sched_process_exec+0x860/0x860 [ 290.463001] ? save_stack+0xa9/0xd0 [ 290.466664] ? kmem_cache_alloc_trace+0x152/0x750 [ 290.471537] ? copy_mount_options+0x5f/0x430 [ 290.475974] __should_failslab+0x124/0x180 [ 290.480236] should_failslab+0x9/0x14 [ 290.484752] kmem_cache_alloc+0x2be/0x730 22:08:45 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736410", 0x0, &(0x7f0000000100)) 22:08:45 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 290.488924] ? find_held_lock+0x36/0x1c0 [ 290.493014] getname_flags+0xd0/0x590 [ 290.496843] user_path_at_empty+0x2d/0x50 [ 290.501014] do_mount+0x180/0x1ff0 [ 290.504581] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 290.510152] ? rcu_pm_notify+0xc0/0xc0 [ 290.514074] ? copy_mount_string+0x40/0x40 [ 290.518338] ? copy_mount_options+0x5f/0x430 [ 290.522765] ? rcu_read_lock_sched_held+0x14f/0x180 [ 290.527814] ? kmem_cache_alloc_trace+0x353/0x750 [ 290.532684] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.538251] ? _copy_from_user+0xdf/0x150 [ 290.542432] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.542452] ? copy_mount_options+0x315/0x430 [ 290.542473] ksys_mount+0x12d/0x140 [ 290.552557] __x64_sys_mount+0xbe/0x150 [ 290.560172] do_syscall_64+0x1b9/0x820 [ 290.564085] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 290.569478] ? syscall_return_slowpath+0x5e0/0x5e0 [ 290.574439] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.579310] ? trace_hardirqs_on_caller+0x310/0x310 [ 290.584343] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 290.589389] ? prepare_exit_to_usermode+0x291/0x3b0 [ 290.594452] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.599330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.604535] RIP: 0033:0x457569 [ 290.607741] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.626662] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.634402] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 290.641695] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 290.645299] FAULT_INJECTION: forcing a failure. [ 290.645299] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 290.648997] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 290.668596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 290.675880] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 290.683194] CPU: 1 PID: 8817 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 290.691356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 290.700726] Call Trace: [ 290.703338] dump_stack+0x244/0x39d [ 290.706994] ? dump_stack_print_info.cold.1+0x20/0x20 [ 290.712219] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.717004] should_fail.cold.4+0xa/0x17 [ 290.721093] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.726221] ? __lock_acquire+0x62f/0x4c20 [ 290.730471] ? lock_downgrade+0x900/0x900 [ 290.734632] ? check_preemption_disabled+0x48/0x280 [ 290.739679] ? mark_held_locks+0x130/0x130 [ 290.743942] ? mark_held_locks+0x130/0x130 [ 290.748272] ? is_bpf_text_address+0xd3/0x170 [ 290.752787] ? kernel_text_address+0x79/0xf0 [ 290.757233] ? __kernel_text_address+0xd/0x40 [ 290.761754] ? unwind_get_return_address+0x61/0xa0 [ 290.766753] ? __save_stack_trace+0x8d/0xf0 [ 290.771100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.776657] ? should_fail+0x22d/0xd01 [ 290.780569] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 290.785748] __alloc_pages_nodemask+0x34b/0xdd0 [ 290.790433] ? __kmalloc_track_caller+0x157/0x760 [ 290.795304] ? memdup_user+0x2c/0xa0 [ 290.799051] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 290.804612] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.809384] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.814160] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 290.818027] FAULT_INJECTION: forcing a failure. [ 290.818027] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 290.818763] ? trace_hardirqs_on_caller+0xc0/0x310 [ 290.835588] ? find_held_lock+0x36/0x1c0 [ 290.839676] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 290.844527] ? pit_timer_fn+0x98/0x2b0 [ 290.848448] ? trace_hardirqs_off+0xb8/0x310 [ 290.852872] cache_grow_begin+0xa5/0x8c0 [ 290.856948] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.862505] ? check_preemption_disabled+0x48/0x280 [ 290.867544] kmem_cache_alloc_trace+0x684/0x750 [ 290.872242] copy_mount_options+0x5f/0x430 [ 290.876498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 290.882066] ksys_mount+0xd0/0x140 [ 290.885627] __x64_sys_mount+0xbe/0x150 [ 290.889617] do_syscall_64+0x1b9/0x820 [ 290.893515] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 290.898892] ? syscall_return_slowpath+0x5e0/0x5e0 [ 290.903836] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.908692] ? trace_hardirqs_on_caller+0x310/0x310 [ 290.913724] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 290.918765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 290.924316] ? prepare_exit_to_usermode+0x291/0x3b0 [ 290.929356] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 290.934225] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 290.939421] RIP: 0033:0x457569 [ 290.942629] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 290.961543] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 290.969272] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 290.976560] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 290.983844] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:46 executing program 2: sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2}, 0x1c) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:46 executing program 0 (fault-call:1 fault-nth:4): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:46 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66731100", 0x0, &(0x7f0000000100)) 22:08:46 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 290.991134] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 290.998419] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 291.005734] CPU: 0 PID: 8820 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 291.013892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.013911] Call Trace: [ 291.025885] dump_stack+0x244/0x39d [ 291.029538] ? dump_stack_print_info.cold.1+0x20/0x20 [ 291.034753] ? mark_held_locks+0x130/0x130 [ 291.039005] should_fail.cold.4+0xa/0x17 [ 291.039024] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.039056] ? mark_held_locks+0x130/0x130 [ 291.039080] ? mark_held_locks+0x130/0x130 [ 291.039098] ? zap_class+0x640/0x640 [ 291.048274] ? print_usage_bug+0xc0/0xc0 [ 291.048300] ? find_held_lock+0x36/0x1c0 [ 291.048323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.048336] ? should_fail+0x22d/0xd01 [ 291.048352] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.048379] __alloc_pages_nodemask+0x34b/0xdd0 [ 291.056839] ? rcu_softirq_qs+0x20/0x20 [ 291.056863] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 291.056886] ? find_held_lock+0x36/0x1c0 [ 291.056925] ? trace_hardirqs_off+0xb8/0x310 [ 291.064691] cache_grow_begin+0xa5/0x8c0 [ 291.109388] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.114958] ? check_preemption_disabled+0x48/0x280 [ 291.120004] kmem_cache_alloc+0x66b/0x730 [ 291.124193] ? find_held_lock+0x36/0x1c0 [ 291.128303] getname_flags+0xd0/0x590 [ 291.132138] user_path_at_empty+0x2d/0x50 [ 291.136316] do_mount+0x180/0x1ff0 22:08:46 executing program 1 (fault-call:2 fault-nth:4): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 291.139884] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 291.145451] ? rcu_pm_notify+0xc0/0xc0 [ 291.149362] ? copy_mount_string+0x40/0x40 [ 291.153626] ? copy_mount_options+0x5f/0x430 [ 291.158065] ? rcu_read_lock_sched_held+0x14f/0x180 [ 291.163102] ? kmem_cache_alloc_trace+0x353/0x750 [ 291.167966] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.173538] ? _copy_from_user+0xdf/0x150 [ 291.177723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.183279] ? copy_mount_options+0x315/0x430 [ 291.187794] ksys_mount+0x12d/0x140 22:08:46 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 291.191435] __x64_sys_mount+0xbe/0x150 [ 291.195411] do_syscall_64+0x1b9/0x820 [ 291.199308] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 291.204772] ? syscall_return_slowpath+0x5e0/0x5e0 [ 291.209698] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.214538] ? trace_hardirqs_on_caller+0x310/0x310 [ 291.219564] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 291.224601] ? prepare_exit_to_usermode+0x291/0x3b0 [ 291.229640] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.234509] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.239712] RIP: 0033:0x457569 [ 291.242913] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.261833] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 291.261850] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 291.261858] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 291.261867] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:46 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 291.261875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 291.261882] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 291.390483] FAULT_INJECTION: forcing a failure. [ 291.390483] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 291.402338] CPU: 1 PID: 8837 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 291.410491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.410499] Call Trace: [ 291.410526] dump_stack+0x244/0x39d [ 291.410551] ? dump_stack_print_info.cold.1+0x20/0x20 [ 291.410570] ? mark_held_locks+0x130/0x130 [ 291.410585] ? __lock_is_held+0xb5/0x140 [ 291.410613] should_fail.cold.4+0xa/0x17 [ 291.410636] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.431394] ? retint_kernel+0x2d/0x2d [ 291.431413] ? trace_hardirqs_on_caller+0xc0/0x310 [ 291.431430] ? lock_downgrade+0x900/0x900 [ 291.431448] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.431474] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.439769] ? retint_kernel+0x2d/0x2d [ 291.439797] ? should_fail+0x105/0xd01 [ 291.448955] ? write_comp_data+0x22/0x70 [ 291.448977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.448992] ? should_fail+0x22d/0xd01 [ 291.449013] ? trace_hardirqs_on_caller+0xc0/0x310 [ 291.457842] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.457859] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 291.457882] __alloc_pages_nodemask+0x34b/0xdd0 [ 291.457910] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 291.457939] ? find_held_lock+0x36/0x1c0 [ 291.466855] ? trace_hardirqs_off+0xb8/0x310 [ 291.466878] cache_grow_begin+0xa5/0x8c0 [ 291.466902] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.466920] ? check_preemption_disabled+0x48/0x280 [ 291.466940] kmem_cache_alloc+0x66b/0x730 [ 291.475573] ? find_held_lock+0x36/0x1c0 [ 291.475590] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 291.475610] getname_flags+0xd0/0x590 [ 291.475626] ? retint_kernel+0x2d/0x2d [ 291.475644] user_path_at_empty+0x2d/0x50 [ 291.483581] do_mount+0x180/0x1ff0 [ 291.483606] ? copy_mount_string+0x40/0x40 [ 291.483627] ? retint_kernel+0x2d/0x2d [ 291.483655] ? copy_mount_options+0x20f/0x430 [ 291.493067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 22:08:46 executing program 0 (fault-call:1 fault-nth:5): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:46 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736410", 0x0, &(0x7f0000000100)) 22:08:46 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 291.493085] ? copy_mount_options+0x315/0x430 [ 291.493108] ksys_mount+0x12d/0x140 [ 291.493128] __x64_sys_mount+0xbe/0x150 [ 291.493148] ? do_syscall_64+0xca/0x820 [ 291.604159] do_syscall_64+0x1b9/0x820 [ 291.608078] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 291.613476] ? syscall_return_slowpath+0x5e0/0x5e0 [ 291.618422] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.623283] ? trace_hardirqs_on_caller+0x310/0x310 [ 291.628672] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 291.633701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.639238] ? prepare_exit_to_usermode+0x291/0x3b0 [ 291.644255] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 291.649099] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 291.654296] RIP: 0033:0x457569 [ 291.657541] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 291.676453] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 291.684272] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 22:08:47 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736403", 0x0, &(0x7f0000000100)) [ 291.691538] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 291.698802] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 291.706074] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 291.713352] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:47 executing program 2: clone(0x0, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 291.797609] FAULT_INJECTION: forcing a failure. [ 291.797609] name failslab, interval 1, probability 0, space 0, times 0 22:08:47 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 291.863380] CPU: 1 PID: 8856 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 291.871575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 291.880951] Call Trace: [ 291.883564] dump_stack+0x244/0x39d [ 291.887246] ? dump_stack_print_info.cold.1+0x20/0x20 [ 291.892466] ? filename_lookup+0x39a/0x520 [ 291.896730] ? user_path_at_empty+0x40/0x50 [ 291.901074] ? do_mount+0x180/0x1ff0 [ 291.904782] ? ksys_mount+0x12d/0x140 [ 291.908581] ? do_syscall_64+0x1b9/0x820 22:08:47 executing program 2: clone(0x0, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 291.912636] should_fail.cold.4+0xa/0x17 [ 291.916707] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 291.921821] ? mntput+0x74/0xa0 [ 291.925102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 291.930642] ? zap_class+0x640/0x640 [ 291.934356] ? find_held_lock+0x36/0x1c0 [ 291.938450] ? perf_trace_sched_process_exec+0x860/0x860 [ 291.943992] ? lock_downgrade+0x900/0x900 [ 291.948185] __should_failslab+0x124/0x180 [ 291.952447] should_failslab+0x9/0x14 [ 291.956270] kmem_cache_alloc_trace+0x2d7/0x750 [ 291.960970] ? kasan_check_write+0x14/0x20 [ 291.965239] vfs_new_fs_context+0x5e/0x77c [ 291.969499] do_mount+0x1816/0x1ff0 [ 291.973166] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 291.978738] ? copy_mount_string+0x40/0x40 [ 291.983004] ? copy_mount_options+0x5f/0x430 [ 291.987444] ? kmem_cache_alloc_trace+0x353/0x750 [ 291.992350] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 291.997927] ? _copy_from_user+0xdf/0x150 [ 292.002112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.007692] ? copy_mount_options+0x315/0x430 [ 292.012218] ksys_mount+0x12d/0x140 [ 292.015873] __x64_sys_mount+0xbe/0x150 [ 292.019879] do_syscall_64+0x1b9/0x820 [ 292.023799] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 292.029185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 292.034144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.039051] ? trace_hardirqs_on_caller+0x310/0x310 [ 292.044099] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 292.049149] ? prepare_exit_to_usermode+0x291/0x3b0 [ 292.054203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.059087] entry_SYSCALL_64_after_hwframe+0x49/0xbe 22:08:47 executing program 2: clone(0x0, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 292.064299] RIP: 0033:0x457569 [ 292.067512] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 292.086429] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 292.094160] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 292.101451] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:08:47 executing program 1 (fault-call:2 fault-nth:5): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:47 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 292.108750] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 292.116053] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 292.123345] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:47 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 292.277429] FAULT_INJECTION: forcing a failure. [ 292.277429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 292.289283] CPU: 0 PID: 8886 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 292.297444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.306814] Call Trace: [ 292.309436] dump_stack+0x244/0x39d [ 292.313109] ? dump_stack_print_info.cold.1+0x20/0x20 [ 292.318328] ? mark_held_locks+0x130/0x130 [ 292.322597] should_fail.cold.4+0xa/0x17 [ 292.326692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 292.331828] ? mark_held_locks+0x130/0x130 [ 292.336102] ? mark_held_locks+0x130/0x130 [ 292.340361] ? zap_class+0x640/0x640 [ 292.344116] ? print_usage_bug+0xc0/0xc0 [ 292.348222] ? find_held_lock+0x36/0x1c0 [ 292.352319] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.357878] ? should_fail+0x22d/0xd01 [ 292.361798] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 292.366933] __alloc_pages_nodemask+0x34b/0xdd0 [ 292.371627] ? rcu_softirq_qs+0x20/0x20 [ 292.375635] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 292.380689] ? find_held_lock+0x36/0x1c0 [ 292.384803] ? trace_hardirqs_off+0xb8/0x310 [ 292.389244] cache_grow_begin+0xa5/0x8c0 [ 292.393331] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 292.398898] ? check_preemption_disabled+0x48/0x280 [ 292.403955] kmem_cache_alloc+0x66b/0x730 [ 292.408137] getname_flags+0xd0/0x590 [ 292.411973] user_path_at_empty+0x2d/0x50 [ 292.416152] do_mount+0x180/0x1ff0 [ 292.419707] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 292.425249] ? rcu_pm_notify+0xc0/0xc0 [ 292.429140] ? copy_mount_string+0x40/0x40 [ 292.433375] ? copy_mount_options+0x5f/0x430 [ 292.437788] ? rcu_read_lock_sched_held+0x14f/0x180 [ 292.442806] ? kmem_cache_alloc_trace+0x353/0x750 [ 292.447654] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 292.453213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.458792] ? copy_mount_options+0x315/0x430 [ 292.463299] ksys_mount+0x12d/0x140 [ 292.466947] __x64_sys_mount+0xbe/0x150 [ 292.470980] do_syscall_64+0x1b9/0x820 [ 292.474902] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 292.480280] ? syscall_return_slowpath+0x5e0/0x5e0 [ 292.485212] ? trace_hardirqs_on_caller+0x310/0x310 [ 292.490232] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 292.495275] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.500155] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.505354] RIP: 0033:0x457569 [ 292.508579] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:47 executing program 0 (fault-call:1 fault-nth:6): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:47 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:47 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:47 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f6", 0x0, &(0x7f0000000100)) 22:08:47 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 292.527476] RSP: 002b:00007fc67911fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 292.535186] RAX: ffffffffffffffda RBX: 00007fc67911fc90 RCX: 0000000000457569 [ 292.542454] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 292.549738] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 292.557046] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791206d4 [ 292.564320] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 292.595437] FAULT_INJECTION: forcing a failure. [ 292.595437] name failslab, interval 1, probability 0, space 0, times 0 [ 292.619146] CPU: 0 PID: 8897 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 292.627345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.627354] Call Trace: [ 292.627383] dump_stack+0x244/0x39d [ 292.627414] ? dump_stack_print_info.cold.1+0x20/0x20 [ 292.627432] ? filename_lookup+0x39a/0x520 [ 292.627447] ? user_path_at_empty+0x40/0x50 [ 292.627464] ? do_mount+0x180/0x1ff0 [ 292.627481] ? ksys_mount+0x12d/0x140 [ 292.627498] ? do_syscall_64+0x1b9/0x820 [ 292.627519] should_fail.cold.4+0xa/0x17 [ 292.627539] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 292.627556] ? mntput+0x74/0xa0 [ 292.627584] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.627614] ? zap_class+0x640/0x640 [ 292.672867] ? find_held_lock+0x36/0x1c0 [ 292.672893] ? btrfs_rename2+0x1108/0x3760 [ 292.672923] ? perf_trace_sched_process_exec+0x860/0x860 [ 292.672945] ? lock_downgrade+0x900/0x900 [ 292.694643] __should_failslab+0x124/0x180 [ 292.694666] should_failslab+0x9/0x14 [ 292.694683] kmem_cache_alloc_trace+0x2d7/0x750 [ 292.694703] ? kasan_check_write+0x14/0x20 [ 292.708545] vfs_new_fs_context+0x5e/0x77c [ 292.708570] do_mount+0x1816/0x1ff0 [ 292.708594] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 292.721311] ? copy_mount_string+0x40/0x40 [ 292.721333] ? copy_mount_options+0x5f/0x430 [ 292.721356] ? kmem_cache_alloc_trace+0x353/0x750 [ 292.733453] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 292.733477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 292.733495] ? copy_mount_options+0x315/0x430 [ 292.733516] ksys_mount+0x12d/0x140 [ 292.771750] __x64_sys_mount+0xbe/0x150 [ 292.775775] do_syscall_64+0x1b9/0x820 [ 292.779682] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 292.785082] ? syscall_return_slowpath+0x5e0/0x5e0 [ 292.790057] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:08:48 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:48 executing program 1 (fault-call:2 fault-nth:6): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 292.795280] ? trace_hardirqs_on_caller+0x310/0x310 [ 292.800323] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 292.805372] ? prepare_exit_to_usermode+0x291/0x3b0 [ 292.810434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 292.815307] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 292.820516] RIP: 0033:0x457569 [ 292.823727] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:48 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:48 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 292.842646] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 292.850467] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 292.857751] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 292.865048] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 292.872333] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 292.872343] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:48 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\n', 0x0, &(0x7f0000000100)) 22:08:48 executing program 0 (fault-call:1 fault-nth:7): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 293.038672] FAULT_INJECTION: forcing a failure. [ 293.038672] name failslab, interval 1, probability 0, space 0, times 0 [ 293.080408] FAULT_INJECTION: forcing a failure. [ 293.080408] name failslab, interval 1, probability 0, space 0, times 0 [ 293.085654] CPU: 1 PID: 8927 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 293.099803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.109173] Call Trace: [ 293.111791] dump_stack+0x244/0x39d [ 293.115449] ? dump_stack_print_info.cold.1+0x20/0x20 [ 293.120663] ? filename_lookup+0x39a/0x520 [ 293.124927] ? user_path_at_empty+0x40/0x50 [ 293.129277] ? do_mount+0x180/0x1ff0 [ 293.133010] ? ksys_mount+0x12d/0x140 [ 293.136842] ? do_syscall_64+0x1b9/0x820 [ 293.140941] should_fail.cold.4+0xa/0x17 [ 293.145043] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 293.150267] ? mntput+0x74/0xa0 [ 293.153578] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.159151] ? zap_class+0x640/0x640 [ 293.162888] ? find_held_lock+0x36/0x1c0 [ 293.167071] ? pnfs_generic_layout_insert_lseg+0x268/0x590 [ 293.172736] ? perf_trace_sched_process_exec+0x860/0x860 [ 293.178217] ? lock_downgrade+0x900/0x900 [ 293.182395] __should_failslab+0x124/0x180 [ 293.186657] should_failslab+0x9/0x14 [ 293.190480] kmem_cache_alloc_trace+0x2d7/0x750 [ 293.195180] ? kasan_check_write+0x14/0x20 [ 293.199449] vfs_new_fs_context+0x5e/0x77c [ 293.203714] do_mount+0x1816/0x1ff0 [ 293.207378] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 293.212960] ? copy_mount_string+0x40/0x40 [ 293.217235] ? copy_mount_options+0x5f/0x430 [ 293.221672] ? kmem_cache_alloc_trace+0x353/0x750 [ 293.226558] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 293.232134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.237702] ? copy_mount_options+0x315/0x430 [ 293.242235] ksys_mount+0x12d/0x140 [ 293.245932] __x64_sys_mount+0xbe/0x150 [ 293.249938] do_syscall_64+0x1b9/0x820 [ 293.253847] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 293.259240] ? syscall_return_slowpath+0x5e0/0x5e0 [ 293.264197] ? trace_hardirqs_on_caller+0x310/0x310 [ 293.269238] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 293.274273] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 293.280981] ? __switch_to_asm+0x40/0x70 [ 293.285074] ? __switch_to_asm+0x34/0x70 [ 293.289171] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.294050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.299259] RIP: 0033:0x457569 [ 293.302470] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.321388] RSP: 002b:00007fc67911fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 293.329117] RAX: ffffffffffffffda RBX: 00007fc67911fc90 RCX: 0000000000457569 [ 293.336403] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 293.343691] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 293.350977] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791206d4 [ 293.358266] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 293.365581] CPU: 0 PID: 8936 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 22:08:48 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f6", 0x0, &(0x7f0000000100)) 22:08:48 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:48 executing program 1 (fault-call:2 fault-nth:7): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 293.373756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.383120] Call Trace: [ 293.385730] dump_stack+0x244/0x39d [ 293.389389] ? dump_stack_print_info.cold.1+0x20/0x20 [ 293.394620] ? kernel_text_address+0x79/0xf0 [ 293.399082] should_fail.cold.4+0xa/0x17 [ 293.403177] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 293.408320] ? save_stack+0xa9/0xd0 [ 293.411980] ? save_stack+0x43/0xd0 [ 293.415638] ? kmem_cache_alloc_trace+0x152/0x750 [ 293.420526] ? vfs_new_fs_context+0x5e/0x77c [ 293.424954] ? do_mount+0x1816/0x1ff0 [ 293.428779] ? ksys_mount+0x12d/0x140 [ 293.432615] ? __x64_sys_mount+0xbe/0x150 [ 293.436787] ? do_syscall_64+0x1b9/0x820 [ 293.436804] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.436827] ? find_held_lock+0x36/0x1c0 [ 293.436860] ? perf_trace_sched_process_exec+0x860/0x860 [ 293.436882] ? debug_mutex_init+0x2d/0x60 [ 293.446340] __should_failslab+0x124/0x180 [ 293.446361] should_failslab+0x9/0x14 [ 293.446375] kmem_cache_alloc_trace+0x2d7/0x750 [ 293.446391] ? rcu_read_lock_sched_held+0x14f/0x180 [ 293.446414] ? kmem_cache_alloc_trace+0x353/0x750 [ 293.446438] legacy_init_fs_context+0x187/0x230 [ 293.446455] ? vfs_dup_fs_context+0x400/0x400 [ 293.446475] vfs_new_fs_context+0x3f4/0x77c [ 293.496186] do_mount+0x1816/0x1ff0 [ 293.499846] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 293.505427] ? copy_mount_string+0x40/0x40 [ 293.509702] ? copy_mount_options+0x5f/0x430 [ 293.509730] FAULT_INJECTION: forcing a failure. [ 293.509730] name failslab, interval 1, probability 0, space 0, times 0 [ 293.514153] ? kmem_cache_alloc_trace+0x353/0x750 [ 293.514173] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 293.514193] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.514210] ? copy_mount_options+0x315/0x430 [ 293.514233] ksys_mount+0x12d/0x140 [ 293.514255] __x64_sys_mount+0xbe/0x150 [ 293.514277] do_syscall_64+0x1b9/0x820 [ 293.514308] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 293.562949] ? syscall_return_slowpath+0x5e0/0x5e0 [ 293.567900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.572770] ? trace_hardirqs_on_caller+0x310/0x310 [ 293.577820] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 293.582894] ? prepare_exit_to_usermode+0x291/0x3b0 [ 293.587945] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.592825] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.598052] RIP: 0033:0x457569 [ 293.601268] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.620187] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:08:49 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd ', 0x0, &(0x7f0000000100)) [ 293.627915] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 293.635202] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 293.642492] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 293.649776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 293.657075] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 293.667297] CPU: 1 PID: 8943 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 293.675473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 293.684840] Call Trace: [ 293.684869] dump_stack+0x244/0x39d [ 293.684888] ? dump_stack_print_info.cold.1+0x20/0x20 [ 293.684915] ? kernel_text_address+0x79/0xf0 [ 293.684936] should_fail.cold.4+0xa/0x17 [ 293.684957] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.709566] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 293.714692] ? retint_kernel+0x2d/0x2d [ 293.719249] ? trace_hardirqs_on_caller+0xc0/0x310 [ 293.724202] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.728993] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 293.733612] ? retint_kernel+0x2d/0x2d [ 293.737526] ? trace_hardirqs_on_caller+0xc0/0x310 [ 293.742480] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.747254] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 293.747273] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 293.747293] ? find_held_lock+0x36/0x1c0 [ 293.747317] ? __udf_iget+0x2c28/0x3840 [ 293.747344] ? perf_trace_sched_process_exec+0x860/0x860 [ 293.761597] ? write_comp_data+0x14/0x70 [ 293.761624] __should_failslab+0x124/0x180 [ 293.761645] should_failslab+0x9/0x14 [ 293.783165] kmem_cache_alloc_trace+0x2d7/0x750 [ 293.787874] legacy_init_fs_context+0x187/0x230 [ 293.792573] ? vfs_dup_fs_context+0x400/0x400 [ 293.797093] vfs_new_fs_context+0x3f4/0x77c [ 293.801448] do_mount+0x1816/0x1ff0 [ 293.805106] ? copy_mount_string+0x40/0x40 [ 293.809363] ? retint_kernel+0x2d/0x2d [ 293.813287] ? copy_mount_options+0x217/0x430 [ 293.817806] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.823371] ? copy_mount_options+0x315/0x430 [ 293.827905] ksys_mount+0x12d/0x140 [ 293.831557] __x64_sys_mount+0xbe/0x150 [ 293.835554] do_syscall_64+0x1b9/0x820 [ 293.839465] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 293.844855] ? syscall_return_slowpath+0x5e0/0x5e0 [ 293.849815] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 293.854688] ? trace_hardirqs_on_caller+0x310/0x310 [ 293.859729] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 293.864770] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 293.870337] ? prepare_exit_to_usermode+0x291/0x3b0 [ 293.875389] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:08:49 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:49 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:49 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 293.880269] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 293.885480] RIP: 0033:0x457569 [ 293.888723] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 293.907641] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 293.915364] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 293.922649] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 293.922659] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 293.922667] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 293.922675] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:49 executing program 0 (fault-call:1 fault-nth:8): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:49 executing program 1 (fault-call:2 fault-nth:8): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:49 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.089500] FAULT_INJECTION: forcing a failure. [ 294.089500] name failslab, interval 1, probability 0, space 0, times 0 [ 294.106813] CPU: 0 PID: 8973 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 294.115004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.124389] Call Trace: [ 294.127008] dump_stack+0x244/0x39d [ 294.130676] ? dump_stack_print_info.cold.1+0x20/0x20 22:08:49 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.135896] ? is_bpf_text_address+0xd3/0x170 [ 294.140432] should_fail.cold.4+0xa/0x17 [ 294.144519] ? __save_stack_trace+0x8d/0xf0 [ 294.148865] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 294.154179] ? save_stack+0xa9/0xd0 [ 294.157830] ? kasan_kmalloc+0xc7/0xe0 [ 294.157848] ? kmem_cache_alloc_trace+0x152/0x750 [ 294.157866] ? legacy_init_fs_context+0x187/0x230 [ 294.157882] ? vfs_new_fs_context+0x3f4/0x77c [ 294.157903] ? do_mount+0x1816/0x1ff0 [ 294.166644] ? ksys_mount+0x12d/0x140 [ 294.166658] ? __x64_sys_mount+0xbe/0x150 [ 294.166673] ? do_syscall_64+0x1b9/0x820 [ 294.166693] ? find_held_lock+0x36/0x1c0 [ 294.166752] ? do_con_trol+0x2718/0x63a0 [ 294.166780] ? check_preemption_disabled+0x48/0x280 [ 294.205177] ? perf_trace_sched_process_exec+0x860/0x860 [ 294.210651] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 294.212616] FAULT_INJECTION: forcing a failure. [ 294.212616] name failslab, interval 1, probability 0, space 0, times 0 [ 294.216213] __should_failslab+0x124/0x180 [ 294.216233] should_failslab+0x9/0x14 22:08:49 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.216249] kmem_cache_alloc_trace+0x2d7/0x750 [ 294.216266] ? legacy_init_fs_context+0x187/0x230 [ 294.216283] ? rcu_read_lock_sched_held+0x14f/0x180 [ 294.216301] ? kmem_cache_alloc_trace+0x353/0x750 [ 294.216317] ? rcu_read_lock_sched_held+0x14f/0x180 [ 294.216430] apparmor_fs_context_alloc+0x43/0xa0 [ 294.216491] security_fs_context_alloc+0x54/0xb0 [ 294.216513] vfs_new_fs_context+0x446/0x77c [ 294.216538] do_mount+0x1816/0x1ff0 [ 294.216557] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 294.216579] ? copy_mount_string+0x40/0x40 [ 294.216602] ? copy_mount_options+0x5f/0x430 [ 294.216621] ? kmem_cache_alloc_trace+0x353/0x750 [ 294.216642] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 294.216664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 294.216681] ? copy_mount_options+0x315/0x430 [ 294.216704] ksys_mount+0x12d/0x140 [ 294.216725] __x64_sys_mount+0xbe/0x150 [ 294.216746] do_syscall_64+0x1b9/0x820 [ 294.216763] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 294.216782] ? syscall_return_slowpath+0x5e0/0x5e0 [ 294.216798] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.216817] ? trace_hardirqs_on_caller+0x310/0x310 [ 294.216835] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 294.216853] ? prepare_exit_to_usermode+0x291/0x3b0 [ 294.216876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.216898] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 294.216911] RIP: 0033:0x457569 [ 294.216928] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:49 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:49 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.216936] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 294.216951] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 294.216959] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 294.216968] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 294.216978] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 294.216988] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 294.248136] CPU: 1 PID: 8975 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 294.276225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.276232] Call Trace: [ 294.276255] dump_stack+0x244/0x39d [ 294.276277] ? dump_stack_print_info.cold.1+0x20/0x20 [ 294.276296] ? mark_held_locks+0xc7/0x130 [ 294.276317] should_fail.cold.4+0xa/0x17 [ 294.289718] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 294.289737] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 294.289767] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 294.299040] ? find_held_lock+0x36/0x1c0 [ 294.299065] ? trace_raw_output_ext4__page_op+0x78/0x160 [ 294.299092] ? check_preemption_disabled+0x48/0x280 [ 294.299107] ? perf_trace_sched_process_exec+0x860/0x860 [ 294.299134] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 294.510660] __should_failslab+0x124/0x180 [ 294.514897] should_failslab+0x9/0x14 [ 294.518686] kmem_cache_alloc_trace+0x2d7/0x750 [ 294.523344] ? legacy_init_fs_context+0x187/0x230 [ 294.528216] ? rcu_read_lock_sched_held+0x14f/0x180 [ 294.533226] ? kmem_cache_alloc_trace+0x353/0x750 [ 294.538070] apparmor_fs_context_alloc+0x43/0xa0 [ 294.542832] security_fs_context_alloc+0x54/0xb0 [ 294.547594] vfs_new_fs_context+0x446/0x77c [ 294.551913] do_mount+0x1816/0x1ff0 [ 294.555535] ? copy_mount_string+0x40/0x40 [ 294.559763] ? retint_kernel+0x2d/0x2d [ 294.563642] ? copy_mount_options+0x239/0x430 [ 294.568126] ? copy_mount_options+0x23f/0x430 [ 294.572613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 294.578147] ? copy_mount_options+0x315/0x430 [ 294.582634] ksys_mount+0x12d/0x140 [ 294.586258] __x64_sys_mount+0xbe/0x150 [ 294.590227] ? __sanitizer_cov_trace_pc+0x20/0x50 [ 294.595087] do_syscall_64+0x1b9/0x820 [ 294.598994] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 294.604358] ? syscall_return_slowpath+0x5e0/0x5e0 [ 294.609287] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.614126] ? trace_hardirqs_on_caller+0x310/0x310 [ 294.619140] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 294.624152] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 294.629686] ? prepare_exit_to_usermode+0x291/0x3b0 [ 294.634701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 294.639545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 294.644727] RIP: 0033:0x457569 [ 294.647917] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 294.666831] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 294.674536] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 294.681798] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:08:50 executing program 0 (fault-call:1 fault-nth:9): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.689064] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 294.696326] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 294.703591] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:50 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:50 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 1 (fault-call:2 fault-nth:9): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 294.850103] FAULT_INJECTION: forcing a failure. [ 294.850103] name failslab, interval 1, probability 0, space 0, times 0 [ 294.916316] CPU: 1 PID: 9004 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 294.924505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 294.933878] Call Trace: [ 294.936503] dump_stack+0x244/0x39d [ 294.940169] ? dump_stack_print_info.cold.1+0x20/0x20 [ 294.945393] ? __x64_sys_mount+0xbe/0x150 [ 294.949565] ? do_syscall_64+0x1b9/0x820 [ 294.953648] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 294.959072] should_fail.cold.4+0xa/0x17 [ 294.963164] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 294.968301] ? check_preemption_disabled+0x48/0x280 [ 294.973348] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 294.978914] ? check_preemption_disabled+0x48/0x280 [ 294.980478] FAULT_INJECTION: forcing a failure. [ 294.980478] name failslab, interval 1, probability 0, space 0, times 0 [ 294.983957] ? find_held_lock+0x36/0x1c0 [ 294.983997] ? perf_trace_sched_process_exec+0x860/0x860 [ 294.984016] ? rcu_pm_notify+0xc0/0xc0 [ 294.984054] __should_failslab+0x124/0x180 [ 295.012883] should_failslab+0x9/0x14 [ 295.016715] __kmalloc_track_caller+0x2d1/0x760 [ 295.021413] ? vfs_parse_fs_string+0x1fd/0x2b0 [ 295.026026] ? legacy_parse_monolithic+0xde/0x1e0 [ 295.030913] kmemdup+0x24/0x50 [ 295.034147] legacy_parse_monolithic+0xde/0x1e0 [ 295.038836] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 295.043616] do_mount+0x803/0x1ff0 [ 295.047178] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 295.052736] ? copy_mount_string+0x40/0x40 [ 295.056997] ? copy_mount_options+0x5f/0x430 [ 295.061434] ? kmem_cache_alloc_trace+0x353/0x750 [ 295.066300] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 295.071858] ? _copy_from_user+0xdf/0x150 [ 295.076044] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.081604] ? copy_mount_options+0x315/0x430 [ 295.086127] ksys_mount+0x12d/0x140 [ 295.089779] __x64_sys_mount+0xbe/0x150 [ 295.093784] do_syscall_64+0x1b9/0x820 [ 295.097699] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 295.103093] ? syscall_return_slowpath+0x5e0/0x5e0 [ 295.108059] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.112935] ? trace_hardirqs_on_caller+0x310/0x310 [ 295.117982] ? prepare_exit_to_usermode+0x291/0x3b0 [ 295.123039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.127919] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.133119] RIP: 0033:0x457569 [ 295.136325] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.155242] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 295.162964] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 295.170250] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 295.177531] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 295.184815] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 295.192097] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 295.199445] CPU: 0 PID: 9014 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 295.207611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 22:08:50 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 295.216978] Call Trace: [ 295.219585] dump_stack+0x244/0x39d [ 295.223236] ? dump_stack_print_info.cold.1+0x20/0x20 [ 295.228449] should_fail.cold.4+0xa/0x17 [ 295.232533] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 295.237687] ? kernel_text_address+0x79/0xf0 [ 295.242119] ? __kernel_text_address+0xd/0x40 [ 295.246633] ? unwind_get_return_address+0x61/0xa0 [ 295.251584] ? __save_stack_trace+0x8d/0xf0 [ 295.255932] ? find_held_lock+0x36/0x1c0 [ 295.260115] ? nfs4_xdr_dec_copy+0x988/0x9f0 [ 295.264559] ? ksys_mount+0x12d/0x140 [ 295.268376] ? perf_trace_sched_process_exec+0x860/0x860 [ 295.273856] ? find_held_lock+0x36/0x1c0 [ 295.277940] __should_failslab+0x124/0x180 [ 295.282183] should_failslab+0x9/0x14 [ 295.285976] __kmalloc_track_caller+0x2d1/0x760 [ 295.290658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.296200] ? check_preemption_disabled+0x48/0x280 [ 295.301221] ? apparmor_fs_context_parse_param+0x1d9/0x490 [ 295.306842] krealloc+0x65/0xb0 [ 295.310123] apparmor_fs_context_parse_param+0x1d9/0x490 22:08:50 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 295.315585] security_fs_context_parse_param+0x5a/0xb0 [ 295.320878] vfs_parse_fs_param+0x1ea/0x4d0 [ 295.325223] vfs_parse_fs_string+0x1d5/0x2b0 [ 295.329651] ? vfs_parse_fs_param+0x4d0/0x4d0 [ 295.329668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.329686] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.329709] do_mount+0x773/0x1ff0 [ 295.329732] ? copy_mount_string+0x40/0x40 [ 295.329750] ? retint_kernel+0x2d/0x2d [ 295.329773] ? copy_mount_options+0x228/0x430 [ 295.329791] ? write_comp_data+0x70/0x70 [ 295.365531] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.371091] ? copy_mount_options+0x315/0x430 [ 295.375612] ksys_mount+0x12d/0x140 [ 295.379260] __x64_sys_mount+0xbe/0x150 [ 295.383293] do_syscall_64+0x1b9/0x820 [ 295.387196] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 295.392597] ? syscall_return_slowpath+0x5e0/0x5e0 [ 295.397541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.402418] ? trace_hardirqs_on_caller+0x310/0x310 [ 295.407456] ? prepare_exit_to_usermode+0x291/0x3b0 [ 295.412503] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:08:50 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 295.417365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.422547] RIP: 0033:0x457569 [ 295.425730] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.444631] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 295.444647] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 295.444656] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:08:50 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 0 (fault-call:1 fault-nth:10): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 295.444664] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 295.444672] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 295.444680] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:50 executing program 1 (fault-call:2 fault-nth:10): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:50 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 295.523235] FAULT_INJECTION: forcing a failure. [ 295.523235] name failslab, interval 1, probability 0, space 0, times 0 [ 295.576505] CPU: 0 PID: 9032 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 295.584714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.594080] Call Trace: [ 295.596695] dump_stack+0x244/0x39d [ 295.600352] ? dump_stack_print_info.cold.1+0x20/0x20 [ 295.600378] ? __x64_sys_mount+0xbe/0x150 [ 295.609722] ? do_syscall_64+0x1b9/0x820 [ 295.613805] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.619197] should_fail.cold.4+0xa/0x17 [ 295.623288] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 295.628428] ? check_preemption_disabled+0x48/0x280 [ 295.633474] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.633493] ? check_preemption_disabled+0x48/0x280 [ 295.633518] ? find_held_lock+0x36/0x1c0 [ 295.648162] ? perf_trace_sched_process_exec+0x860/0x860 [ 295.653633] ? rcu_pm_notify+0xc0/0xc0 [ 295.653660] __should_failslab+0x124/0x180 [ 295.653680] should_failslab+0x9/0x14 [ 295.653702] __kmalloc_track_caller+0x2d1/0x760 [ 295.670287] ? vfs_parse_fs_string+0x1fd/0x2b0 22:08:50 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364c0", 0x0, &(0x7f0000000100)) 22:08:50 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736405", 0x0, &(0x7f0000000100)) 22:08:51 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:51 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\n', 0x0, &(0x7f0000000100)) [ 295.674887] ? legacy_parse_monolithic+0xde/0x1e0 [ 295.674910] kmemdup+0x24/0x50 [ 295.674930] legacy_parse_monolithic+0xde/0x1e0 [ 295.674948] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 295.674968] do_mount+0x803/0x1ff0 [ 295.696101] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 295.701676] ? copy_mount_string+0x40/0x40 [ 295.705937] ? copy_mount_options+0x5f/0x430 [ 295.710366] ? kmem_cache_alloc_trace+0x353/0x750 [ 295.710388] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 295.710415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.720817] ? copy_mount_options+0x315/0x430 [ 295.720840] ksys_mount+0x12d/0x140 [ 295.720860] __x64_sys_mount+0xbe/0x150 [ 295.734533] do_syscall_64+0x1b9/0x820 [ 295.734553] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 295.734578] ? syscall_return_slowpath+0x5e0/0x5e0 [ 295.747803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.747826] ? trace_hardirqs_on_caller+0x310/0x310 [ 295.747844] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 295.747860] ? prepare_exit_to_usermode+0x291/0x3b0 [ 295.747879] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 295.747904] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 295.747917] RIP: 0033:0x457569 [ 295.747933] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 295.747941] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 295.747956] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 295.747965] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 295.747974] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 295.747983] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 295.747991] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 295.749565] FAULT_INJECTION: forcing a failure. [ 295.749565] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 295.781553] CPU: 0 PID: 9043 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 22:08:51 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 295.842138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.842146] Call Trace: [ 295.842171] dump_stack+0x244/0x39d [ 295.842195] ? dump_stack_print_info.cold.1+0x20/0x20 [ 295.842222] should_fail.cold.4+0xa/0x17 [ 295.842243] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 295.881422] ? kasan_check_read+0x11/0x20 [ 295.881444] ? zap_class+0x640/0x640 [ 295.881459] ? rcu_softirq_qs+0x20/0x20 [ 295.881474] ? rcu_softirq_qs+0x20/0x20 [ 295.881488] ? unwind_dump+0x190/0x190 [ 295.881513] ? find_held_lock+0x36/0x1c0 [ 295.890415] ? perf_trace_kvm_hv_flush_tlb_ex+0x348/0x6d0 [ 295.890445] ? lock_release+0xa10/0xa10 [ 295.911408] ? perf_trace_sched_process_exec+0x860/0x860 [ 295.911429] ? save_stack+0xa9/0xd0 [ 295.911451] ? __might_sleep+0x95/0x190 [ 295.928901] __alloc_pages_nodemask+0x34b/0xdd0 [ 295.928927] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 295.929008] ? xfs_open_by_handle+0x338/0x670 [ 295.929041] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 295.942090] ? check_preemption_disabled+0x48/0x280 [ 295.942119] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 22:08:51 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 295.942137] ? rcu_pm_notify+0xc0/0xc0 [ 295.942164] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 295.965899] alloc_pages_current+0x173/0x350 [ 295.965929] get_zeroed_page+0x14/0x50 [ 295.994188] legacy_validate+0x133/0x220 [ 295.998264] ? logfc+0x770/0x770 [ 296.001702] vfs_get_tree+0x144/0x5c0 [ 296.005515] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 296.005537] do_mount+0x82a/0x1ff0 [ 296.005558] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 296.005581] ? copy_mount_string+0x40/0x40 [ 296.005604] ? copy_mount_options+0x5f/0x430 [ 296.005625] ? kmem_cache_alloc_trace+0x353/0x750 [ 296.032930] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 296.038491] ? _copy_from_user+0xdf/0x150 [ 296.042665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.048230] ? copy_mount_options+0x315/0x430 [ 296.052752] ksys_mount+0x12d/0x140 [ 296.056413] __x64_sys_mount+0xbe/0x150 [ 296.060418] do_syscall_64+0x1b9/0x820 [ 296.064328] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 296.069715] ? syscall_return_slowpath+0x5e0/0x5e0 [ 296.074678] ? trace_hardirqs_on_caller+0x310/0x310 [ 296.079725] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 296.084787] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.089658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.094865] RIP: 0033:0x457569 [ 296.098073] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 296.116989] RSP: 002b:00007fc67911fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:08:51 executing program 0 (fault-call:1 fault-nth:11): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 296.124722] RAX: ffffffffffffffda RBX: 00007fc67911fc90 RCX: 0000000000457569 [ 296.132099] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 296.139389] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 296.146691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791206d4 [ 296.153976] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:51 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:51 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f0", 0x0, &(0x7f0000000100)) 22:08:51 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 296.279101] FAULT_INJECTION: forcing a failure. [ 296.279101] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 296.305103] CPU: 0 PID: 9080 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 296.313299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.322671] Call Trace: [ 296.325288] dump_stack+0x244/0x39d [ 296.328946] ? dump_stack_print_info.cold.1+0x20/0x20 [ 296.334171] should_fail.cold.4+0xa/0x17 [ 296.338254] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 296.343375] ? kasan_check_read+0x11/0x20 [ 296.347552] ? zap_class+0x640/0x640 [ 296.351278] ? rcu_softirq_qs+0x20/0x20 [ 296.355264] ? rcu_softirq_qs+0x20/0x20 [ 296.359254] ? unwind_dump+0x190/0x190 [ 296.363173] ? find_held_lock+0x36/0x1c0 [ 296.367315] ? btrfs_async_reclaim_metadata_space+0x2b8/0x1390 [ 296.373324] ? lock_release+0xa10/0xa10 22:08:51 executing program 1 (fault-call:2 fault-nth:11): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 296.377323] ? perf_trace_sched_process_exec+0x860/0x860 [ 296.382799] ? save_stack+0xa9/0xd0 [ 296.386445] ? __might_sleep+0x95/0x190 [ 296.390443] __alloc_pages_nodemask+0x34b/0xdd0 [ 296.395134] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 296.400163] ? cache_grow_end+0xa8/0x190 [ 296.404239] ? lock_downgrade+0x900/0x900 [ 296.408417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.413978] ? check_preemption_disabled+0x48/0x280 [ 296.419024] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 296.424599] ? rcu_pm_notify+0xc0/0xc0 [ 296.428525] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 296.434450] alloc_pages_current+0x173/0x350 [ 296.438888] get_zeroed_page+0x14/0x50 [ 296.442800] legacy_validate+0x133/0x220 [ 296.446884] ? logfc+0x770/0x770 [ 296.450268] vfs_get_tree+0x144/0x5c0 [ 296.454091] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 296.458868] do_mount+0x82a/0x1ff0 [ 296.462439] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 296.468006] ? copy_mount_string+0x40/0x40 [ 296.472279] ? copy_mount_options+0x5f/0x430 [ 296.476706] ? kmem_cache_alloc_trace+0x353/0x750 [ 296.480725] FAULT_INJECTION: forcing a failure. [ 296.480725] name failslab, interval 1, probability 0, space 0, times 0 [ 296.481582] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.481601] ? copy_mount_options+0x315/0x430 [ 296.481625] ksys_mount+0x12d/0x140 [ 296.481646] __x64_sys_mount+0xbe/0x150 [ 296.481675] do_syscall_64+0x1b9/0x820 [ 296.514454] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 296.519843] ? syscall_return_slowpath+0x5e0/0x5e0 [ 296.524789] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.529656] ? trace_hardirqs_on_caller+0x310/0x310 [ 296.534693] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 296.539735] ? prepare_exit_to_usermode+0x291/0x3b0 [ 296.544780] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.549651] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.554859] RIP: 0033:0x457569 [ 296.558075] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:51 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 296.576994] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 296.584728] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 296.592013] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 296.599308] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 296.606603] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 296.613891] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 296.623868] CPU: 1 PID: 9092 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 296.632065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 296.641434] Call Trace: [ 296.644065] dump_stack+0x244/0x39d [ 296.647724] ? dump_stack_print_info.cold.1+0x20/0x20 [ 296.653414] ? should_fail+0x603/0xd01 [ 296.657331] should_fail.cold.4+0xa/0x17 [ 296.661423] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 296.666550] ? retint_kernel+0x2d/0x2d [ 296.670466] ? trace_hardirqs_on_caller+0xc0/0x310 [ 296.675419] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 296.680198] ? print_usage_bug+0xc0/0xc0 [ 296.684277] ? mark_held_locks+0x130/0x130 [ 296.688535] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 296.688556] ? find_held_lock+0x36/0x1c0 [ 296.688589] ? retint_kernel+0x2d/0x2d [ 296.697393] ? perf_trace_sched_process_exec+0x860/0x860 [ 296.707421] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 296.712197] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 296.712222] __should_failslab+0x124/0x180 [ 296.712242] should_failslab+0x9/0x14 [ 296.712263] kmem_cache_alloc_trace+0x2d7/0x750 22:08:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 296.729674] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 296.734276] ? retint_kernel+0x2d/0x2d [ 296.738180] alloc_super+0xd4/0xb40 [ 296.738206] ? destroy_unused_super.part.10+0x110/0x110 [ 296.738228] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 296.738253] ? retint_kernel+0x2d/0x2d [ 296.755902] sget_userns+0x278/0x850 [ 296.759658] ? set_anon_super+0x20/0x20 [ 296.763675] ? alloc_empty_file.cold.6+0x42/0x42 [ 296.768482] ? vfs_get_super+0x270/0x270 [ 296.772571] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 296.777179] ? retint_kernel+0x2d/0x2d [ 296.781096] ? trace_hardirqs_on_caller+0xc0/0x310 [ 296.786063] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 296.790849] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 296.796431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.801992] ? ns_capable_common+0x13f/0x170 [ 296.806438] mount_ns+0x8f/0x1d0 [ 296.809907] nfsd_mount+0xa4/0xd0 [ 296.813382] ? nfsd_mount+0xd0/0xd0 [ 296.817064] ? nfsd_umount+0x80/0x80 [ 296.820801] legacy_get_tree+0x12f/0x260 [ 296.824882] ? vfs_get_tree+0x180/0x5c0 22:08:52 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 296.828899] vfs_get_tree+0x1cb/0x5c0 [ 296.832726] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 296.837512] do_mount+0x82a/0x1ff0 [ 296.841096] ? copy_mount_string+0x40/0x40 [ 296.845355] ? retint_kernel+0x2d/0x2d [ 296.849279] ? copy_mount_options+0x239/0x430 [ 296.853794] ? copy_mount_options+0x24d/0x430 [ 296.858317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 296.863877] ? copy_mount_options+0x315/0x430 [ 296.868407] ksys_mount+0x12d/0x140 [ 296.872061] __x64_sys_mount+0xbe/0x150 [ 296.872078] ? ksys_mount+0x140/0x140 22:08:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd ', 0x0, &(0x7f0000000100)) [ 296.872099] do_syscall_64+0x1b9/0x820 [ 296.879878] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 296.879905] ? syscall_return_slowpath+0x5e0/0x5e0 [ 296.879925] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.898940] ? trace_hardirqs_on_caller+0x310/0x310 [ 296.903981] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 296.909012] ? prepare_exit_to_usermode+0x291/0x3b0 [ 296.909043] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 296.909068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 296.909085] RIP: 0033:0x457569 [ 296.927328] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 296.946435] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 296.954165] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 296.961449] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 296.968739] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:52 executing program 0 (fault-call:1 fault-nth:12): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 296.976027] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 296.983316] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:52 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:52 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 297.067932] FAULT_INJECTION: forcing a failure. [ 297.067932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 297.126364] CPU: 0 PID: 9124 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 297.134596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.143994] Call Trace: [ 297.146621] dump_stack+0x244/0x39d [ 297.150283] ? dump_stack_print_info.cold.1+0x20/0x20 [ 297.155516] should_fail.cold.4+0xa/0x17 [ 297.159601] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 297.164721] ? kasan_check_read+0x11/0x20 [ 297.168900] ? zap_class+0x640/0x640 [ 297.172623] ? rcu_softirq_qs+0x20/0x20 22:08:52 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:52 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 297.176610] ? rcu_softirq_qs+0x20/0x20 [ 297.180600] ? unwind_dump+0x190/0x190 [ 297.184517] ? find_held_lock+0x36/0x1c0 [ 297.188663] ? rawv6_sendmsg+0x2ab8/0x4850 [ 297.192934] ? lock_release+0xa10/0xa10 [ 297.196925] ? perf_trace_sched_process_exec+0x860/0x860 [ 297.202403] ? save_stack+0xa9/0xd0 [ 297.206064] ? __might_sleep+0x95/0x190 [ 297.210069] __alloc_pages_nodemask+0x34b/0xdd0 [ 297.214760] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 297.219791] ? cache_grow_end+0xa8/0x190 [ 297.223858] ? lock_downgrade+0x900/0x900 [ 297.228015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 297.233573] ? check_preemption_disabled+0x48/0x280 [ 297.238612] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 297.244154] ? rcu_pm_notify+0xc0/0xc0 [ 297.248052] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 297.253607] alloc_pages_current+0x173/0x350 [ 297.258045] get_zeroed_page+0x14/0x50 [ 297.261949] legacy_validate+0x133/0x220 [ 297.266024] ? logfc+0x770/0x770 [ 297.269415] vfs_get_tree+0x144/0x5c0 [ 297.273222] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 297.277971] do_mount+0x82a/0x1ff0 [ 297.281520] ? copy_mount_string+0x40/0x40 [ 297.285748] ? retint_kernel+0x2d/0x2d [ 297.289636] ? copy_mount_options+0x239/0x430 [ 297.294117] ? copy_mount_options+0x24d/0x430 [ 297.298601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 297.304130] ? copy_mount_options+0x315/0x430 [ 297.308619] ksys_mount+0x12d/0x140 [ 297.312235] __x64_sys_mount+0xbe/0x150 [ 297.316203] do_syscall_64+0x1b9/0x820 [ 297.320094] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 297.325452] ? syscall_return_slowpath+0x5e0/0x5e0 [ 297.330376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.335212] ? trace_hardirqs_on_caller+0x310/0x310 [ 297.340219] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 297.345242] ? prepare_exit_to_usermode+0x291/0x3b0 [ 297.350252] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.355103] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 297.360286] RIP: 0033:0x457569 22:08:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:08:52 executing program 1 (fault-call:2 fault-nth:12): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:52 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(0x0, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 297.363465] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 297.382365] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 297.390071] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 297.397338] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 297.404623] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 297.411884] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 297.419162] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:52 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:08:52 executing program 0 (fault-call:1 fault-nth:13): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:52 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:52 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 297.610299] FAULT_INJECTION: forcing a failure. [ 297.610299] name fail_page_alloc, interval 1, probability 0, space 0, times 0 22:08:53 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 297.700102] FAULT_INJECTION: forcing a failure. [ 297.700102] name failslab, interval 1, probability 0, space 0, times 0 [ 297.716511] CPU: 0 PID: 9149 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 297.724697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 297.734076] Call Trace: [ 297.736704] dump_stack+0x244/0x39d [ 297.740377] ? dump_stack_print_info.cold.1+0x20/0x20 [ 297.745699] should_fail.cold.4+0xa/0x17 [ 297.749793] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 297.754922] ? kasan_check_read+0x11/0x20 [ 297.759109] ? zap_class+0x640/0x640 [ 297.762848] ? rcu_softirq_qs+0x20/0x20 [ 297.766849] ? rcu_softirq_qs+0x20/0x20 [ 297.770845] ? unwind_dump+0x190/0x190 [ 297.774765] ? find_held_lock+0x36/0x1c0 [ 297.778864] ? lock_release+0xa10/0xa10 [ 297.782855] ? perf_trace_sched_process_exec+0x860/0x860 [ 297.788332] ? save_stack+0xa9/0xd0 [ 297.791989] ? __might_sleep+0x95/0x190 [ 297.795984] __alloc_pages_nodemask+0x34b/0xdd0 22:08:53 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364c0", 0x0, &(0x7f0000000100)) [ 297.800681] ? retint_kernel+0x2d/0x2d [ 297.804589] ? trace_hardirqs_on_caller+0xc0/0x310 [ 297.809542] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 297.814578] ? cache_grow_end+0xa8/0x190 [ 297.818667] ? lock_downgrade+0x900/0x900 [ 297.822840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 297.828407] ? check_preemption_disabled+0x48/0x280 [ 297.833452] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 297.839013] ? rcu_pm_notify+0xc0/0xc0 [ 297.842946] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 297.848520] alloc_pages_current+0x173/0x350 [ 297.852969] get_zeroed_page+0x14/0x50 [ 297.856880] legacy_validate+0x133/0x220 [ 297.860953] ? logfc+0x770/0x770 [ 297.864338] vfs_get_tree+0x144/0x5c0 [ 297.868155] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 297.872930] do_mount+0x82a/0x1ff0 [ 297.876492] ? copy_mount_string+0x40/0x40 [ 297.880751] ? retint_kernel+0x2d/0x2d [ 297.884675] ? copy_mount_options+0x239/0x430 [ 297.889186] ? copy_mount_options+0x24d/0x430 [ 297.893698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 22:08:53 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 297.899255] ? copy_mount_options+0x315/0x430 [ 297.903775] ksys_mount+0x12d/0x140 [ 297.907429] __x64_sys_mount+0xbe/0x150 [ 297.911445] do_syscall_64+0x1b9/0x820 [ 297.915354] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 297.920736] ? syscall_return_slowpath+0x5e0/0x5e0 [ 297.925684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.930549] ? trace_hardirqs_on_caller+0x310/0x310 [ 297.935595] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 297.940641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 297.946199] ? prepare_exit_to_usermode+0x291/0x3b0 [ 297.951246] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 297.956121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 297.961327] RIP: 0033:0x457569 [ 297.964541] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 297.983463] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 297.991196] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 297.998479] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 298.005792] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 298.013079] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 298.020368] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 [ 298.029060] CPU: 1 PID: 9161 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 298.037231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.037237] Call Trace: [ 298.037263] dump_stack+0x244/0x39d [ 298.037285] ? dump_stack_print_info.cold.1+0x20/0x20 [ 298.037307] ? print_usage_bug+0xc0/0xc0 [ 298.052872] should_fail.cold.4+0xa/0x17 [ 298.066204] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.071347] ? mark_held_locks+0x130/0x130 [ 298.075601] ? find_held_lock+0x36/0x1c0 [ 298.079680] ? find_held_lock+0x36/0x1c0 [ 298.083843] ? perf_trace_xen_mc_callback+0x4c8/0x640 [ 298.089072] ? perf_trace_sched_process_exec+0x860/0x860 [ 298.094553] ? find_held_lock+0x36/0x1c0 22:08:53 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:08:53 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 298.098672] __should_failslab+0x124/0x180 [ 298.102928] should_failslab+0x9/0x14 [ 298.106751] kmem_cache_alloc_trace+0x2d7/0x750 [ 298.111442] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.116565] ? kasan_check_read+0x11/0x20 [ 298.120740] alloc_super+0xd4/0xb40 [ 298.124396] ? destroy_unused_super.part.10+0x110/0x110 [ 298.129782] ? sget_userns+0x17c/0x850 [ 298.133685] ? lock_downgrade+0x900/0x900 [ 298.137853] ? kasan_check_read+0x11/0x20 [ 298.142019] ? do_raw_spin_unlock+0xa7/0x330 [ 298.146457] ? do_raw_spin_trylock+0x270/0x270 22:08:53 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, 0x0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 298.151067] ? security_capable+0x99/0xc0 [ 298.155263] sget_userns+0x278/0x850 [ 298.158986] ? set_anon_super+0x20/0x20 [ 298.162954] ? alloc_empty_file.cold.6+0x42/0x42 [ 298.167712] ? vfs_get_super+0x270/0x270 [ 298.171773] ? rcu_read_lock_sched_held+0x14f/0x180 [ 298.176794] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 298.181666] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 298.187243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.187262] ? ns_capable_common+0x13f/0x170 [ 298.187281] mount_ns+0x8f/0x1d0 [ 298.197230] nfsd_mount+0xa4/0xd0 [ 298.197243] ? nfsd_mount+0xd0/0xd0 [ 298.197256] ? nfsd_umount+0x80/0x80 [ 298.197273] legacy_get_tree+0x12f/0x260 [ 298.197291] ? security_fs_context_validate+0x80/0xa0 [ 298.197313] vfs_get_tree+0x1cb/0x5c0 [ 298.224461] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 298.229243] do_mount+0x82a/0x1ff0 [ 298.232811] ? copy_mount_string+0x40/0x40 [ 298.237082] ? retint_kernel+0x2d/0x2d [ 298.241003] ? copy_mount_options+0x1e3/0x430 [ 298.245528] ? copy_mount_options+0x1e8/0x430 [ 298.250053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.255614] ? copy_mount_options+0x315/0x430 [ 298.260135] ksys_mount+0x12d/0x140 [ 298.263786] __x64_sys_mount+0xbe/0x150 [ 298.267785] do_syscall_64+0x1b9/0x820 [ 298.271689] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 298.277069] ? syscall_return_slowpath+0x5e0/0x5e0 [ 298.282013] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.286868] ? trace_hardirqs_on_caller+0x310/0x310 [ 298.291921] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 298.296959] ? prepare_exit_to_usermode+0x291/0x3b0 [ 298.302003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.306903] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.312109] RIP: 0033:0x457569 [ 298.315323] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.334414] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 298.342145] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:08:53 executing program 1 (fault-call:2 fault-nth:13): perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:53 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:53 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 298.349445] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 298.356723] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 298.364002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 298.371272] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:53 executing program 0 (fault-call:1 fault-nth:14): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:53 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673647f", 0x0, &(0x7f0000000100)) [ 298.576900] FAULT_INJECTION: forcing a failure. [ 298.576900] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 298.581741] FAULT_INJECTION: forcing a failure. [ 298.581741] name failslab, interval 1, probability 0, space 0, times 0 [ 298.588761] CPU: 0 PID: 9216 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 298.588772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.588777] Call Trace: [ 298.588805] dump_stack+0x244/0x39d [ 298.588829] ? dump_stack_print_info.cold.1+0x20/0x20 [ 298.588851] ? __lock_is_held+0xb5/0x140 [ 298.588878] should_fail.cold.4+0xa/0x17 [ 298.588901] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.588938] ? mark_held_locks+0x130/0x130 [ 298.588965] ? print_usage_bug+0xc0/0xc0 [ 298.588983] ? __lock_acquire+0x62f/0x4c20 [ 298.589016] ? print_usage_bug+0xc0/0xc0 [ 298.589042] ? mark_held_locks+0x130/0x130 [ 298.589068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.589084] ? should_fail+0x22d/0xd01 [ 298.589103] ? __lock_acquire+0x62f/0x4c20 [ 298.589122] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 298.589149] __alloc_pages_nodemask+0x34b/0xdd0 [ 298.589174] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 298.589201] ? find_held_lock+0x36/0x1c0 [ 298.589247] ? trace_hardirqs_off+0xb8/0x310 [ 298.589271] cache_grow_begin+0xa5/0x8c0 [ 298.589301] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 298.711625] ? check_preemption_disabled+0x48/0x280 [ 298.716670] kmem_cache_alloc_trace+0x684/0x750 [ 298.721366] ? kasan_check_read+0x11/0x20 [ 298.725549] alloc_super+0xd4/0xb40 [ 298.729204] ? destroy_unused_super.part.10+0x110/0x110 [ 298.734581] ? sget_userns+0x17c/0x850 [ 298.738491] ? lock_downgrade+0x900/0x900 [ 298.742667] ? kasan_check_read+0x11/0x20 [ 298.746837] ? do_raw_spin_unlock+0xa7/0x330 [ 298.751263] ? do_raw_spin_trylock+0x270/0x270 [ 298.755881] ? security_capable+0x99/0xc0 [ 298.760067] sget_userns+0x278/0x850 [ 298.763794] ? set_anon_super+0x20/0x20 [ 298.767799] ? alloc_empty_file.cold.6+0x42/0x42 [ 298.772566] ? vfs_get_super+0x270/0x270 [ 298.776643] ? rcu_read_lock_sched_held+0x14f/0x180 [ 298.781685] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 298.786554] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 298.792137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.797694] ? ns_capable_common+0x13f/0x170 [ 298.802125] mount_ns+0x8f/0x1d0 [ 298.805514] nfsd_mount+0xa4/0xd0 [ 298.808979] ? nfsd_mount+0xd0/0xd0 [ 298.812620] ? nfsd_umount+0x80/0x80 [ 298.816351] legacy_get_tree+0x12f/0x260 [ 298.820436] ? security_fs_context_validate+0x80/0xa0 [ 298.825652] vfs_get_tree+0x1cb/0x5c0 [ 298.829472] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 298.834248] do_mount+0x82a/0x1ff0 [ 298.837817] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 298.843384] ? copy_mount_string+0x40/0x40 [ 298.847654] ? copy_mount_options+0x5f/0x430 [ 298.852085] ? kmem_cache_alloc_trace+0x353/0x750 [ 298.856947] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 298.862515] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 298.868078] ? copy_mount_options+0x315/0x430 [ 298.872599] ksys_mount+0x12d/0x140 [ 298.876245] __x64_sys_mount+0xbe/0x150 [ 298.880241] do_syscall_64+0x1b9/0x820 [ 298.884149] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 298.889543] ? syscall_return_slowpath+0x5e0/0x5e0 [ 298.895278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.900148] ? trace_hardirqs_on_caller+0x310/0x310 [ 298.905197] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 298.910245] ? prepare_exit_to_usermode+0x291/0x3b0 [ 298.915295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 298.920176] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 298.925377] RIP: 0033:0x457569 [ 298.928586] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 298.947504] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 298.955233] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 298.962523] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 298.969815] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736411", 0x0, &(0x7f0000000100)) 22:08:54 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 298.977105] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 298.984401] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 298.991727] CPU: 1 PID: 9209 Comm: syz-executor1 Not tainted 4.19.0-next-20181029+ #100 [ 298.999901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.999914] Call Trace: [ 299.011875] dump_stack+0x244/0x39d [ 299.015532] ? dump_stack_print_info.cold.1+0x20/0x20 [ 299.020746] ? print_usage_bug+0xc0/0xc0 [ 299.024832] should_fail.cold.4+0xa/0x17 [ 299.028922] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 299.034057] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 299.038843] ? mark_held_locks+0x130/0x130 [ 299.038863] ? find_held_lock+0x36/0x1c0 [ 299.038885] ? find_held_lock+0x36/0x1c0 [ 299.038926] ? perf_trace_sched_process_exec+0x860/0x860 [ 299.056695] ? find_held_lock+0x36/0x1c0 [ 299.060786] __should_failslab+0x124/0x180 [ 299.065052] should_failslab+0x9/0x14 [ 299.068869] kmem_cache_alloc_trace+0x2d7/0x750 [ 299.073576] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 299.078699] ? kasan_check_read+0x11/0x20 [ 299.082873] alloc_super+0xd4/0xb40 [ 299.086535] ? destroy_unused_super.part.10+0x110/0x110 [ 299.091916] ? sget_userns+0x17c/0x850 [ 299.095820] ? lock_downgrade+0x900/0x900 [ 299.099997] ? kasan_check_read+0x11/0x20 [ 299.104167] ? do_raw_spin_unlock+0xa7/0x330 [ 299.108591] ? do_raw_spin_trylock+0x270/0x270 [ 299.113197] ? security_capable+0x99/0xc0 [ 299.117369] sget_userns+0x278/0x850 [ 299.121099] ? set_anon_super+0x20/0x20 22:08:54 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(0x0, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:54 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.125086] ? alloc_empty_file.cold.6+0x42/0x42 [ 299.129856] ? vfs_get_super+0x270/0x270 [ 299.133950] ? rcu_read_lock_sched_held+0x14f/0x180 [ 299.138986] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 299.143854] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 299.149436] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.154989] ? ns_capable_common+0x13f/0x170 [ 299.155011] mount_ns+0x8f/0x1d0 [ 299.155044] nfsd_mount+0xa4/0xd0 [ 299.155061] ? nfsd_mount+0xd0/0xd0 [ 299.166295] ? nfsd_umount+0x80/0x80 [ 299.166314] legacy_get_tree+0x12f/0x260 [ 299.166334] ? security_fs_context_validate+0x80/0xa0 [ 299.166354] vfs_get_tree+0x1cb/0x5c0 [ 299.186728] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 299.191508] do_mount+0x82a/0x1ff0 [ 299.195082] ? copy_mount_string+0x40/0x40 [ 299.199341] ? retint_kernel+0x2d/0x2d [ 299.203250] ? copy_mount_options+0x239/0x430 [ 299.207756] ? copy_mount_options+0x249/0x430 [ 299.207775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.207791] ? copy_mount_options+0x315/0x430 [ 299.207814] ksys_mount+0x12d/0x140 [ 299.207835] __x64_sys_mount+0xbe/0x150 [ 299.207856] do_syscall_64+0x1b9/0x820 [ 299.225998] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 299.226020] ? syscall_return_slowpath+0x5e0/0x5e0 [ 299.226046] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.226068] ? trace_hardirqs_on_caller+0x310/0x310 [ 299.254089] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 299.259135] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.264715] ? prepare_exit_to_usermode+0x291/0x3b0 [ 299.269761] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.274631] entry_SYSCALL_64_after_hwframe+0x49/0xbe 22:08:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.279838] RIP: 0033:0x457569 [ 299.283051] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.301970] RSP: 002b:00007fc679140c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 299.309701] RAX: ffffffffffffffda RBX: 00007fc679140c90 RCX: 0000000000457569 [ 299.316985] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:08:54 executing program 0 (fault-call:1 fault-nth:15): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:54 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.316996] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 299.317003] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6791416d4 [ 299.317012] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000004 22:08:54 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736406", 0x0, &(0x7f0000000100)) 22:08:54 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:54 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.478300] FAULT_INJECTION: forcing a failure. [ 299.478300] name failslab, interval 1, probability 0, space 0, times 0 [ 299.546670] CPU: 1 PID: 9248 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 299.554865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 299.564238] Call Trace: [ 299.566848] dump_stack+0x244/0x39d [ 299.570856] ? dump_stack_print_info.cold.1+0x20/0x20 [ 299.576085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.581657] should_fail.cold.4+0xa/0x17 [ 299.585736] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 299.590871] ? zap_class+0x640/0x640 22:08:54 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.594612] ? find_held_lock+0x36/0x1c0 [ 299.598691] ? __lock_is_held+0xb5/0x140 [ 299.602778] ? __lockdep_init_map+0x105/0x590 [ 299.607288] ? perf_trace_sched_process_exec+0x860/0x860 [ 299.612760] ? lockdep_init_map+0x9/0x10 [ 299.616853] __should_failslab+0x124/0x180 [ 299.621118] should_failslab+0x9/0x14 [ 299.624942] __kmalloc+0x2e0/0x760 [ 299.628498] ? __init_waitqueue_head+0x9e/0x150 [ 299.633194] ? init_wait_entry+0x1c0/0x1c0 [ 299.637447] ? prealloc_shrinker+0x172/0x340 [ 299.641880] prealloc_shrinker+0x172/0x340 22:08:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n.sd\x00', 0x0, &(0x7f0000000100)) 22:08:55 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) [ 299.646144] alloc_super+0x8db/0xb40 [ 299.649880] ? destroy_unused_super.part.10+0x110/0x110 [ 299.655260] ? sget_userns+0x17c/0x850 [ 299.659163] ? lock_downgrade+0x900/0x900 [ 299.663327] ? kasan_check_read+0x11/0x20 [ 299.667490] ? do_raw_spin_trylock+0x270/0x270 [ 299.672086] ? security_capable+0x99/0xc0 [ 299.676256] sget_userns+0x278/0x850 [ 299.679982] ? set_anon_super+0x20/0x20 [ 299.684408] ? alloc_empty_file.cold.6+0x42/0x42 [ 299.689173] ? vfs_get_super+0x270/0x270 22:08:55 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.693250] ? rcu_read_lock_sched_held+0x14f/0x180 [ 299.698285] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 299.703149] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 299.708729] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.714281] ? ns_capable_common+0x13f/0x170 [ 299.718709] mount_ns+0x8f/0x1d0 [ 299.722098] nfsd_mount+0xa4/0xd0 [ 299.725560] ? nfsd_mount+0xd0/0xd0 [ 299.729201] ? nfsd_umount+0x80/0x80 [ 299.732938] legacy_get_tree+0x12f/0x260 [ 299.737015] ? security_fs_context_validate+0x80/0xa0 [ 299.742235] vfs_get_tree+0x1cb/0x5c0 22:08:55 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, 0x0, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:08:55 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.746058] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 299.750831] do_mount+0x82a/0x1ff0 [ 299.754389] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 299.759966] ? copy_mount_string+0x40/0x40 [ 299.764228] ? copy_mount_options+0x5f/0x430 [ 299.768650] ? kmem_cache_alloc_trace+0x353/0x750 [ 299.773508] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 299.779075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 299.784633] ? copy_mount_options+0x315/0x430 [ 299.789160] ksys_mount+0x12d/0x140 [ 299.792809] __x64_sys_mount+0xbe/0x150 [ 299.796805] do_syscall_64+0x1b9/0x820 [ 299.800712] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 299.806100] ? syscall_return_slowpath+0x5e0/0x5e0 [ 299.811057] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.815923] ? trace_hardirqs_on_caller+0x310/0x310 [ 299.820968] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 299.826006] ? prepare_exit_to_usermode+0x291/0x3b0 [ 299.831071] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 299.835941] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 299.841140] RIP: 0033:0x457569 [ 299.844342] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 299.863255] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 299.863278] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 299.863286] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 299.863295] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:55 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 22:08:55 executing program 0 (fault-call:1 fault-nth:16): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 299.863303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 299.863311] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 299.930542] FAULT_INJECTION: forcing a failure. [ 299.930542] name failslab, interval 1, probability 0, space 0, times 0 22:08:55 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736411", 0x0, &(0x7f0000000100)) [ 299.996282] CPU: 1 PID: 9274 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 300.004482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.013855] Call Trace: [ 300.016475] dump_stack+0x244/0x39d [ 300.020139] ? dump_stack_print_info.cold.1+0x20/0x20 [ 300.025359] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 300.030930] should_fail.cold.4+0xa/0x17 [ 300.035021] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 300.040198] ? radix_tree_tag_set+0x3d0/0x3d0 [ 300.044737] ? zap_class+0x640/0x640 [ 300.048476] ? zap_class+0x640/0x640 [ 300.052213] ? radix_tree_iter_tag_clear+0x90/0x90 [ 300.057179] ? find_held_lock+0x36/0x1c0 [ 300.061272] ? __lock_is_held+0xb5/0x140 [ 300.065369] ? perf_trace_sched_process_exec+0x860/0x860 [ 300.070844] ? perf_trace_sched_process_exec+0x860/0x860 [ 300.076327] __should_failslab+0x124/0x180 [ 300.080584] should_failslab+0x9/0x14 [ 300.084399] __kmalloc+0x2e0/0x760 [ 300.087965] ? __list_lru_init+0x151/0x840 [ 300.092228] __list_lru_init+0x151/0x840 [ 300.096316] ? list_lru_destroy+0x500/0x500 [ 300.100661] ? up_write+0x7b/0x220 [ 300.104222] ? down_write_nested+0x130/0x130 [ 300.108647] ? down_read+0x120/0x120 [ 300.112387] ? init_wait_entry+0x1c0/0x1c0 [ 300.116638] ? prealloc_shrinker+0x172/0x340 [ 300.121087] alloc_super+0x907/0xb40 [ 300.124828] ? destroy_unused_super.part.10+0x110/0x110 [ 300.130216] ? sget_userns+0x17c/0x850 [ 300.134139] ? lock_downgrade+0x900/0x900 [ 300.138325] ? kasan_check_read+0x11/0x20 [ 300.142492] ? do_raw_spin_trylock+0x270/0x270 22:08:55 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 300.147086] ? security_capable+0x99/0xc0 [ 300.151255] sget_userns+0x278/0x850 [ 300.154982] ? set_anon_super+0x20/0x20 [ 300.158995] ? alloc_empty_file.cold.6+0x42/0x42 [ 300.163778] ? vfs_get_super+0x270/0x270 [ 300.167863] ? rcu_read_lock_sched_held+0x14f/0x180 [ 300.172911] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 300.177773] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 300.183356] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.188918] ? ns_capable_common+0x13f/0x170 [ 300.193353] mount_ns+0x8f/0x1d0 [ 300.196745] nfsd_mount+0xa4/0xd0 [ 300.200215] ? nfsd_mount+0xd0/0xd0 [ 300.203864] ? nfsd_umount+0x80/0x80 [ 300.207606] legacy_get_tree+0x12f/0x260 [ 300.211681] ? security_fs_context_validate+0x80/0xa0 [ 300.216890] vfs_get_tree+0x1cb/0x5c0 [ 300.220718] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 300.225490] do_mount+0x82a/0x1ff0 [ 300.229063] ? copy_mount_string+0x40/0x40 [ 300.233317] ? retint_kernel+0x2d/0x2d [ 300.237224] ? copy_mount_options+0x1e3/0x430 [ 300.241732] ? __sanitizer_cov_trace_pc+0x48/0x50 22:08:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='n/sd\x00', 0x0, &(0x7f0000000100)) [ 300.246591] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.252158] ? copy_mount_options+0x315/0x430 [ 300.256683] ksys_mount+0x12d/0x140 [ 300.260331] __x64_sys_mount+0xbe/0x150 [ 300.264321] do_syscall_64+0x1b9/0x820 [ 300.268221] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 300.273605] ? syscall_return_slowpath+0x5e0/0x5e0 [ 300.278554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.283420] ? trace_hardirqs_on_caller+0x310/0x310 [ 300.288455] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 300.293499] ? prepare_exit_to_usermode+0x291/0x3b0 [ 300.298542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.303412] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.308618] RIP: 0033:0x457569 [ 300.311827] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.330744] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 300.338470] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:08:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66731100", 0x0, &(0x7f0000000100)) 22:08:55 executing program 0 (fault-call:1 fault-nth:17): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 300.345757] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 300.353055] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 300.360337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 300.367642] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:55 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:55 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:55 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 300.555574] FAULT_INJECTION: forcing a failure. [ 300.555574] name failslab, interval 1, probability 0, space 0, times 0 [ 300.591999] CPU: 1 PID: 9324 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 22:08:55 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 300.600204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 300.600275] Call Trace: [ 300.600307] dump_stack+0x244/0x39d [ 300.615976] ? dump_stack_print_info.cold.1+0x20/0x20 [ 300.621208] should_fail.cold.4+0xa/0x17 [ 300.625295] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 300.630438] ? zap_class+0x640/0x640 [ 300.634173] ? save_stack+0xa9/0xd0 [ 300.637824] ? save_stack+0x43/0xd0 [ 300.641464] ? kasan_kmalloc+0xc7/0xe0 [ 300.641479] ? __kmalloc+0x15b/0x760 [ 300.641503] ? find_held_lock+0x36/0x1c0 [ 300.641525] ? __lock_is_held+0xb5/0x140 [ 300.641562] ? perf_trace_sched_process_exec+0x860/0x860 [ 300.663177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.668740] ? check_preemption_disabled+0x48/0x280 [ 300.673796] __should_failslab+0x124/0x180 [ 300.678079] should_failslab+0x9/0x14 [ 300.681914] kmem_cache_alloc_node_trace+0x270/0x740 [ 300.687061] __kmalloc_node+0x3c/0x70 [ 300.690915] kvmalloc_node+0x65/0xf0 [ 300.694658] __list_lru_init+0x5d9/0x840 [ 300.698739] ? list_lru_destroy+0x500/0x500 [ 300.703084] ? up_write+0x7b/0x220 [ 300.706648] ? down_write_nested+0x130/0x130 [ 300.711071] ? down_read+0x120/0x120 [ 300.714807] ? init_wait_entry+0x1c0/0x1c0 [ 300.719067] ? prealloc_shrinker+0x172/0x340 [ 300.723504] alloc_super+0x907/0xb40 [ 300.727239] ? destroy_unused_super.part.10+0x110/0x110 [ 300.732615] ? sget_userns+0x17c/0x850 [ 300.736522] ? lock_downgrade+0x900/0x900 [ 300.740678] ? kasan_check_read+0x11/0x20 [ 300.744831] ? do_raw_spin_trylock+0x270/0x270 [ 300.749433] ? security_capable+0x99/0xc0 [ 300.753599] sget_userns+0x278/0x850 [ 300.757316] ? set_anon_super+0x20/0x20 [ 300.761300] ? alloc_empty_file.cold.6+0x42/0x42 [ 300.766056] ? vfs_get_super+0x270/0x270 [ 300.770124] ? rcu_read_lock_sched_held+0x14f/0x180 [ 300.775143] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 300.780010] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 300.785601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.791149] ? ns_capable_common+0x13f/0x170 [ 300.795552] mount_ns+0x8f/0x1d0 [ 300.798917] nfsd_mount+0xa4/0xd0 [ 300.802364] ? nfsd_mount+0xd0/0xd0 [ 300.805990] ? nfsd_umount+0x80/0x80 [ 300.809701] legacy_get_tree+0x12f/0x260 [ 300.813756] ? security_fs_context_validate+0x80/0xa0 [ 300.818942] vfs_get_tree+0x1cb/0x5c0 [ 300.822741] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 300.827489] do_mount+0x82a/0x1ff0 [ 300.831046] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 300.836614] ? copy_mount_string+0x40/0x40 [ 300.840858] ? copy_mount_options+0x5f/0x430 [ 300.845264] ? kmem_cache_alloc_trace+0x353/0x750 [ 300.850119] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 300.855676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 300.861211] ? copy_mount_options+0x315/0x430 [ 300.865707] ksys_mount+0x12d/0x140 [ 300.869333] __x64_sys_mount+0xbe/0x150 [ 300.873309] do_syscall_64+0x1b9/0x820 [ 300.877206] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 300.882581] ? syscall_return_slowpath+0x5e0/0x5e0 [ 300.887504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.892355] ? trace_hardirqs_on_caller+0x310/0x310 [ 300.897390] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 300.902422] ? prepare_exit_to_usermode+0x291/0x3b0 [ 300.907455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 300.912322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 300.917527] RIP: 0033:0x457569 [ 300.920712] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 300.939607] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 300.947323] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:08:56 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 22:08:56 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736410", 0x0, &(0x7f0000000100)) [ 300.954639] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 300.961920] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 300.969201] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 300.976477] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:56 executing program 0 (fault-call:1 fault-nth:18): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:08:56 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364c0", 0x0, &(0x7f0000000100)) [ 301.180379] FAULT_INJECTION: forcing a failure. [ 301.180379] name failslab, interval 1, probability 0, space 0, times 0 22:08:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:56 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 301.326838] CPU: 0 PID: 9356 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 301.335050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.344431] Call Trace: [ 301.347066] dump_stack+0x244/0x39d [ 301.350721] ? dump_stack_print_info.cold.1+0x20/0x20 [ 301.355934] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 301.361244] should_fail.cold.4+0xa/0x17 [ 301.365338] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 301.370469] ? kernel_text_address+0x79/0xf0 22:08:56 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 301.374908] ? unwind_get_return_address+0x61/0xa0 [ 301.379869] ? __save_stack_trace+0x8d/0xf0 [ 301.384214] ? zap_class+0x640/0x640 [ 301.387964] ? find_held_lock+0x36/0x1c0 [ 301.392061] ? __lock_is_held+0xb5/0x140 [ 301.396153] ? perf_trace_sched_process_exec+0x860/0x860 [ 301.401627] ? check_preemption_disabled+0x48/0x280 [ 301.406679] __should_failslab+0x124/0x180 [ 301.410960] should_failslab+0x9/0x14 [ 301.414778] kmem_cache_alloc_trace+0x2d7/0x750 [ 301.419460] ? __kmalloc_node+0x3c/0x70 [ 301.419474] ? __kmalloc_node+0x3c/0x70 [ 301.419492] ? rcu_read_lock_sched_held+0x14f/0x180 [ 301.419512] __memcg_init_list_lru_node+0x185/0x2d0 [ 301.419529] ? kvfree_rcu+0x20/0x20 [ 301.419543] ? __kmalloc_node+0x50/0x70 [ 301.419568] __list_lru_init+0x4d6/0x840 [ 301.449179] ? list_lru_destroy+0x500/0x500 [ 301.453496] ? up_write+0x7b/0x220 [ 301.457058] ? down_write_nested+0x130/0x130 [ 301.461458] ? down_read+0x120/0x120 [ 301.465168] ? init_wait_entry+0x1c0/0x1c0 [ 301.469399] ? prealloc_shrinker+0x172/0x340 [ 301.473810] alloc_super+0x907/0xb40 [ 301.477519] ? destroy_unused_super.part.10+0x110/0x110 [ 301.482879] ? sget_userns+0x17c/0x850 [ 301.486770] ? lock_downgrade+0x900/0x900 [ 301.490925] ? kasan_check_read+0x11/0x20 [ 301.495073] ? do_raw_spin_trylock+0x270/0x270 [ 301.499651] ? security_capable+0x99/0xc0 [ 301.503799] sget_userns+0x278/0x850 [ 301.507526] ? set_anon_super+0x20/0x20 [ 301.511510] ? alloc_empty_file.cold.6+0x42/0x42 [ 301.516259] ? vfs_get_super+0x270/0x270 [ 301.520314] ? rcu_read_lock_sched_held+0x14f/0x180 [ 301.525325] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 301.530178] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 301.535754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 301.541310] ? ns_capable_common+0x13f/0x170 [ 301.545734] mount_ns+0x8f/0x1d0 [ 301.549099] nfsd_mount+0xa4/0xd0 [ 301.552548] ? nfsd_mount+0xd0/0xd0 [ 301.556182] ? nfsd_umount+0x80/0x80 [ 301.559902] legacy_get_tree+0x12f/0x260 [ 301.563964] ? security_fs_context_validate+0x80/0xa0 [ 301.569166] vfs_get_tree+0x1cb/0x5c0 [ 301.572966] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 301.577735] do_mount+0x82a/0x1ff0 [ 301.581270] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 301.586810] ? copy_mount_string+0x40/0x40 [ 301.591050] ? copy_mount_options+0x5f/0x430 [ 301.595468] ? kmem_cache_alloc_trace+0x353/0x750 [ 301.600310] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 301.605879] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 301.611447] ? copy_mount_options+0x315/0x430 [ 301.615970] ksys_mount+0x12d/0x140 [ 301.619611] __x64_sys_mount+0xbe/0x150 [ 301.623583] do_syscall_64+0x1b9/0x820 [ 301.627463] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 301.632824] ? syscall_return_slowpath+0x5e0/0x5e0 [ 301.637786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 301.642628] ? trace_hardirqs_on_caller+0x310/0x310 [ 301.647665] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 301.652680] ? prepare_exit_to_usermode+0x291/0x3b0 [ 301.657700] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 301.662545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 301.667757] RIP: 0033:0x457569 [ 301.670980] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 301.689876] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 301.697582] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 301.704849] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 301.712115] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 301.719379] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 301.726648] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:57 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 22:08:57 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f9", 0x0, &(0x7f0000000100)) 22:08:57 executing program 0 (fault-call:1 fault-nth:19): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:57 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673648c", 0x0, &(0x7f0000000100)) 22:08:57 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364fe", 0x0, &(0x7f0000000100)) 22:08:57 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 301.903852] FAULT_INJECTION: forcing a failure. [ 301.903852] name failslab, interval 1, probability 0, space 0, times 0 [ 301.965439] CPU: 0 PID: 9395 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 301.973626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.982995] Call Trace: [ 301.985623] dump_stack+0x244/0x39d [ 301.989281] ? dump_stack_print_info.cold.1+0x20/0x20 [ 301.994491] ? __kernel_text_address+0xd/0x40 [ 301.999002] ? unwind_get_return_address+0x61/0xa0 [ 302.003945] should_fail.cold.4+0xa/0x17 [ 302.008023] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:08:57 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 302.013165] ? save_stack+0x43/0xd0 [ 302.016806] ? kasan_kmalloc+0xc7/0xe0 [ 302.020732] ? kmem_cache_alloc_trace+0x152/0x750 [ 302.025599] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 302.025612] ? __list_lru_init+0x4d6/0x840 [ 302.025630] ? zap_class+0x640/0x640 [ 302.025650] ? nfsd_mount+0xa4/0xd0 [ 302.035077] ? legacy_get_tree+0x12f/0x260 [ 302.035093] ? vfs_get_tree+0x1cb/0x5c0 [ 302.035109] ? do_mount+0x82a/0x1ff0 [ 302.035123] ? ksys_mount+0x12d/0x140 [ 302.035143] ? __x64_sys_mount+0xbe/0x150 [ 302.062324] ? do_syscall_64+0x1b9/0x820 [ 302.066414] ? find_held_lock+0x36/0x1c0 [ 302.070496] ? __lock_is_held+0xb5/0x140 [ 302.074590] ? perf_trace_sched_process_exec+0x860/0x860 [ 302.080077] __should_failslab+0x124/0x180 [ 302.084336] should_failslab+0x9/0x14 [ 302.088152] kmem_cache_alloc_trace+0x2d7/0x750 [ 302.092836] ? __kmalloc_node+0x3c/0x70 [ 302.096828] ? __kmalloc_node+0x3c/0x70 [ 302.100823] ? rcu_read_lock_sched_held+0x14f/0x180 [ 302.105867] __memcg_init_list_lru_node+0x185/0x2d0 [ 302.110943] ? kvfree_rcu+0x20/0x20 22:08:57 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 302.114594] ? __kmalloc_node+0x50/0x70 [ 302.118597] __list_lru_init+0x4d6/0x840 [ 302.122680] ? list_lru_destroy+0x500/0x500 [ 302.127021] ? up_write+0x7b/0x220 [ 302.130588] ? down_write_nested+0x130/0x130 [ 302.135003] ? down_read+0x120/0x120 [ 302.138729] ? init_wait_entry+0x1c0/0x1c0 [ 302.142955] ? prealloc_shrinker+0x172/0x340 [ 302.147364] alloc_super+0x907/0xb40 [ 302.151073] ? destroy_unused_super.part.10+0x110/0x110 [ 302.156424] ? sget_userns+0x17c/0x850 [ 302.160306] ? lock_downgrade+0x900/0x900 [ 302.164448] ? kasan_check_read+0x11/0x20 [ 302.168587] ? do_raw_spin_trylock+0x270/0x270 [ 302.173163] ? security_capable+0x99/0xc0 [ 302.177328] sget_userns+0x278/0x850 [ 302.181056] ? set_anon_super+0x20/0x20 [ 302.185043] ? alloc_empty_file.cold.6+0x42/0x42 [ 302.189819] ? vfs_get_super+0x270/0x270 [ 302.193885] ? rcu_read_lock_sched_held+0x14f/0x180 [ 302.198927] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 302.203789] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 302.209339] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.214892] ? ns_capable_common+0x13f/0x170 [ 302.219303] mount_ns+0x8f/0x1d0 [ 302.222668] nfsd_mount+0xa4/0xd0 [ 302.226122] ? nfsd_mount+0xd0/0xd0 [ 302.229773] ? nfsd_umount+0x80/0x80 [ 302.233500] legacy_get_tree+0x12f/0x260 [ 302.237556] ? security_fs_context_validate+0x80/0xa0 [ 302.242747] vfs_get_tree+0x1cb/0x5c0 [ 302.246561] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 302.251321] do_mount+0x82a/0x1ff0 [ 302.254874] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 302.260434] ? copy_mount_string+0x40/0x40 [ 302.265106] ? copy_mount_options+0x5f/0x430 [ 302.269511] ? kmem_cache_alloc_trace+0x353/0x750 [ 302.274375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.279936] ? copy_mount_options+0x315/0x430 [ 302.284429] ksys_mount+0x12d/0x140 [ 302.288060] __x64_sys_mount+0xbe/0x150 [ 302.292042] do_syscall_64+0x1b9/0x820 [ 302.295927] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 302.301375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 302.306314] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.311172] ? trace_hardirqs_on_caller+0x310/0x310 [ 302.316198] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 302.321221] ? prepare_exit_to_usermode+0x291/0x3b0 [ 302.326238] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.331083] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 302.336264] RIP: 0033:0x457569 [ 302.339468] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 302.358449] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:08:57 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 302.366176] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 302.373443] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 302.380704] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 302.388061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 302.395326] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:57 executing program 0 (fault-call:1 fault-nth:20): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:57 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:57 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f9", 0x0, &(0x7f0000000100)) [ 302.574600] FAULT_INJECTION: forcing a failure. [ 302.574600] name failslab, interval 1, probability 0, space 0, times 0 [ 302.591742] CPU: 1 PID: 9426 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 302.599926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 302.609292] Call Trace: [ 302.609323] dump_stack+0x244/0x39d [ 302.609349] ? dump_stack_print_info.cold.1+0x20/0x20 [ 302.609374] ? __kernel_text_address+0xd/0x40 [ 302.625263] ? unwind_get_return_address+0x61/0xa0 [ 302.630220] should_fail.cold.4+0xa/0x17 [ 302.634399] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 302.639529] ? save_stack+0x43/0xd0 [ 302.643172] ? kasan_kmalloc+0xc7/0xe0 [ 302.647083] ? kmem_cache_alloc_trace+0x152/0x750 [ 302.652454] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 302.657669] ? __list_lru_init+0x4d6/0x840 [ 302.661937] ? zap_class+0x640/0x640 [ 302.665666] ? nfsd_mount+0xa4/0xd0 [ 302.669317] ? legacy_get_tree+0x12f/0x260 [ 302.673573] ? vfs_get_tree+0x1cb/0x5c0 [ 302.677570] ? do_mount+0x82a/0x1ff0 [ 302.681302] ? ksys_mount+0x12d/0x140 [ 302.685131] ? __x64_sys_mount+0xbe/0x150 [ 302.689286] ? do_syscall_64+0x1b9/0x820 [ 302.693351] ? find_held_lock+0x36/0x1c0 [ 302.697412] ? __lock_is_held+0xb5/0x140 [ 302.701478] ? perf_trace_sched_process_exec+0x860/0x860 [ 302.706932] __should_failslab+0x124/0x180 [ 302.711161] should_failslab+0x9/0x14 [ 302.714955] kmem_cache_alloc_trace+0x2d7/0x750 [ 302.719628] ? __kmalloc_node+0x3c/0x70 [ 302.723619] ? __kmalloc_node+0x3c/0x70 [ 302.727595] ? rcu_read_lock_sched_held+0x14f/0x180 [ 302.732611] __memcg_init_list_lru_node+0x185/0x2d0 [ 302.737637] ? kvfree_rcu+0x20/0x20 [ 302.741262] ? __kmalloc_node+0x50/0x70 [ 302.745232] __list_lru_init+0x4d6/0x840 [ 302.749286] ? list_lru_destroy+0x500/0x500 [ 302.753600] ? up_write+0x7b/0x220 [ 302.757148] ? down_write_nested+0x130/0x130 [ 302.761546] ? down_read+0x120/0x120 [ 302.765256] ? init_wait_entry+0x1c0/0x1c0 [ 302.769483] ? prealloc_shrinker+0x172/0x340 [ 302.773902] alloc_super+0x907/0xb40 [ 302.777613] ? destroy_unused_super.part.10+0x110/0x110 [ 302.782965] ? sget_userns+0x17c/0x850 [ 302.786849] ? lock_downgrade+0x900/0x900 [ 302.790991] ? kasan_check_read+0x11/0x20 [ 302.795134] ? do_raw_spin_trylock+0x270/0x270 [ 302.799707] ? security_capable+0x99/0xc0 [ 302.803866] sget_userns+0x278/0x850 [ 302.807582] ? set_anon_super+0x20/0x20 [ 302.811546] ? alloc_empty_file.cold.6+0x42/0x42 [ 302.816296] ? vfs_get_super+0x270/0x270 [ 302.820352] ? rcu_read_lock_sched_held+0x14f/0x180 [ 302.825360] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 302.830202] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 302.835752] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.841287] ? ns_capable_common+0x13f/0x170 [ 302.845692] mount_ns+0x8f/0x1d0 [ 302.849063] nfsd_mount+0xa4/0xd0 [ 302.852509] ? nfsd_mount+0xd0/0xd0 [ 302.856130] ? nfsd_umount+0x80/0x80 [ 302.859839] legacy_get_tree+0x12f/0x260 [ 302.863918] ? security_fs_context_validate+0x80/0xa0 [ 302.869107] vfs_get_tree+0x1cb/0x5c0 [ 302.872911] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 302.877661] do_mount+0x82a/0x1ff0 [ 302.881198] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 302.886732] ? copy_mount_string+0x40/0x40 [ 302.890965] ? copy_mount_options+0x5f/0x430 [ 302.895366] ? kmem_cache_alloc_trace+0x353/0x750 [ 302.900207] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 302.905742] ? _copy_from_user+0xdf/0x150 [ 302.909889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 302.915433] ? copy_mount_options+0x315/0x430 [ 302.919937] ksys_mount+0x12d/0x140 [ 302.923571] __x64_sys_mount+0xbe/0x150 [ 302.927545] do_syscall_64+0x1b9/0x820 [ 302.931430] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 302.936822] ? syscall_return_slowpath+0x5e0/0x5e0 [ 302.941750] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.946593] ? trace_hardirqs_on_caller+0x310/0x310 [ 302.951612] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 302.956627] ? prepare_exit_to_usermode+0x291/0x3b0 [ 302.961645] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 302.966518] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 302.971725] RIP: 0033:0x457569 [ 302.974919] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 302.993814] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 303.001547] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 303.008825] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 303.016099] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:08:58 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:58 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:58 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:58 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) [ 303.023381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 303.030651] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:58 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:58 executing program 0 (fault-call:1 fault-nth:21): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:58 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364fe", 0x0, &(0x7f0000000100)) 22:08:58 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736402", 0x0, &(0x7f0000000100)) [ 303.230537] EXT4-fs (sda1): re-mounted. Opts: (null) [ 303.238281] FAULT_INJECTION: forcing a failure. [ 303.238281] name failslab, interval 1, probability 0, space 0, times 0 [ 303.255372] EXT4-fs (sda1): re-mounted. Opts: (null) 22:08:58 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) [ 303.284570] CPU: 0 PID: 9451 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 303.292943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.302312] Call Trace: [ 303.304927] dump_stack+0x244/0x39d [ 303.308595] ? dump_stack_print_info.cold.1+0x20/0x20 [ 303.313810] ? __kernel_text_address+0xd/0x40 [ 303.318327] ? unwind_get_return_address+0x61/0xa0 [ 303.323282] should_fail.cold.4+0xa/0x17 [ 303.327370] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:08:58 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.332507] ? save_stack+0x43/0xd0 [ 303.336151] ? kasan_kmalloc+0xc7/0xe0 [ 303.340065] ? kmem_cache_alloc_trace+0x152/0x750 [ 303.344936] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 303.350149] ? __list_lru_init+0x4d6/0x840 [ 303.354404] ? zap_class+0x640/0x640 [ 303.358130] ? nfsd_mount+0xa4/0xd0 [ 303.361775] ? legacy_get_tree+0x12f/0x260 [ 303.366022] ? vfs_get_tree+0x1cb/0x5c0 [ 303.370021] ? do_mount+0x82a/0x1ff0 [ 303.373758] ? ksys_mount+0x12d/0x140 [ 303.377573] ? __x64_sys_mount+0xbe/0x150 22:08:58 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.381738] ? do_syscall_64+0x1b9/0x820 [ 303.385823] ? find_held_lock+0x36/0x1c0 [ 303.385846] ? __lock_is_held+0xb5/0x140 [ 303.385873] ? perf_trace_sched_process_exec+0x860/0x860 [ 303.393998] __should_failslab+0x124/0x180 [ 303.394020] should_failslab+0x9/0x14 [ 303.394050] kmem_cache_alloc_trace+0x2d7/0x750 [ 303.412185] ? __kmalloc_node+0x3c/0x70 [ 303.416179] ? __kmalloc_node+0x3c/0x70 [ 303.420168] ? rcu_read_lock_sched_held+0x14f/0x180 [ 303.425212] __memcg_init_list_lru_node+0x185/0x2d0 [ 303.430252] ? kvfree_rcu+0x20/0x20 [ 303.433901] ? __kmalloc_node+0x50/0x70 [ 303.437902] __list_lru_init+0x4d6/0x840 [ 303.441991] ? list_lru_destroy+0x500/0x500 [ 303.446348] ? up_write+0x7b/0x220 [ 303.449901] ? down_write_nested+0x130/0x130 [ 303.454298] ? down_read+0x120/0x120 [ 303.458004] ? init_wait_entry+0x1c0/0x1c0 [ 303.462235] ? prealloc_shrinker+0x172/0x340 [ 303.466644] alloc_super+0x907/0xb40 [ 303.470353] ? destroy_unused_super.part.10+0x110/0x110 [ 303.475708] ? sget_userns+0x17c/0x850 [ 303.479592] ? lock_downgrade+0x900/0x900 [ 303.483750] ? kasan_check_read+0x11/0x20 [ 303.487895] ? do_raw_spin_trylock+0x270/0x270 [ 303.492504] ? security_capable+0x99/0xc0 [ 303.496656] sget_userns+0x278/0x850 [ 303.500363] ? set_anon_super+0x20/0x20 [ 303.504332] ? alloc_empty_file.cold.6+0x42/0x42 [ 303.509082] ? vfs_get_super+0x270/0x270 [ 303.513139] ? rcu_read_lock_sched_held+0x14f/0x180 [ 303.518160] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 303.523006] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 303.528599] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.534132] ? ns_capable_common+0x13f/0x170 [ 303.538535] mount_ns+0x8f/0x1d0 [ 303.541899] nfsd_mount+0xa4/0xd0 [ 303.545343] ? nfsd_mount+0xd0/0xd0 [ 303.548961] ? nfsd_umount+0x80/0x80 [ 303.552675] legacy_get_tree+0x12f/0x260 [ 303.556746] ? security_fs_context_validate+0x80/0xa0 [ 303.561958] vfs_get_tree+0x1cb/0x5c0 [ 303.565752] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 303.570506] do_mount+0x82a/0x1ff0 [ 303.574047] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 303.579578] ? copy_mount_string+0x40/0x40 [ 303.583821] ? copy_mount_options+0x5f/0x430 [ 303.588235] ? kmem_cache_alloc_trace+0x353/0x750 [ 303.593075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 303.598609] ? _copy_from_user+0xdf/0x150 [ 303.602760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.608303] ? copy_mount_options+0x315/0x430 [ 303.612799] ksys_mount+0x12d/0x140 [ 303.616427] __x64_sys_mount+0xbe/0x150 [ 303.620417] do_syscall_64+0x1b9/0x820 [ 303.624300] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 303.629672] ? syscall_return_slowpath+0x5e0/0x5e0 [ 303.634611] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.639449] ? trace_hardirqs_on_caller+0x310/0x310 [ 303.644473] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 303.649488] ? prepare_exit_to_usermode+0x291/0x3b0 [ 303.654505] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 303.659346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 303.664567] RIP: 0033:0x457569 22:08:59 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.667769] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.686799] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 303.694513] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 303.701777] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 303.709046] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 303.716309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 303.723571] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:59 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:59 executing program 0 (fault-call:1 fault-nth:22): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.847048] FAULT_INJECTION: forcing a failure. [ 303.847048] name failslab, interval 1, probability 0, space 0, times 0 22:08:59 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736404", 0x0, &(0x7f0000000100)) 22:08:59 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364fe", 0x0, &(0x7f0000000100)) [ 303.889333] EXT4-fs (sda1): re-mounted. Opts: (null) 22:08:59 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.927223] CPU: 0 PID: 9478 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 303.935426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.944794] Call Trace: [ 303.947419] dump_stack+0x244/0x39d [ 303.951089] ? dump_stack_print_info.cold.1+0x20/0x20 [ 303.956301] ? __kernel_text_address+0xd/0x40 [ 303.960816] ? unwind_get_return_address+0x61/0xa0 [ 303.965767] should_fail.cold.4+0xa/0x17 [ 303.969849] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:08:59 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 303.974983] ? save_stack+0x43/0xd0 [ 303.978626] ? kasan_kmalloc+0xc7/0xe0 [ 303.982523] ? kmem_cache_alloc_trace+0x152/0x750 [ 303.987375] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 303.992588] ? __list_lru_init+0x4d6/0x840 [ 303.996837] ? zap_class+0x640/0x640 [ 304.000560] ? nfsd_mount+0xa4/0xd0 [ 304.004211] ? legacy_get_tree+0x12f/0x260 [ 304.008461] ? vfs_get_tree+0x1cb/0x5c0 [ 304.012455] ? do_mount+0x82a/0x1ff0 [ 304.016182] ? ksys_mount+0x12d/0x140 [ 304.020001] ? __x64_sys_mount+0xbe/0x150 22:08:59 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 304.024178] ? do_syscall_64+0x1b9/0x820 [ 304.028262] ? find_held_lock+0x36/0x1c0 [ 304.032341] ? __lock_is_held+0xb5/0x140 [ 304.036504] ? ieee80211_tx_dequeue+0x2248/0x36c0 [ 304.041383] ? perf_trace_sched_process_exec+0x860/0x860 [ 304.046866] __should_failslab+0x124/0x180 [ 304.046886] should_failslab+0x9/0x14 [ 304.046903] kmem_cache_alloc_trace+0x2d7/0x750 [ 304.046916] ? __kmalloc_node+0x3c/0x70 [ 304.046931] ? __kmalloc_node+0x3c/0x70 [ 304.046953] ? rcu_read_lock_sched_held+0x14f/0x180 [ 304.054995] __memcg_init_list_lru_node+0x185/0x2d0 22:08:59 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 304.077608] ? kvfree_rcu+0x20/0x20 [ 304.081254] ? __kmalloc_node+0x50/0x70 [ 304.085262] __list_lru_init+0x4d6/0x840 [ 304.089352] ? list_lru_destroy+0x500/0x500 [ 304.093705] ? up_write+0x7b/0x220 [ 304.097259] ? down_write_nested+0x130/0x130 [ 304.101679] ? down_read+0x120/0x120 [ 304.105418] ? init_wait_entry+0x1c0/0x1c0 [ 304.109672] ? prealloc_shrinker+0x172/0x340 [ 304.114116] alloc_super+0x907/0xb40 [ 304.117858] ? destroy_unused_super.part.10+0x110/0x110 [ 304.123240] ? sget_userns+0x17c/0x850 [ 304.127151] ? lock_downgrade+0x900/0x900 [ 304.131328] ? kasan_check_read+0x11/0x20 [ 304.135505] ? do_raw_spin_trylock+0x270/0x270 [ 304.140121] ? security_capable+0x99/0xc0 [ 304.144301] sget_userns+0x278/0x850 [ 304.148058] ? set_anon_super+0x20/0x20 [ 304.152067] ? alloc_empty_file.cold.6+0x42/0x42 [ 304.156837] ? vfs_get_super+0x270/0x270 [ 304.160921] ? rcu_read_lock_sched_held+0x14f/0x180 [ 304.165961] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 304.170829] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 304.176434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 304.176450] ? ns_capable_common+0x13f/0x170 [ 304.176468] mount_ns+0x8f/0x1d0 [ 304.176488] nfsd_mount+0xa4/0xd0 [ 304.176501] ? nfsd_mount+0xd0/0xd0 [ 304.176517] ? nfsd_umount+0x80/0x80 [ 304.176539] legacy_get_tree+0x12f/0x260 [ 304.204700] ? security_fs_context_validate+0x80/0xa0 [ 304.209922] vfs_get_tree+0x1cb/0x5c0 [ 304.213742] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 304.218502] do_mount+0x82a/0x1ff0 [ 304.222073] ? copy_mount_string+0x40/0x40 [ 304.226308] ? retint_kernel+0x2d/0x2d [ 304.230198] ? copy_mount_options+0x239/0x430 [ 304.234692] ? copy_mount_options+0x23f/0x430 [ 304.239181] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 304.244731] ? copy_mount_options+0x315/0x430 [ 304.249226] ksys_mount+0x12d/0x140 [ 304.252851] __x64_sys_mount+0xbe/0x150 [ 304.256935] do_syscall_64+0x1b9/0x820 [ 304.260829] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 304.266192] ? syscall_return_slowpath+0x5e0/0x5e0 [ 304.271131] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.275970] ? trace_hardirqs_on_caller+0x310/0x310 [ 304.280991] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 304.286008] ? prepare_exit_to_usermode+0x291/0x3b0 [ 304.291048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.295911] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 304.301269] RIP: 0033:0x457569 [ 304.304456] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:08:59 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:08:59 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:08:59 executing program 0 (fault-call:1 fault-nth:23): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 304.323351] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 304.331062] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 304.338325] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 304.345600] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 304.352878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 304.360147] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:08:59 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736411", 0x0, &(0x7f0000000100)) [ 304.493079] EXT4-fs (sda1): re-mounted. Opts: (null) [ 304.505052] FAULT_INJECTION: forcing a failure. [ 304.505052] name failslab, interval 1, probability 0, space 0, times 0 [ 304.548444] CPU: 1 PID: 9515 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 304.556651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.566024] Call Trace: [ 304.568736] dump_stack+0x244/0x39d [ 304.572394] ? dump_stack_print_info.cold.1+0x20/0x20 [ 304.577614] ? __kernel_text_address+0xd/0x40 [ 304.582134] ? unwind_get_return_address+0x61/0xa0 [ 304.587086] should_fail.cold.4+0xa/0x17 [ 304.591430] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 304.596559] ? save_stack+0x43/0xd0 [ 304.600200] ? kasan_kmalloc+0xc7/0xe0 [ 304.604093] ? kmem_cache_alloc_trace+0x152/0x750 [ 304.608931] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 304.614113] ? __list_lru_init+0x4d6/0x840 [ 304.618340] ? zap_class+0x640/0x640 [ 304.622060] ? nfsd_mount+0xa4/0xd0 [ 304.625693] ? legacy_get_tree+0x12f/0x260 [ 304.629931] ? vfs_get_tree+0x1cb/0x5c0 [ 304.633903] ? do_mount+0x82a/0x1ff0 [ 304.637609] ? ksys_mount+0x12d/0x140 [ 304.641413] ? __x64_sys_mount+0xbe/0x150 [ 304.645551] ? do_syscall_64+0x1b9/0x820 [ 304.649605] ? find_held_lock+0x36/0x1c0 [ 304.653660] ? __lock_is_held+0xb5/0x140 [ 304.657734] ? perf_trace_sched_process_exec+0x860/0x860 [ 304.663189] __should_failslab+0x124/0x180 [ 304.667433] should_failslab+0x9/0x14 [ 304.671230] kmem_cache_alloc_trace+0x2d7/0x750 [ 304.675948] ? __kmalloc_node+0x3c/0x70 [ 304.679942] __memcg_init_list_lru_node+0x185/0x2d0 [ 304.684967] ? kvfree_rcu+0x20/0x20 [ 304.688586] ? __kmalloc_node+0x50/0x70 [ 304.692558] __list_lru_init+0x4d6/0x840 [ 304.696624] ? list_lru_destroy+0x500/0x500 [ 304.700954] ? up_write+0x7b/0x220 [ 304.704491] ? down_write_nested+0x130/0x130 [ 304.708903] ? down_read+0x120/0x120 [ 304.712617] ? init_wait_entry+0x1c0/0x1c0 [ 304.716891] ? prealloc_shrinker+0x172/0x340 [ 304.721312] alloc_super+0x907/0xb40 [ 304.725041] ? destroy_unused_super.part.10+0x110/0x110 [ 304.730403] ? sget_userns+0x17c/0x850 [ 304.734297] ? lock_downgrade+0x900/0x900 [ 304.738454] ? kasan_check_read+0x11/0x20 [ 304.742608] ? do_raw_spin_trylock+0x270/0x270 [ 304.747191] ? security_capable+0x99/0xc0 [ 304.751345] sget_userns+0x278/0x850 [ 304.755067] ? set_anon_super+0x20/0x20 [ 304.759067] ? alloc_empty_file.cold.6+0x42/0x42 [ 304.763827] ? vfs_get_super+0x270/0x270 [ 304.767936] ? rcu_read_lock_sched_held+0x14f/0x180 [ 304.772968] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 304.777815] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 304.783369] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 304.788917] ? ns_capable_common+0x13f/0x170 [ 304.793334] mount_ns+0x8f/0x1d0 [ 304.796704] nfsd_mount+0xa4/0xd0 [ 304.800158] ? nfsd_mount+0xd0/0xd0 [ 304.803809] ? nfsd_umount+0x80/0x80 [ 304.807520] legacy_get_tree+0x12f/0x260 [ 304.811578] ? security_fs_context_validate+0x80/0xa0 [ 304.816766] vfs_get_tree+0x1cb/0x5c0 [ 304.820561] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 304.825313] do_mount+0x82a/0x1ff0 [ 304.828863] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 304.834400] ? copy_mount_string+0x40/0x40 [ 304.838636] ? copy_mount_options+0x5f/0x430 [ 304.843050] ? kmem_cache_alloc_trace+0x353/0x750 [ 304.847896] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 304.853439] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 304.858977] ? copy_mount_options+0x315/0x430 [ 304.863474] ksys_mount+0x12d/0x140 [ 304.867100] __x64_sys_mount+0xbe/0x150 [ 304.871070] do_syscall_64+0x1b9/0x820 [ 304.874950] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 304.880315] ? syscall_return_slowpath+0x5e0/0x5e0 [ 304.885250] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.890090] ? trace_hardirqs_on_caller+0x310/0x310 [ 304.895100] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 304.900129] ? prepare_exit_to_usermode+0x291/0x3b0 [ 304.905146] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 304.909985] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 304.915168] RIP: 0033:0x457569 [ 304.918353] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 304.937249] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:00 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673647f", 0x0, &(0x7f0000000100)) 22:09:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:00 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) [ 304.944955] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 304.952238] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 304.959501] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 304.966765] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 304.974026] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:00 executing program 0 (fault-call:1 fault-nth:24): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 305.114856] EXT4-fs (sda1): re-mounted. Opts: (null) 22:09:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:00 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd ', 0x0, &(0x7f0000000100)) 22:09:00 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) [ 305.152586] FAULT_INJECTION: forcing a failure. [ 305.152586] name failslab, interval 1, probability 0, space 0, times 0 [ 305.209284] CPU: 0 PID: 9537 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 305.217485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.226855] Call Trace: [ 305.229468] dump_stack+0x244/0x39d [ 305.233129] ? dump_stack_print_info.cold.1+0x20/0x20 [ 305.238344] ? __kernel_text_address+0xd/0x40 [ 305.242859] ? unwind_get_return_address+0x61/0xa0 [ 305.247814] should_fail.cold.4+0xa/0x17 [ 305.251897] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:00 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:00 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673648c", 0x0, &(0x7f0000000100)) [ 305.257026] ? save_stack+0x43/0xd0 [ 305.260689] ? kasan_kmalloc+0xc7/0xe0 [ 305.264596] ? kmem_cache_alloc_trace+0x152/0x750 [ 305.269460] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 305.274674] ? __list_lru_init+0x4d6/0x840 [ 305.278932] ? zap_class+0x640/0x640 [ 305.282662] ? nfsd_mount+0xa4/0xd0 [ 305.286306] ? legacy_get_tree+0x12f/0x260 [ 305.290564] ? vfs_get_tree+0x1cb/0x5c0 [ 305.294557] ? do_mount+0x82a/0x1ff0 [ 305.298286] ? ksys_mount+0x12d/0x140 [ 305.302109] ? __x64_sys_mount+0xbe/0x150 [ 305.306277] ? do_syscall_64+0x1b9/0x820 [ 305.310355] ? find_held_lock+0x36/0x1c0 [ 305.314446] ? __lock_is_held+0xb5/0x140 [ 305.318531] ? perf_trace_sched_process_exec+0x860/0x860 [ 305.318557] __should_failslab+0x124/0x180 [ 305.318574] should_failslab+0x9/0x14 [ 305.318590] kmem_cache_alloc_trace+0x2d7/0x750 [ 305.318604] ? __kmalloc_node+0x3c/0x70 [ 305.318618] ? __kmalloc_node+0x3c/0x70 [ 305.318635] ? rcu_read_lock_sched_held+0x14f/0x180 [ 305.318656] __memcg_init_list_lru_node+0x185/0x2d0 [ 305.354775] ? kvfree_rcu+0x20/0x20 22:09:00 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 305.358438] ? __kmalloc_node+0x50/0x70 [ 305.362453] __list_lru_init+0x4d6/0x840 [ 305.366539] ? list_lru_destroy+0x500/0x500 [ 305.370886] ? up_write+0x7b/0x220 [ 305.374443] ? down_write_nested+0x130/0x130 [ 305.374459] ? down_read+0x120/0x120 [ 305.374478] ? init_wait_entry+0x1c0/0x1c0 [ 305.374499] ? prealloc_shrinker+0x172/0x340 [ 305.382641] alloc_super+0x907/0xb40 [ 305.382665] ? destroy_unused_super.part.10+0x110/0x110 [ 305.400386] ? sget_userns+0x17c/0x850 [ 305.404305] ? lock_downgrade+0x900/0x900 22:09:00 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 305.408484] ? kasan_check_read+0x11/0x20 [ 305.412654] ? do_raw_spin_trylock+0x270/0x270 [ 305.417262] ? security_capable+0x99/0xc0 [ 305.421444] sget_userns+0x278/0x850 [ 305.425180] ? set_anon_super+0x20/0x20 [ 305.429185] ? alloc_empty_file.cold.6+0x42/0x42 [ 305.433961] ? vfs_get_super+0x270/0x270 [ 305.438061] ? rcu_read_lock_sched_held+0x14f/0x180 [ 305.443099] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 305.447964] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 305.453550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 22:09:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 305.459139] ? ns_capable_common+0x13f/0x170 [ 305.463578] mount_ns+0x8f/0x1d0 [ 305.466972] nfsd_mount+0xa4/0xd0 [ 305.470442] ? nfsd_mount+0xd0/0xd0 [ 305.474085] ? nfsd_umount+0x80/0x80 [ 305.477811] legacy_get_tree+0x12f/0x260 [ 305.481895] ? security_fs_context_validate+0x80/0xa0 [ 305.487111] vfs_get_tree+0x1cb/0x5c0 [ 305.491018] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 305.495844] do_mount+0x82a/0x1ff0 [ 305.499414] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 305.504980] ? copy_mount_string+0x40/0x40 [ 305.509248] ? copy_mount_options+0x5f/0x430 [ 305.513675] ? kmem_cache_alloc_trace+0x353/0x750 [ 305.518542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 305.524606] ? _copy_from_user+0xdf/0x150 [ 305.528776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 305.534334] ? copy_mount_options+0x315/0x430 [ 305.538859] ksys_mount+0x12d/0x140 [ 305.542511] __x64_sys_mount+0xbe/0x150 [ 305.546516] do_syscall_64+0x1b9/0x820 [ 305.550427] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 305.555818] ? syscall_return_slowpath+0x5e0/0x5e0 22:09:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 305.560763] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.565629] ? trace_hardirqs_on_caller+0x310/0x310 [ 305.570668] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 305.575709] ? prepare_exit_to_usermode+0x291/0x3b0 [ 305.580755] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 305.585630] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 305.590835] RIP: 0033:0x457569 22:09:00 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:00 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736402", 0x0, &(0x7f0000000100)) [ 305.594050] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 305.612959] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 305.620681] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 305.627945] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 305.635211] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 305.642474] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 305.649737] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:01 executing program 0 (fault-call:1 fault-nth:25): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:01 executing program 2: mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) [ 305.723821] FAULT_INJECTION: forcing a failure. [ 305.723821] name failslab, interval 1, probability 0, space 0, times 0 [ 305.765359] CPU: 1 PID: 9569 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 305.773564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.782937] Call Trace: [ 305.785558] dump_stack+0x244/0x39d [ 305.789227] ? dump_stack_print_info.cold.1+0x20/0x20 [ 305.794449] ? zap_class+0x640/0x640 [ 305.798189] should_fail.cold.4+0xa/0x17 [ 305.802273] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 305.807408] ? find_held_lock+0x36/0x1c0 [ 305.811495] ? zap_class+0x640/0x640 [ 305.815229] ? zap_class+0x640/0x640 [ 305.818964] ? lock_downgrade+0x900/0x900 [ 305.823138] ? find_held_lock+0x36/0x1c0 [ 305.823162] ? __lock_is_held+0xb5/0x140 [ 305.823191] ? perf_trace_sched_process_exec+0x860/0x860 [ 305.823210] ? perf_trace_sched_process_exec+0x860/0x860 [ 305.842234] ? __kmalloc_node+0x3c/0x70 [ 305.842261] __should_failslab+0x124/0x180 [ 305.842282] should_failslab+0x9/0x14 [ 305.842298] __kmalloc+0x2e0/0x760 [ 305.842318] ? __kmalloc_node+0x50/0x70 [ 305.861921] ? __list_lru_init+0x151/0x840 [ 305.861944] __list_lru_init+0x151/0x840 [ 305.861965] ? list_lru_destroy+0x500/0x500 [ 305.861985] ? up_write+0x7b/0x220 [ 305.862004] ? down_read+0x120/0x120 [ 305.878158] ? init_wait_entry+0x1c0/0x1c0 [ 305.886104] ? prealloc_shrinker+0x172/0x340 [ 305.890546] alloc_super+0x933/0xb40 [ 305.890573] ? destroy_unused_super.part.10+0x110/0x110 [ 305.890585] ? sget_userns+0x17c/0x850 [ 305.890605] ? lock_downgrade+0x900/0x900 [ 305.890632] ? kasan_check_read+0x11/0x20 [ 305.903615] ? do_raw_spin_trylock+0x270/0x270 [ 305.903634] ? security_capable+0x99/0xc0 [ 305.903661] sget_userns+0x278/0x850 [ 305.903678] ? set_anon_super+0x20/0x20 [ 305.903698] ? alloc_empty_file.cold.6+0x42/0x42 [ 305.903715] ? vfs_get_super+0x270/0x270 [ 305.916587] ? rcu_read_lock_sched_held+0x14f/0x180 [ 305.916608] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 305.916632] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 305.916670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 305.924728] ? ns_capable_common+0x13f/0x170 [ 305.924747] mount_ns+0x8f/0x1d0 [ 305.924771] nfsd_mount+0xa4/0xd0 [ 305.924784] ? nfsd_mount+0xd0/0xd0 [ 305.924801] ? nfsd_umount+0x80/0x80 [ 305.924819] legacy_get_tree+0x12f/0x260 [ 305.924841] ? security_fs_context_validate+0x80/0xa0 [ 305.986341] vfs_get_tree+0x1cb/0x5c0 [ 305.990167] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 305.994952] do_mount+0x82a/0x1ff0 [ 305.998524] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 306.004097] ? copy_mount_string+0x40/0x40 [ 306.008361] ? copy_mount_options+0x5f/0x430 [ 306.012800] ? kmem_cache_alloc_trace+0x353/0x750 [ 306.017673] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 306.023241] ? _copy_from_user+0xdf/0x150 [ 306.027420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.032988] ? copy_mount_options+0x315/0x430 [ 306.037527] ksys_mount+0x12d/0x140 [ 306.041177] __x64_sys_mount+0xbe/0x150 [ 306.045176] do_syscall_64+0x1b9/0x820 [ 306.049084] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 306.054475] ? syscall_return_slowpath+0x5e0/0x5e0 [ 306.059432] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.064301] ? trace_hardirqs_on_caller+0x310/0x310 [ 306.069345] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 306.074392] ? prepare_exit_to_usermode+0x291/0x3b0 [ 306.079445] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.084318] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 306.089526] RIP: 0033:0x457569 [ 306.092740] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:01 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:01 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:01 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.111659] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 306.119391] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 306.126673] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 306.126683] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 306.126691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 306.126699] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:01 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:01 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736404", 0x0, &(0x7f0000000100)) 22:09:01 executing program 0 (fault-call:1 fault-nth:26): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:01 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736403", 0x0, &(0x7f0000000100)) 22:09:01 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:01 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.326751] FAULT_INJECTION: forcing a failure. [ 306.326751] name failslab, interval 1, probability 0, space 0, times 0 22:09:01 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.414259] CPU: 0 PID: 9605 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 306.422460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.431834] Call Trace: [ 306.434453] dump_stack+0x244/0x39d [ 306.438113] ? dump_stack_print_info.cold.1+0x20/0x20 [ 306.443336] should_fail.cold.4+0xa/0x17 [ 306.447426] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 306.452576] ? zap_class+0x640/0x640 [ 306.456315] ? save_stack+0xa9/0xd0 [ 306.459958] ? save_stack+0x43/0xd0 [ 306.463597] ? kasan_kmalloc+0xc7/0xe0 [ 306.467495] ? __kmalloc+0x15b/0x760 [ 306.471231] ? find_held_lock+0x36/0x1c0 [ 306.475311] ? __lock_is_held+0xb5/0x140 [ 306.479404] ? perf_trace_sched_process_exec+0x860/0x860 [ 306.484872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.490431] ? check_preemption_disabled+0x48/0x280 [ 306.495476] __should_failslab+0x124/0x180 [ 306.499729] should_failslab+0x9/0x14 [ 306.503545] kmem_cache_alloc_node_trace+0x270/0x740 [ 306.508676] __kmalloc_node+0x3c/0x70 [ 306.512501] kvmalloc_node+0x65/0xf0 [ 306.516239] __list_lru_init+0x5d9/0x840 [ 306.520319] ? list_lru_destroy+0x500/0x500 [ 306.524660] ? up_write+0x7b/0x220 [ 306.528215] ? down_read+0x120/0x120 [ 306.531944] ? init_wait_entry+0x1c0/0x1c0 [ 306.536189] ? prealloc_shrinker+0x172/0x340 [ 306.540625] alloc_super+0x933/0xb40 [ 306.544364] ? destroy_unused_super.part.10+0x110/0x110 [ 306.549743] ? sget_userns+0x17c/0x850 [ 306.553650] ? lock_downgrade+0x900/0x900 [ 306.557822] ? kasan_check_read+0x11/0x20 22:09:01 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:01 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.561998] ? do_raw_spin_trylock+0x270/0x270 [ 306.566608] ? security_capable+0x99/0xc0 [ 306.570780] sget_userns+0x278/0x850 [ 306.574505] ? set_anon_super+0x20/0x20 [ 306.578499] ? alloc_empty_file.cold.6+0x42/0x42 [ 306.583265] ? vfs_get_super+0x270/0x270 [ 306.587341] ? rcu_read_lock_sched_held+0x14f/0x180 [ 306.592383] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 306.597261] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 306.602844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.608415] ? ns_capable_common+0x13f/0x170 22:09:01 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:01 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x0, 0x0) [ 306.612852] mount_ns+0x8f/0x1d0 [ 306.616237] nfsd_mount+0xa4/0xd0 [ 306.619702] ? nfsd_mount+0xd0/0xd0 [ 306.623342] ? nfsd_umount+0x80/0x80 [ 306.627079] legacy_get_tree+0x12f/0x260 [ 306.631156] ? security_fs_context_validate+0x80/0xa0 [ 306.636710] vfs_get_tree+0x1cb/0x5c0 [ 306.640533] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 306.645312] do_mount+0x82a/0x1ff0 [ 306.648862] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 306.654671] ? copy_mount_string+0x40/0x40 [ 306.658906] ? copy_mount_options+0x5f/0x430 [ 306.663309] ? kmem_cache_alloc_trace+0x353/0x750 [ 306.668150] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 306.673681] ? _copy_from_user+0xdf/0x150 [ 306.677826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 306.683356] ? copy_mount_options+0x315/0x430 [ 306.687851] ksys_mount+0x12d/0x140 [ 306.691472] __x64_sys_mount+0xbe/0x150 [ 306.695439] do_syscall_64+0x1b9/0x820 [ 306.699359] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 306.704718] ? syscall_return_slowpath+0x5e0/0x5e0 [ 306.709638] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.714474] ? trace_hardirqs_on_caller+0x310/0x310 [ 306.719484] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 306.724491] ? prepare_exit_to_usermode+0x291/0x3b0 [ 306.729502] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 306.734356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 306.739535] RIP: 0033:0x457569 [ 306.742717] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:02 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:02 executing program 0 (fault-call:1 fault-nth:27): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.761610] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 306.769312] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 306.776585] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 306.783856] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 306.791116] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 306.798378] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 306.850986] FAULT_INJECTION: forcing a failure. [ 306.850986] name failslab, interval 1, probability 0, space 0, times 0 22:09:02 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x0, 0x0) 22:09:02 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 306.946583] CPU: 0 PID: 9629 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 306.954815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.964188] Call Trace: [ 306.966804] dump_stack+0x244/0x39d [ 306.970458] ? dump_stack_print_info.cold.1+0x20/0x20 [ 306.975662] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 306.980968] should_fail.cold.4+0xa/0x17 [ 306.985056] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 306.990175] ? kernel_text_address+0x79/0xf0 [ 306.994603] ? unwind_get_return_address+0x61/0xa0 [ 306.999553] ? __save_stack_trace+0x8d/0xf0 [ 307.003890] ? zap_class+0x640/0x640 [ 307.007631] ? find_held_lock+0x36/0x1c0 [ 307.011710] ? __lock_is_held+0xb5/0x140 [ 307.015867] ? vti6_err+0x4f8/0x530 [ 307.019643] ? perf_trace_sched_process_exec+0x860/0x860 [ 307.025198] ? check_preemption_disabled+0x48/0x280 [ 307.030238] __should_failslab+0x124/0x180 [ 307.034490] should_failslab+0x9/0x14 [ 307.038312] kmem_cache_alloc_trace+0x2d7/0x750 [ 307.042995] ? __kmalloc_node+0x3c/0x70 22:09:02 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:02 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:02 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673647f", 0x0, &(0x7f0000000100)) [ 307.046989] ? __kmalloc_node+0x3c/0x70 [ 307.050971] ? rcu_read_lock_sched_held+0x14f/0x180 [ 307.056001] __memcg_init_list_lru_node+0x185/0x2d0 [ 307.061053] ? kvfree_rcu+0x20/0x20 [ 307.064698] ? __kmalloc_node+0x50/0x70 [ 307.068690] __list_lru_init+0x4d6/0x840 [ 307.072756] ? list_lru_destroy+0x500/0x500 [ 307.077078] ? up_write+0x7b/0x220 [ 307.080613] ? down_read+0x120/0x120 [ 307.084315] ? init_wait_entry+0x1c0/0x1c0 [ 307.088535] ? prealloc_shrinker+0x172/0x340 [ 307.092937] alloc_super+0x933/0xb40 [ 307.096657] ? destroy_unused_super.part.10+0x110/0x110 [ 307.102019] ? sget_userns+0x17c/0x850 [ 307.105906] ? lock_downgrade+0x900/0x900 [ 307.110056] ? kasan_check_read+0x11/0x20 [ 307.114197] ? do_raw_spin_trylock+0x270/0x270 [ 307.118773] ? security_capable+0x99/0xc0 [ 307.122920] sget_userns+0x278/0x850 [ 307.126637] ? set_anon_super+0x20/0x20 [ 307.130615] ? alloc_empty_file.cold.6+0x42/0x42 [ 307.135358] ? vfs_get_super+0x270/0x270 [ 307.139417] ? rcu_read_lock_sched_held+0x14f/0x180 [ 307.144428] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 307.149269] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 307.154817] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 307.160351] ? ns_capable_common+0x13f/0x170 [ 307.164751] mount_ns+0x8f/0x1d0 [ 307.168112] nfsd_mount+0xa4/0xd0 [ 307.171554] ? nfsd_mount+0xd0/0xd0 [ 307.175171] ? nfsd_umount+0x80/0x80 [ 307.178875] legacy_get_tree+0x12f/0x260 [ 307.182930] ? security_fs_context_validate+0x80/0xa0 [ 307.188117] vfs_get_tree+0x1cb/0x5c0 [ 307.191912] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 307.196679] do_mount+0x82a/0x1ff0 [ 307.200216] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 307.205747] ? copy_mount_string+0x40/0x40 [ 307.209978] ? copy_mount_options+0x5f/0x430 [ 307.214380] ? kmem_cache_alloc_trace+0x353/0x750 [ 307.219221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 307.224767] ? copy_mount_options+0x315/0x430 [ 307.229259] ksys_mount+0x12d/0x140 [ 307.232877] __x64_sys_mount+0xbe/0x150 [ 307.236847] do_syscall_64+0x1b9/0x820 [ 307.240724] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 307.246093] ? syscall_return_slowpath+0x5e0/0x5e0 [ 307.251034] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.255874] ? trace_hardirqs_on_caller+0x310/0x310 [ 307.260886] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 307.265901] ? prepare_exit_to_usermode+0x291/0x3b0 [ 307.270914] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.275754] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 307.280932] RIP: 0033:0x457569 22:09:02 executing program 0 (fault-call:1 fault-nth:28): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 307.284114] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 307.303009] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 307.310718] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 307.317979] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 307.325240] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 307.332529] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 307.339808] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 307.375242] FAULT_INJECTION: forcing a failure. [ 307.375242] name failslab, interval 1, probability 0, space 0, times 0 [ 307.386638] CPU: 0 PID: 9649 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 307.394789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.404158] Call Trace: [ 307.406746] dump_stack+0x244/0x39d [ 307.410369] ? dump_stack_print_info.cold.1+0x20/0x20 [ 307.415564] ? __kernel_text_address+0xd/0x40 [ 307.420059] ? unwind_get_return_address+0x61/0xa0 [ 307.425004] should_fail.cold.4+0xa/0x17 [ 307.429069] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 307.434184] ? save_stack+0x43/0xd0 [ 307.437801] ? kasan_kmalloc+0xc7/0xe0 [ 307.441678] ? kmem_cache_alloc_trace+0x152/0x750 [ 307.446511] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 307.451691] ? __list_lru_init+0x4d6/0x840 [ 307.455922] ? zap_class+0x640/0x640 [ 307.459627] ? nfsd_mount+0xa4/0xd0 [ 307.463246] ? legacy_get_tree+0x12f/0x260 [ 307.467476] ? vfs_get_tree+0x1cb/0x5c0 [ 307.471436] ? do_mount+0x82a/0x1ff0 [ 307.475168] ? ksys_mount+0x12d/0x140 [ 307.478958] ? __x64_sys_mount+0xbe/0x150 [ 307.483098] ? do_syscall_64+0x1b9/0x820 [ 307.487153] ? find_held_lock+0x36/0x1c0 [ 307.491209] ? __lock_is_held+0xb5/0x140 [ 307.495270] ? perf_trace_sched_process_exec+0x860/0x860 [ 307.500717] __should_failslab+0x124/0x180 [ 307.504949] should_failslab+0x9/0x14 [ 307.508741] kmem_cache_alloc_trace+0x2d7/0x750 [ 307.513405] ? __kmalloc_node+0x3c/0x70 [ 307.517371] ? __kmalloc_node+0x3c/0x70 [ 307.521341] ? rcu_read_lock_sched_held+0x14f/0x180 [ 307.526371] __memcg_init_list_lru_node+0x185/0x2d0 [ 307.531411] ? kvfree_rcu+0x20/0x20 [ 307.535039] ? __kmalloc_node+0x50/0x70 [ 307.539010] __list_lru_init+0x4d6/0x840 [ 307.543075] ? list_lru_destroy+0x500/0x500 [ 307.547400] ? up_write+0x7b/0x220 [ 307.550928] ? down_read+0x120/0x120 [ 307.554641] ? init_wait_entry+0x1c0/0x1c0 [ 307.558862] ? prealloc_shrinker+0x172/0x340 [ 307.563268] alloc_super+0x933/0xb40 [ 307.566981] ? destroy_unused_super.part.10+0x110/0x110 [ 307.572338] ? sget_userns+0x17c/0x850 [ 307.576235] ? lock_downgrade+0x900/0x900 [ 307.580400] ? kasan_check_read+0x11/0x20 [ 307.584555] ? do_raw_spin_trylock+0x270/0x270 [ 307.589131] ? security_capable+0x99/0xc0 [ 307.593277] sget_userns+0x278/0x850 [ 307.596981] ? set_anon_super+0x20/0x20 [ 307.600948] ? alloc_empty_file.cold.6+0x42/0x42 [ 307.605690] ? vfs_get_super+0x270/0x270 [ 307.609744] ? rcu_read_lock_sched_held+0x14f/0x180 [ 307.614753] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 307.619592] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 307.625140] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 307.630693] ? ns_capable_common+0x13f/0x170 [ 307.635097] mount_ns+0x8f/0x1d0 [ 307.638461] nfsd_mount+0xa4/0xd0 [ 307.641905] ? nfsd_mount+0xd0/0xd0 [ 307.645522] ? nfsd_umount+0x80/0x80 [ 307.649249] legacy_get_tree+0x12f/0x260 [ 307.653308] ? security_fs_context_validate+0x80/0xa0 [ 307.658506] vfs_get_tree+0x1cb/0x5c0 [ 307.662305] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 307.667072] do_mount+0x82a/0x1ff0 [ 307.670619] ? copy_mount_string+0x40/0x40 [ 307.674856] ? retint_kernel+0x2d/0x2d [ 307.678750] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 307.684278] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 307.689806] ? copy_mount_options+0x315/0x430 [ 307.694295] ksys_mount+0x12d/0x140 [ 307.697913] __x64_sys_mount+0xbe/0x150 [ 307.701880] do_syscall_64+0x1b9/0x820 [ 307.705757] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 307.711110] ? syscall_return_slowpath+0x5e0/0x5e0 [ 307.716048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.720897] ? trace_hardirqs_on_caller+0x310/0x310 [ 307.725907] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 307.730919] ? prepare_exit_to_usermode+0x291/0x3b0 [ 307.735946] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 307.740785] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 307.745977] RIP: 0033:0x457569 [ 307.749162] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 307.768058] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:03 executing program 0 (fault-call:1 fault-nth:29): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 307.775774] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 307.783062] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 307.790343] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 307.797609] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 307.804880] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 307.911394] FAULT_INJECTION: forcing a failure. [ 307.911394] name failslab, interval 1, probability 0, space 0, times 0 22:09:03 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:03 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x0, 0x0) [ 308.006171] CPU: 0 PID: 9665 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 308.014459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.023827] Call Trace: [ 308.026448] dump_stack+0x244/0x39d [ 308.030105] ? dump_stack_print_info.cold.1+0x20/0x20 [ 308.035322] ? __kernel_text_address+0xd/0x40 [ 308.039838] ? unwind_get_return_address+0x61/0xa0 [ 308.044787] should_fail.cold.4+0xa/0x17 [ 308.048864] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:03 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\n', 0x0, &(0x7f0000000100)) 22:09:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:03 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.054001] ? save_stack+0x43/0xd0 [ 308.057654] ? kasan_kmalloc+0xc7/0xe0 [ 308.061558] ? kmem_cache_alloc_trace+0x152/0x750 [ 308.066419] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 308.071620] ? __list_lru_init+0x4d6/0x840 [ 308.075868] ? zap_class+0x640/0x640 [ 308.079588] ? nfsd_mount+0xa4/0xd0 [ 308.083232] ? legacy_get_tree+0x12f/0x260 [ 308.087483] ? vfs_get_tree+0x1cb/0x5c0 [ 308.087501] ? do_mount+0x82a/0x1ff0 [ 308.087517] ? ksys_mount+0x12d/0x140 [ 308.087532] ? __x64_sys_mount+0xbe/0x150 22:09:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.087546] ? do_syscall_64+0x1b9/0x820 [ 308.087567] ? find_held_lock+0x36/0x1c0 [ 308.087588] ? __lock_is_held+0xb5/0x140 [ 308.087617] ? perf_trace_sched_process_exec+0x860/0x860 [ 308.087643] __should_failslab+0x124/0x180 [ 308.095366] should_failslab+0x9/0x14 [ 308.128925] kmem_cache_alloc_trace+0x2d7/0x750 [ 308.133613] ? __kmalloc_node+0x3c/0x70 [ 308.137599] ? __kmalloc_node+0x3c/0x70 [ 308.141587] ? rcu_read_lock_sched_held+0x14f/0x180 [ 308.146629] __memcg_init_list_lru_node+0x185/0x2d0 [ 308.151664] ? kvfree_rcu+0x20/0x20 22:09:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.155305] ? __kmalloc_node+0x50/0x70 [ 308.159303] __list_lru_init+0x4d6/0x840 [ 308.163378] ? list_lru_destroy+0x500/0x500 [ 308.167724] ? up_write+0x7b/0x220 [ 308.171281] ? down_read+0x120/0x120 [ 308.175019] ? init_wait_entry+0x1c0/0x1c0 [ 308.179280] ? prealloc_shrinker+0x172/0x340 [ 308.183716] alloc_super+0x933/0xb40 [ 308.187450] ? destroy_unused_super.part.10+0x110/0x110 [ 308.192829] ? sget_userns+0x17c/0x850 [ 308.196711] ? lock_downgrade+0x900/0x900 [ 308.200856] ? kasan_check_read+0x11/0x20 [ 308.204994] ? do_raw_spin_trylock+0x270/0x270 [ 308.209570] ? security_capable+0x99/0xc0 [ 308.213709] sget_userns+0x278/0x850 [ 308.217440] ? set_anon_super+0x20/0x20 [ 308.221408] ? alloc_empty_file.cold.6+0x42/0x42 [ 308.226158] ? vfs_get_super+0x270/0x270 [ 308.230221] ? rcu_read_lock_sched_held+0x14f/0x180 [ 308.235227] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 308.240067] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 308.245620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.251162] ? ns_capable_common+0x13f/0x170 [ 308.255559] mount_ns+0x8f/0x1d0 [ 308.258923] nfsd_mount+0xa4/0xd0 [ 308.262361] ? nfsd_mount+0xd0/0xd0 [ 308.265977] ? nfsd_umount+0x80/0x80 [ 308.269698] legacy_get_tree+0x12f/0x260 [ 308.273751] ? security_fs_context_validate+0x80/0xa0 [ 308.278947] vfs_get_tree+0x1cb/0x5c0 [ 308.282740] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 308.287490] do_mount+0x82a/0x1ff0 [ 308.291046] ? copy_mount_string+0x40/0x40 [ 308.295288] ? retint_kernel+0x2d/0x2d [ 308.299193] ? copy_mount_options+0x228/0x430 [ 308.303702] ? write_comp_data+0x6c/0x70 [ 308.307754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.313285] ? copy_mount_options+0x315/0x430 [ 308.317775] ksys_mount+0x12d/0x140 [ 308.321416] __x64_sys_mount+0xbe/0x150 [ 308.325406] do_syscall_64+0x1b9/0x820 [ 308.329289] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 308.334652] ? syscall_return_slowpath+0x5e0/0x5e0 [ 308.339598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.344443] ? trace_hardirqs_on_caller+0x310/0x310 [ 308.349455] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 308.354464] ? prepare_exit_to_usermode+0x291/0x3b0 [ 308.359569] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.364413] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.369590] RIP: 0033:0x457569 [ 308.372774] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 308.391665] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 308.399374] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:03 executing program 0 (fault-call:1 fault-nth:30): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.406654] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 308.413928] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 308.421204] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 308.428463] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 308.523659] FAULT_INJECTION: forcing a failure. [ 308.523659] name failslab, interval 1, probability 0, space 0, times 0 [ 308.569076] CPU: 0 PID: 9688 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 308.577276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.586647] Call Trace: [ 308.589261] dump_stack+0x244/0x39d [ 308.593180] ? dump_stack_print_info.cold.1+0x20/0x20 [ 308.598397] ? __kernel_text_address+0xd/0x40 [ 308.602913] ? unwind_get_return_address+0x61/0xa0 [ 308.607864] should_fail.cold.4+0xa/0x17 [ 308.611947] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:03 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.617082] ? save_stack+0x43/0xd0 [ 308.620723] ? kasan_kmalloc+0xc7/0xe0 [ 308.624620] ? kmem_cache_alloc_trace+0x152/0x750 [ 308.629482] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 308.634713] ? __list_lru_init+0x4d6/0x840 [ 308.638969] ? zap_class+0x640/0x640 [ 308.642694] ? nfsd_mount+0xa4/0xd0 [ 308.646335] ? legacy_get_tree+0x12f/0x260 [ 308.650758] ? vfs_get_tree+0x1cb/0x5c0 [ 308.654732] ? do_mount+0x82a/0x1ff0 [ 308.658460] ? ksys_mount+0x12d/0x140 [ 308.662269] ? __x64_sys_mount+0xbe/0x150 22:09:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736403", 0x0, &(0x7f0000000100)) [ 308.666437] ? do_syscall_64+0x1b9/0x820 [ 308.670518] ? find_held_lock+0x36/0x1c0 [ 308.674597] ? __lock_is_held+0xb5/0x140 [ 308.678683] ? perf_trace_sched_process_exec+0x860/0x860 [ 308.684160] __should_failslab+0x124/0x180 [ 308.688419] should_failslab+0x9/0x14 [ 308.692236] kmem_cache_alloc_trace+0x2d7/0x750 [ 308.696921] ? __kmalloc_node+0x3c/0x70 [ 308.700911] ? __kmalloc_node+0x3c/0x70 [ 308.704904] ? rcu_read_lock_sched_held+0x14f/0x180 [ 308.709942] __memcg_init_list_lru_node+0x185/0x2d0 [ 308.714978] ? kvfree_rcu+0x20/0x20 [ 308.718913] ? __kmalloc_node+0x50/0x70 [ 308.722905] __list_lru_init+0x4d6/0x840 [ 308.726980] ? list_lru_destroy+0x500/0x500 [ 308.731307] ? up_write+0x7b/0x220 [ 308.734833] ? down_read+0x120/0x120 [ 308.738538] ? init_wait_entry+0x1c0/0x1c0 [ 308.742757] ? prealloc_shrinker+0x172/0x340 [ 308.747157] alloc_super+0x933/0xb40 [ 308.750862] ? destroy_unused_super.part.10+0x110/0x110 [ 308.756225] ? sget_userns+0x17c/0x850 [ 308.760105] ? lock_downgrade+0x900/0x900 [ 308.764242] ? kasan_check_read+0x11/0x20 [ 308.768380] ? do_raw_spin_trylock+0x270/0x270 [ 308.772955] ? security_capable+0x99/0xc0 [ 308.777096] sget_userns+0x278/0x850 [ 308.780796] ? set_anon_super+0x20/0x20 [ 308.784772] ? alloc_empty_file.cold.6+0x42/0x42 [ 308.789513] ? vfs_get_super+0x270/0x270 [ 308.793562] ? rcu_read_lock_sched_held+0x14f/0x180 [ 308.798563] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 308.803398] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 308.808939] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.814463] ? ns_capable_common+0x13f/0x170 [ 308.818860] mount_ns+0x8f/0x1d0 [ 308.822216] nfsd_mount+0xa4/0xd0 [ 308.825653] ? nfsd_mount+0xd0/0xd0 [ 308.829270] ? nfsd_umount+0x80/0x80 [ 308.832970] legacy_get_tree+0x12f/0x260 [ 308.837024] ? security_fs_context_validate+0x80/0xa0 [ 308.842217] vfs_get_tree+0x1cb/0x5c0 [ 308.846010] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 308.850762] do_mount+0x82a/0x1ff0 [ 308.854290] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 308.859815] ? copy_mount_string+0x40/0x40 [ 308.864044] ? copy_mount_options+0x5f/0x430 [ 308.868440] ? kmem_cache_alloc_trace+0x353/0x750 [ 308.873273] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 308.878798] ? _copy_from_user+0xdf/0x150 [ 308.882936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.888459] ? copy_mount_options+0x315/0x430 [ 308.892941] ksys_mount+0x12d/0x140 [ 308.896554] __x64_sys_mount+0xbe/0x150 [ 308.900535] do_syscall_64+0x1b9/0x820 [ 308.904412] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 308.909765] ? syscall_return_slowpath+0x5e0/0x5e0 [ 308.914683] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.919514] ? trace_hardirqs_on_caller+0x310/0x310 [ 308.924517] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 308.929520] ? prepare_exit_to_usermode+0x291/0x3b0 [ 308.934523] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 308.939357] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.944541] RIP: 0033:0x457569 [ 308.947721] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:04 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:04 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 308.966612] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 308.974313] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 308.981573] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 308.988837] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 308.996105] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 309.003374] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:04 executing program 0 (fault-call:1 fault-nth:31): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:04 executing program 2: r0 = socket$inet6(0xa, 0x8000000000000001, 0x0) setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f00000000c0)=0x2000000008, 0x4) bind$inet6(r0, &(0x7f0000ff1000)={0xa, 0x4e20}, 0x1c) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x5, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet6(r0, &(0x7f0000000040), 0x0, 0x20040000, &(0x7f0000f62fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 22:09:04 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 309.111521] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 309.148427] FAULT_INJECTION: forcing a failure. [ 309.148427] name failslab, interval 1, probability 0, space 0, times 0 22:09:04 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 309.188971] CPU: 0 PID: 9711 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 309.197180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.206553] Call Trace: [ 309.209163] dump_stack+0x244/0x39d [ 309.212820] ? dump_stack_print_info.cold.1+0x20/0x20 [ 309.218039] ? __kernel_text_address+0xd/0x40 [ 309.222551] ? unwind_get_return_address+0x61/0xa0 [ 309.227506] should_fail.cold.4+0xa/0x17 [ 309.231587] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 309.236717] ? save_stack+0x43/0xd0 [ 309.240359] ? kasan_kmalloc+0xc7/0xe0 [ 309.244266] ? kmem_cache_alloc_trace+0x152/0x750 [ 309.249119] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 309.254324] ? __list_lru_init+0x4d6/0x840 [ 309.258584] ? zap_class+0x640/0x640 [ 309.262304] ? nfsd_mount+0xa4/0xd0 [ 309.265941] ? legacy_get_tree+0x12f/0x260 [ 309.270194] ? vfs_get_tree+0x1cb/0x5c0 [ 309.274180] ? do_mount+0x82a/0x1ff0 [ 309.277908] ? ksys_mount+0x12d/0x140 [ 309.281715] ? __x64_sys_mount+0xbe/0x150 [ 309.285863] ? do_syscall_64+0x1b9/0x820 [ 309.289930] ? find_held_lock+0x36/0x1c0 [ 309.294000] ? __lock_is_held+0xb5/0x140 [ 309.298085] ? perf_trace_sched_process_exec+0x860/0x860 [ 309.303551] __should_failslab+0x124/0x180 [ 309.307793] should_failslab+0x9/0x14 [ 309.311597] kmem_cache_alloc_trace+0x2d7/0x750 [ 309.316272] ? __kmalloc_node+0x3c/0x70 [ 309.320246] ? __kmalloc_node+0x3c/0x70 [ 309.324262] ? rcu_read_lock_sched_held+0x14f/0x180 [ 309.329286] __memcg_init_list_lru_node+0x185/0x2d0 [ 309.334309] ? kvfree_rcu+0x20/0x20 [ 309.337937] ? __kmalloc_node+0x50/0x70 [ 309.341924] __list_lru_init+0x4d6/0x840 [ 309.345991] ? list_lru_destroy+0x500/0x500 [ 309.350320] ? up_write+0x7b/0x220 [ 309.353863] ? down_read+0x120/0x120 [ 309.357583] ? init_wait_entry+0x1c0/0x1c0 [ 309.361822] ? prealloc_shrinker+0x172/0x340 [ 309.366243] alloc_super+0x933/0xb40 [ 309.369972] ? destroy_unused_super.part.10+0x110/0x110 [ 309.375352] ? sget_userns+0x17c/0x850 [ 309.379244] ? lock_downgrade+0x900/0x900 [ 309.383408] ? kasan_check_read+0x11/0x20 [ 309.387561] ? do_raw_spin_trylock+0x270/0x270 [ 309.392148] ? security_capable+0x99/0xc0 [ 309.396306] sget_userns+0x278/0x850 [ 309.400021] ? set_anon_super+0x20/0x20 [ 309.404016] ? alloc_empty_file.cold.6+0x42/0x42 [ 309.408778] ? vfs_get_super+0x270/0x270 [ 309.412845] ? rcu_read_lock_sched_held+0x14f/0x180 [ 309.417866] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 309.422721] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 309.428285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.433830] ? ns_capable_common+0x13f/0x170 [ 309.438243] mount_ns+0x8f/0x1d0 [ 309.441621] nfsd_mount+0xa4/0xd0 [ 309.445076] ? nfsd_mount+0xd0/0xd0 [ 309.448706] ? nfsd_umount+0x80/0x80 [ 309.452429] legacy_get_tree+0x12f/0x260 [ 309.456494] ? security_fs_context_validate+0x80/0xa0 [ 309.461690] vfs_get_tree+0x1cb/0x5c0 [ 309.465494] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 309.470259] do_mount+0x82a/0x1ff0 [ 309.473809] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 309.479361] ? copy_mount_string+0x40/0x40 [ 309.483611] ? copy_mount_options+0x5f/0x430 [ 309.488025] ? kmem_cache_alloc_trace+0x353/0x750 [ 309.492891] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.498434] ? copy_mount_options+0x315/0x430 [ 309.502945] ksys_mount+0x12d/0x140 [ 309.506584] __x64_sys_mount+0xbe/0x150 [ 309.510574] do_syscall_64+0x1b9/0x820 [ 309.514470] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 309.520345] ? syscall_return_slowpath+0x5e0/0x5e0 [ 309.525282] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.530131] ? trace_hardirqs_on_caller+0x310/0x310 [ 309.535160] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 309.540191] ? prepare_exit_to_usermode+0x291/0x3b0 [ 309.545225] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 309.550081] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.555276] RIP: 0033:0x457569 [ 309.558476] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.577404] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736404", 0x0, &(0x7f0000000100)) 22:09:04 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 309.585131] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 309.592418] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 309.599700] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 309.606980] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 309.614270] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:05 executing program 0 (fault-call:1 fault-nth:32): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:05 executing program 2: syz_mount_image$f2fs(&(0x7f0000000040)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f0000010400)="1020f5f20100070009000000030000000c0000000900000001000000020000000428000000300000000000000e00000016000000020000000200000002000000020000000e000000000400000004000000080000000c00000010000000140000030000000100000002", 0x69, 0x1400}], 0x0, &(0x7f0000000140)) 22:09:05 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736406", 0x0, &(0x7f0000000100)) 22:09:05 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 309.786890] FAULT_INJECTION: forcing a failure. [ 309.786890] name failslab, interval 1, probability 0, space 0, times 0 [ 309.811048] CPU: 0 PID: 9738 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 309.819253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 309.828622] Call Trace: [ 309.831242] dump_stack+0x244/0x39d [ 309.834900] ? dump_stack_print_info.cold.1+0x20/0x20 [ 309.840111] ? __kernel_text_address+0xd/0x40 [ 309.844625] ? unwind_get_return_address+0x61/0xa0 [ 309.849571] should_fail.cold.4+0xa/0x17 [ 309.849590] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 309.849616] ? save_stack+0x43/0xd0 [ 309.849630] ? kasan_kmalloc+0xc7/0xe0 [ 309.849652] ? kmem_cache_alloc_trace+0x152/0x750 [ 309.858956] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 309.858969] ? __list_lru_init+0x4d6/0x840 [ 309.858986] ? zap_class+0x640/0x640 [ 309.858999] ? nfsd_mount+0xa4/0xd0 [ 309.859014] ? legacy_get_tree+0x12f/0x260 [ 309.859038] ? vfs_get_tree+0x1cb/0x5c0 [ 309.859053] ? do_mount+0x82a/0x1ff0 [ 309.859068] ? ksys_mount+0x12d/0x140 [ 309.859087] ? __x64_sys_mount+0xbe/0x150 [ 309.871426] ? do_syscall_64+0x1b9/0x820 [ 309.882830] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 309.884545] ? find_held_lock+0x36/0x1c0 [ 309.884568] ? __lock_is_held+0xb5/0x140 [ 309.884640] ? receive_mergeable+0x2b78/0x3a80 [ 309.892557] ? perf_trace_sched_process_exec+0x860/0x860 [ 309.892585] __should_failslab+0x124/0x180 [ 309.897182] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 309.900250] should_failslab+0x9/0x14 [ 309.900269] kmem_cache_alloc_trace+0x2d7/0x750 [ 309.900285] ? __kmalloc_node+0x3c/0x70 [ 309.900304] ? __kmalloc_node+0x3c/0x70 [ 309.906794] attempt to access beyond end of device [ 309.908238] ? rcu_read_lock_sched_held+0x14f/0x180 [ 309.908263] __memcg_init_list_lru_node+0x185/0x2d0 [ 309.908282] ? kvfree_rcu+0x20/0x20 [ 309.912421] loop2: rw=12288, want=8200, limit=20 [ 309.919349] ? __kmalloc_node+0x50/0x70 [ 309.919373] __list_lru_init+0x4d6/0x840 [ 309.919398] ? list_lru_destroy+0x500/0x500 [ 309.919418] ? up_write+0x7b/0x220 [ 309.919432] ? down_read+0x120/0x120 [ 309.919451] ? init_wait_entry+0x1c0/0x1c0 [ 309.919466] ? prealloc_shrinker+0x172/0x340 [ 309.919493] alloc_super+0x933/0xb40 [ 309.924090] attempt to access beyond end of device [ 309.927595] ? destroy_unused_super.part.10+0x110/0x110 [ 309.927609] ? sget_userns+0x17c/0x850 [ 309.927627] ? lock_downgrade+0x900/0x900 [ 309.927652] ? kasan_check_read+0x11/0x20 [ 309.927668] ? do_raw_spin_trylock+0x270/0x270 [ 309.927685] ? security_capable+0x99/0xc0 [ 309.927708] sget_userns+0x278/0x850 [ 309.932520] loop2: rw=12288, want=12296, limit=20 [ 309.937721] ? set_anon_super+0x20/0x20 [ 309.937743] ? alloc_empty_file.cold.6+0x42/0x42 [ 309.937757] ? vfs_get_super+0x270/0x270 [ 309.937775] ? rcu_read_lock_sched_held+0x14f/0x180 [ 309.937792] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 309.937815] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 309.937852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.937866] ? ns_capable_common+0x13f/0x170 [ 309.937882] mount_ns+0x8f/0x1d0 [ 309.937903] nfsd_mount+0xa4/0xd0 [ 309.937921] ? nfsd_mount+0xd0/0xd0 [ 310.109255] ? nfsd_umount+0x80/0x80 [ 310.112979] legacy_get_tree+0x12f/0x260 [ 310.117061] ? security_fs_context_validate+0x80/0xa0 [ 310.122261] vfs_get_tree+0x1cb/0x5c0 [ 310.126071] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 310.130923] do_mount+0x82a/0x1ff0 [ 310.134476] ? copy_mount_string+0x40/0x40 [ 310.138719] ? retint_kernel+0x2d/0x2d [ 310.142635] ? copy_mount_options+0x239/0x430 [ 310.147141] ? copy_mount_options+0x247/0x430 [ 310.151646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.157192] ? copy_mount_options+0x315/0x430 [ 310.161700] ksys_mount+0x12d/0x140 [ 310.165384] __x64_sys_mount+0xbe/0x150 [ 310.169377] do_syscall_64+0x1b9/0x820 [ 310.173271] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 310.178644] ? syscall_return_slowpath+0x5e0/0x5e0 [ 310.183577] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.188433] ? trace_hardirqs_on_caller+0x310/0x310 [ 310.193459] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 310.198486] ? prepare_exit_to_usermode+0x291/0x3b0 [ 310.203515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.208375] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.213569] RIP: 0033:0x457569 [ 310.216772] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:05 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 310.235683] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 310.243421] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 310.250702] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 310.257980] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 310.265263] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 310.272542] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 310.282058] F2FS-fs (loop2): Failed to get valid F2FS checkpoint 22:09:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 310.291780] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 310.299181] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 310.313942] attempt to access beyond end of device [ 310.328150] loop2: rw=12288, want=8200, limit=20 [ 310.384616] attempt to access beyond end of device [ 310.433401] loop2: rw=12288, want=12296, limit=20 22:09:05 executing program 0 (fault-call:1 fault-nth:33): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:05 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:05 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 310.471135] F2FS-fs (loop2): Failed to get valid F2FS checkpoint [ 310.521512] FAULT_INJECTION: forcing a failure. [ 310.521512] name failslab, interval 1, probability 0, space 0, times 0 [ 310.542914] CPU: 1 PID: 9763 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 310.551104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.560474] Call Trace: [ 310.563086] dump_stack+0x244/0x39d [ 310.566742] ? dump_stack_print_info.cold.1+0x20/0x20 [ 310.571950] ? __kernel_text_address+0xd/0x40 [ 310.576469] ? unwind_get_return_address+0x61/0xa0 [ 310.581414] should_fail.cold.4+0xa/0x17 [ 310.585496] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 310.590620] ? save_stack+0x43/0xd0 [ 310.594260] ? kasan_kmalloc+0xc7/0xe0 [ 310.598157] ? kmem_cache_alloc_trace+0x152/0x750 [ 310.603013] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 310.608223] ? __list_lru_init+0x4d6/0x840 [ 310.612475] ? zap_class+0x640/0x640 [ 310.616205] ? nfsd_mount+0xa4/0xd0 [ 310.619846] ? legacy_get_tree+0x12f/0x260 [ 310.619864] ? vfs_get_tree+0x1cb/0x5c0 [ 310.619880] ? do_mount+0x82a/0x1ff0 [ 310.619903] ? ksys_mount+0x12d/0x140 [ 310.619923] ? __x64_sys_mount+0xbe/0x150 [ 310.628123] ? do_syscall_64+0x1b9/0x820 [ 310.628145] ? find_held_lock+0x36/0x1c0 [ 310.628166] ? __lock_is_held+0xb5/0x140 [ 310.628265] ? mlx4_SET_VPORT_QOS_get+0x338/0x3e0 [ 310.628295] ? perf_trace_sched_process_exec+0x860/0x860 [ 310.662917] __should_failslab+0x124/0x180 [ 310.667170] should_failslab+0x9/0x14 [ 310.670981] kmem_cache_alloc_trace+0x2d7/0x750 [ 310.675667] ? __kmalloc_node+0x3c/0x70 [ 310.675683] ? __kmalloc_node+0x3c/0x70 [ 310.675704] ? rcu_read_lock_sched_held+0x14f/0x180 [ 310.683648] __memcg_init_list_lru_node+0x185/0x2d0 [ 310.683668] ? kvfree_rcu+0x20/0x20 [ 310.683686] ? __kmalloc_node+0x50/0x70 [ 310.683707] __list_lru_init+0x4d6/0x840 [ 310.693731] ? list_lru_destroy+0x500/0x500 [ 310.693753] ? up_write+0x7b/0x220 [ 310.693769] ? down_read+0x120/0x120 [ 310.693794] ? init_wait_entry+0x1c0/0x1c0 22:09:05 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:05 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:06 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 310.701384] ? prealloc_shrinker+0x172/0x340 [ 310.701413] alloc_super+0x933/0xb40 [ 310.701439] ? destroy_unused_super.part.10+0x110/0x110 [ 310.713342] ? sget_userns+0x17c/0x850 [ 310.713363] ? lock_downgrade+0x900/0x900 [ 310.713389] ? kasan_check_read+0x11/0x20 [ 310.713414] ? do_raw_spin_trylock+0x270/0x270 [ 310.721389] ? security_capable+0x99/0xc0 [ 310.721415] sget_userns+0x278/0x850 [ 310.721432] ? set_anon_super+0x20/0x20 [ 310.721456] ? alloc_empty_file.cold.6+0x42/0x42 [ 310.768242] ? vfs_get_super+0x270/0x270 [ 310.772326] ? rcu_read_lock_sched_held+0x14f/0x180 [ 310.777359] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 310.782228] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 310.787812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.793365] ? ns_capable_common+0x13f/0x170 [ 310.797792] mount_ns+0x8f/0x1d0 [ 310.801181] nfsd_mount+0xa4/0xd0 [ 310.804642] ? nfsd_mount+0xd0/0xd0 [ 310.808277] ? nfsd_umount+0x80/0x80 [ 310.808298] legacy_get_tree+0x12f/0x260 [ 310.808318] ? security_fs_context_validate+0x80/0xa0 22:09:06 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0401273, &(0x7f0000000100)={[], 0x0, 0x81, 0xfff}) syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000180)={0x2e, 0x4, 0x0, {0x0, 0xea3, 0x6, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}, 0x2e) 22:09:06 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:06 executing program 2: accept$packet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)) sched_setattr(0x0, &(0x7f0000000000)={0x0, 0x6}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000880)={0x0}, &(0x7f00000008c0)=0xc) getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000032c0)=0x14) accept$packet(0xffffffffffffffff, &(0x7f0000006ac0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000006b00)=0x14) sendmmsg(0xffffffffffffffff, &(0x7f00000083c0)=[{{&(0x7f0000006d80)=@un=@file={0x1, './file0\x00'}, 0x80, &(0x7f0000007240), 0x0, &(0x7f0000007300), 0x0, 0x40000c0}, 0x400}], 0x1, 0x20000000) pipe2(&(0x7f0000000440), 0x0) ioctl$IOC_PR_CLEAR(0xffffffffffffffff, 0x401070cd, &(0x7f0000000580)={0x80}) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x10, &(0x7f0000000500)={0x2}) syz_mount_image$gfs2(&(0x7f0000000140)='gfs2\x00', &(0x7f0000000280)='./file1\x00', 0x9, 0x1, &(0x7f0000000600)=[{&(0x7f00000005c0)="26371fd55c23ffef736e9091dedcaacd9bc3f896dd6f432d956d8518b1a3ca3575be14dc484aca84d5b83f004e5c6f3cd85bc8c555", 0x35}], 0x0, &(0x7f0000000640)) r1 = socket(0x10, 0x802, 0x0) getsockopt$EBT_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x80, &(0x7f00000007c0)={'nat\x00'}, &(0x7f0000000180)=0xffffffffffffffe3) kcmp(r0, r0, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000002c0)={'team0\x00'}) epoll_create1(0x80000) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000d00)={{0x8, 0x5, 0x20, 0x0, 'syz1\x00', 0x3}, 0x6, 0x20000018, 0x0, 0x0, 0x1, 0x8, 'syz1\x00', &(0x7f0000000080)=['/dev/uinput\x00'], 0xc, [], [0x80000001, 0x3, 0x0, 0x3fffffff8000000]}) openat$vcs(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcs\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000100)={"7465616d300000ffffffc000", 0x4bfd}) [ 310.808338] vfs_get_tree+0x1cb/0x5c0 [ 310.808355] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 310.808373] do_mount+0x82a/0x1ff0 [ 310.808391] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 310.808417] ? copy_mount_string+0x40/0x40 [ 310.843194] ? copy_mount_options+0x5f/0x430 [ 310.847627] ? kmem_cache_alloc_trace+0x353/0x750 [ 310.852490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 310.858052] ? _copy_from_user+0xdf/0x150 [ 310.862220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 310.867768] ? copy_mount_options+0x315/0x430 [ 310.872283] ksys_mount+0x12d/0x140 [ 310.875933] __x64_sys_mount+0xbe/0x150 [ 310.879935] do_syscall_64+0x1b9/0x820 [ 310.883844] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 310.889223] ? syscall_return_slowpath+0x5e0/0x5e0 [ 310.889240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 310.889260] ? trace_hardirqs_on_caller+0x310/0x310 [ 310.889281] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 310.899051] ? prepare_exit_to_usermode+0x291/0x3b0 [ 310.899074] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:09:06 executing program 0 (fault-call:1 fault-nth:34): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 310.899098] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 310.899111] RIP: 0033:0x457569 [ 310.899128] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 310.899141] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 310.913427] gfs2: not a GFS2 filesystem [ 310.914158] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 310.914169] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 310.914179] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 310.914189] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 310.914199] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 310.988128] FAULT_INJECTION: forcing a failure. [ 310.988128] name failslab, interval 1, probability 0, space 0, times 0 [ 311.006193] CPU: 0 PID: 9785 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 311.014959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.024332] Call Trace: [ 311.026943] dump_stack+0x244/0x39d [ 311.030590] ? dump_stack_print_info.cold.1+0x20/0x20 [ 311.035791] ? __kernel_text_address+0xd/0x40 [ 311.040297] ? unwind_get_return_address+0x61/0xa0 [ 311.045243] should_fail.cold.4+0xa/0x17 [ 311.049316] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 311.054444] ? save_stack+0x43/0xd0 [ 311.058078] ? kasan_kmalloc+0xc7/0xe0 [ 311.061972] ? kmem_cache_alloc_trace+0x152/0x750 [ 311.066828] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 311.072041] ? __list_lru_init+0x4d6/0x840 [ 311.076296] ? zap_class+0x640/0x640 [ 311.080018] ? nfsd_mount+0xa4/0xd0 [ 311.083667] ? legacy_get_tree+0x12f/0x260 [ 311.087916] ? vfs_get_tree+0x1cb/0x5c0 [ 311.091911] ? do_mount+0x82a/0x1ff0 [ 311.095635] ? ksys_mount+0x12d/0x140 [ 311.099445] ? __x64_sys_mount+0xbe/0x150 [ 311.103607] ? do_syscall_64+0x1b9/0x820 [ 311.107681] ? find_held_lock+0x36/0x1c0 [ 311.111751] ? __lock_is_held+0xb5/0x140 [ 311.115835] ? perf_trace_sched_process_exec+0x860/0x860 [ 311.121309] __should_failslab+0x124/0x180 [ 311.125561] should_failslab+0x9/0x14 [ 311.129375] kmem_cache_alloc_trace+0x2d7/0x750 [ 311.134061] ? __kmalloc_node+0x3c/0x70 [ 311.138050] ? __kmalloc_node+0x3c/0x70 [ 311.142047] ? rcu_read_lock_sched_held+0x14f/0x180 [ 311.147082] __memcg_init_list_lru_node+0x185/0x2d0 [ 311.152108] ? kvfree_rcu+0x20/0x20 [ 311.155747] ? __kmalloc_node+0x50/0x70 [ 311.159739] __list_lru_init+0x4d6/0x840 [ 311.163811] ? list_lru_destroy+0x500/0x500 [ 311.168150] ? up_write+0x7b/0x220 [ 311.171702] ? down_read+0x120/0x120 [ 311.175432] ? init_wait_entry+0x1c0/0x1c0 [ 311.179673] ? prealloc_shrinker+0x172/0x340 [ 311.184102] alloc_super+0x933/0xb40 [ 311.187837] ? destroy_unused_super.part.10+0x110/0x110 [ 311.193207] ? sget_userns+0x17c/0x850 [ 311.197109] ? lock_downgrade+0x900/0x900 [ 311.201271] ? kasan_check_read+0x11/0x20 [ 311.205436] ? do_raw_spin_trylock+0x270/0x270 [ 311.210025] ? security_capable+0x99/0xc0 [ 311.214199] sget_userns+0x278/0x850 [ 311.217922] ? set_anon_super+0x20/0x20 [ 311.221907] ? alloc_empty_file.cold.6+0x42/0x42 [ 311.226672] ? vfs_get_super+0x270/0x270 [ 311.230744] ? rcu_read_lock_sched_held+0x14f/0x180 [ 311.235770] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 311.240628] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.246199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.251750] ? ns_capable_common+0x13f/0x170 [ 311.256179] mount_ns+0x8f/0x1d0 [ 311.259561] nfsd_mount+0xa4/0xd0 [ 311.263014] ? nfsd_mount+0xd0/0xd0 [ 311.266655] ? nfsd_umount+0x80/0x80 [ 311.270380] legacy_get_tree+0x12f/0x260 [ 311.274461] ? security_fs_context_validate+0x80/0xa0 [ 311.279663] vfs_get_tree+0x1cb/0x5c0 [ 311.283473] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 311.288239] do_mount+0x82a/0x1ff0 [ 311.291791] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 311.297346] ? copy_mount_string+0x40/0x40 [ 311.301598] ? copy_mount_options+0x5f/0x430 [ 311.306019] ? kmem_cache_alloc_trace+0x353/0x750 [ 311.311505] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 311.311530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.311547] ? copy_mount_options+0x315/0x430 [ 311.311571] ksys_mount+0x12d/0x140 [ 311.318068] device team0 entered promiscuous mode [ 311.322650] __x64_sys_mount+0xbe/0x150 [ 311.322673] do_syscall_64+0x1b9/0x820 [ 311.322696] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 311.346343] device team_slave_0 entered promiscuous mode [ 311.348820] ? syscall_return_slowpath+0x5e0/0x5e0 [ 311.348835] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 311.348855] ? trace_hardirqs_on_caller+0x310/0x310 [ 311.348878] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 311.348896] ? prepare_exit_to_usermode+0x291/0x3b0 [ 311.354830] device team_slave_1 entered promiscuous mode [ 311.359467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 311.359491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.359503] RIP: 0033:0x457569 [ 311.359521] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.359529] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 311.359543] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 311.359552] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 311.359566] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 311.370825] 8021q: adding VLAN 0 to HW filter on device team0 [ 311.374424] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 311.374435] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:06 executing program 0 (fault-call:1 fault-nth:35): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 311.520480] gfs2: not a GFS2 filesystem [ 311.521558] device team0 left promiscuous mode [ 311.576914] device team_slave_0 left promiscuous mode [ 311.582304] device team_slave_1 left promiscuous mode [ 311.617087] FAULT_INJECTION: forcing a failure. 22:09:06 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f0", 0x0, &(0x7f0000000100)) 22:09:06 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736402", 0x0, &(0x7f0000000100)) [ 311.617087] name failslab, interval 1, probability 0, space 0, times 0 [ 311.652422] CPU: 1 PID: 9805 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 311.660622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.670011] Call Trace: [ 311.672636] dump_stack+0x244/0x39d [ 311.676288] ? dump_stack_print_info.cold.1+0x20/0x20 [ 311.681499] ? __kernel_text_address+0xd/0x40 [ 311.686008] ? unwind_get_return_address+0x61/0xa0 [ 311.690966] should_fail.cold.4+0xa/0x17 [ 311.695054] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 311.700179] ? save_stack+0x43/0xd0 [ 311.703816] ? kasan_kmalloc+0xc7/0xe0 [ 311.707715] ? kmem_cache_alloc_trace+0x152/0x750 [ 311.712573] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 311.717773] ? __list_lru_init+0x4d6/0x840 [ 311.722019] ? zap_class+0x640/0x640 [ 311.725750] ? nfsd_mount+0xa4/0xd0 [ 311.729385] ? legacy_get_tree+0x12f/0x260 [ 311.733627] ? vfs_get_tree+0x1cb/0x5c0 [ 311.737608] ? do_mount+0x82a/0x1ff0 [ 311.741331] ? ksys_mount+0x12d/0x140 [ 311.745140] ? __x64_sys_mount+0xbe/0x150 [ 311.749297] ? do_syscall_64+0x1b9/0x820 [ 311.753370] ? find_held_lock+0x36/0x1c0 [ 311.757447] ? __lock_is_held+0xb5/0x140 [ 311.761573] ? runtime_status_show+0x168/0x180 [ 311.766183] ? perf_trace_sched_process_exec+0x860/0x860 [ 311.771659] __should_failslab+0x124/0x180 [ 311.775915] should_failslab+0x9/0x14 [ 311.779728] kmem_cache_alloc_trace+0x2d7/0x750 [ 311.784409] ? __kmalloc_node+0x3c/0x70 [ 311.788395] ? __kmalloc_node+0x3c/0x70 [ 311.792384] ? rcu_read_lock_sched_held+0x14f/0x180 [ 311.797417] __memcg_init_list_lru_node+0x185/0x2d0 [ 311.802449] ? kvfree_rcu+0x20/0x20 [ 311.806088] ? __kmalloc_node+0x50/0x70 [ 311.810082] __list_lru_init+0x4d6/0x840 [ 311.814160] ? list_lru_destroy+0x500/0x500 [ 311.818500] ? up_write+0x7b/0x220 [ 311.822058] ? down_read+0x120/0x120 [ 311.825784] ? init_wait_entry+0x1c0/0x1c0 [ 311.830023] ? prealloc_shrinker+0x172/0x340 [ 311.834464] alloc_super+0x933/0xb40 [ 311.838195] ? destroy_unused_super.part.10+0x110/0x110 [ 311.843567] ? sget_userns+0x17c/0x850 [ 311.847472] ? lock_downgrade+0x900/0x900 [ 311.851638] ? kasan_check_read+0x11/0x20 [ 311.855797] ? do_raw_spin_trylock+0x270/0x270 [ 311.860392] ? security_capable+0x99/0xc0 [ 311.864566] sget_userns+0x278/0x850 [ 311.868289] ? set_anon_super+0x20/0x20 [ 311.872279] ? alloc_empty_file.cold.6+0x42/0x42 [ 311.877054] ? vfs_get_super+0x270/0x270 [ 311.881130] ? rcu_read_lock_sched_held+0x14f/0x180 [ 311.886158] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 311.891015] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.896622] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.902205] ? ns_capable_common+0x13f/0x170 [ 311.906651] mount_ns+0x8f/0x1d0 [ 311.910062] nfsd_mount+0xa4/0xd0 [ 311.913525] ? nfsd_mount+0xd0/0xd0 [ 311.917161] ? nfsd_umount+0x80/0x80 [ 311.920886] legacy_get_tree+0x12f/0x260 [ 311.924965] ? security_fs_context_validate+0x80/0xa0 [ 311.930166] vfs_get_tree+0x1cb/0x5c0 [ 311.933980] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 311.938745] do_mount+0x82a/0x1ff0 [ 311.942296] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 311.947845] ? copy_mount_string+0x40/0x40 [ 311.952090] ? copy_mount_options+0x5f/0x430 [ 311.956504] ? kmem_cache_alloc_trace+0x353/0x750 [ 311.961381] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 311.966934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.972478] ? copy_mount_options+0x315/0x430 [ 311.976987] ksys_mount+0x12d/0x140 [ 311.980631] __x64_sys_mount+0xbe/0x150 [ 311.984629] do_syscall_64+0x1b9/0x820 [ 311.988532] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 311.993910] ? syscall_return_slowpath+0x5e0/0x5e0 [ 311.998843] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.003696] ? trace_hardirqs_on_caller+0x310/0x310 [ 312.008723] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 312.013747] ? prepare_exit_to_usermode+0x291/0x3b0 [ 312.018775] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.023649] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.028839] RIP: 0033:0x457569 [ 312.032043] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:07 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$netlink(0x10, 0x3, 0x8000000004) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) sendto$inet6(r2, &(0x7f0000000100), 0x8d2d601e8976aa5, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000140)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca944f64009400050028925aa8000000000000008000f0fffeffff09000000fff5dd00000010000100000c0900fcff0000040e05a5", 0x58}], 0x1) [ 312.050955] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 312.058673] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 312.065955] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 312.073232] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 312.080506] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 312.087783] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:07 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:07 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364fe", 0x0, &(0x7f0000000100)) 22:09:07 executing program 0 (fault-call:1 fault-nth:36): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:07 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:07 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:07 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 312.381374] FAULT_INJECTION: forcing a failure. [ 312.381374] name failslab, interval 1, probability 0, space 0, times 0 [ 312.427409] CPU: 1 PID: 9835 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 312.435607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.444974] Call Trace: [ 312.447582] dump_stack+0x244/0x39d [ 312.451240] ? dump_stack_print_info.cold.1+0x20/0x20 [ 312.456448] ? __kernel_text_address+0xd/0x40 [ 312.460959] ? unwind_get_return_address+0x61/0xa0 [ 312.465919] should_fail.cold.4+0xa/0x17 [ 312.469999] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:07 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 312.475134] ? save_stack+0x43/0xd0 [ 312.478770] ? kasan_kmalloc+0xc7/0xe0 [ 312.482670] ? kmem_cache_alloc_trace+0x152/0x750 [ 312.487525] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 312.492724] ? __list_lru_init+0x4d6/0x840 [ 312.496973] ? zap_class+0x640/0x640 [ 312.500700] ? nfsd_mount+0xa4/0xd0 [ 312.504341] ? legacy_get_tree+0x12f/0x260 [ 312.508585] ? vfs_get_tree+0x1cb/0x5c0 [ 312.512578] ? do_mount+0x82a/0x1ff0 [ 312.516309] ? ksys_mount+0x12d/0x140 [ 312.520125] ? __x64_sys_mount+0xbe/0x150 [ 312.524276] ? do_syscall_64+0x1b9/0x820 [ 312.528331] ? find_held_lock+0x36/0x1c0 [ 312.532385] ? __lock_is_held+0xb5/0x140 [ 312.536514] ? i8042_lock_chip+0x8/0x20 [ 312.540549] ? perf_trace_sched_process_exec+0x860/0x860 [ 312.545994] __should_failslab+0x124/0x180 [ 312.550221] should_failslab+0x9/0x14 [ 312.554013] kmem_cache_alloc_trace+0x2d7/0x750 [ 312.558675] ? __kmalloc_node+0x3c/0x70 [ 312.562640] ? __kmalloc_node+0x3c/0x70 [ 312.566608] ? rcu_read_lock_sched_held+0x14f/0x180 [ 312.571658] __memcg_init_list_lru_node+0x185/0x2d0 [ 312.576668] ? kvfree_rcu+0x20/0x20 [ 312.580284] ? __kmalloc_node+0x50/0x70 [ 312.584248] __list_lru_init+0x4d6/0x840 [ 312.588299] ? list_lru_destroy+0x500/0x500 [ 312.592615] ? up_write+0x7b/0x220 [ 312.596140] ? down_read+0x120/0x120 [ 312.599841] ? init_wait_entry+0x1c0/0x1c0 [ 312.604062] ? prealloc_shrinker+0x172/0x340 [ 312.608466] alloc_super+0x933/0xb40 [ 312.612177] ? destroy_unused_super.part.10+0x110/0x110 [ 312.617564] ? sget_userns+0x17c/0x850 [ 312.621446] ? lock_downgrade+0x900/0x900 [ 312.625601] ? kasan_check_read+0x11/0x20 [ 312.629753] ? do_raw_spin_trylock+0x270/0x270 [ 312.634366] ? security_capable+0x99/0xc0 [ 312.638556] sget_userns+0x278/0x850 [ 312.642261] ? set_anon_super+0x20/0x20 [ 312.646225] ? alloc_empty_file.cold.6+0x42/0x42 [ 312.650965] ? vfs_get_super+0x270/0x270 [ 312.655022] ? rcu_read_lock_sched_held+0x14f/0x180 [ 312.660051] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 312.664885] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 312.670430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.675956] ? ns_capable_common+0x13f/0x170 [ 312.680356] mount_ns+0x8f/0x1d0 [ 312.683755] nfsd_mount+0xa4/0xd0 [ 312.687194] ? nfsd_mount+0xd0/0xd0 [ 312.690810] ? nfsd_umount+0x80/0x80 [ 312.694516] legacy_get_tree+0x12f/0x260 [ 312.698570] ? security_fs_context_validate+0x80/0xa0 [ 312.703787] vfs_get_tree+0x1cb/0x5c0 [ 312.707577] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 312.712326] do_mount+0x82a/0x1ff0 [ 312.715872] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 312.721491] ? copy_mount_string+0x40/0x40 [ 312.725733] ? copy_mount_options+0x5f/0x430 [ 312.730131] ? kmem_cache_alloc_trace+0x353/0x750 [ 312.734977] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 312.740522] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.746062] ? copy_mount_options+0x315/0x430 [ 312.750560] ksys_mount+0x12d/0x140 [ 312.754193] __x64_sys_mount+0xbe/0x150 [ 312.758170] do_syscall_64+0x1b9/0x820 [ 312.762068] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 312.767443] ? syscall_return_slowpath+0x5e0/0x5e0 [ 312.772366] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.777206] ? trace_hardirqs_on_caller+0x310/0x310 [ 312.782257] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 312.787277] ? prepare_exit_to_usermode+0x291/0x3b0 [ 312.792295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 312.797179] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.802359] RIP: 0033:0x457569 [ 312.805544] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:08 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 312.824438] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 312.832138] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 312.839400] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 312.846660] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 312.853934] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 312.861209] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:08 executing program 0 (fault-call:1 fault-nth:37): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:08 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f6", 0x0, &(0x7f0000000100)) 22:09:08 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x800, 0x0) ioctl$SCSI_IOCTL_SYNC(r0, 0x4) r1 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000600)={{0x2, 0x0, @local}, {0x0, @local}, 0x8, {0x2, 0x0, @rand_addr}, "0000000500000000723000"}) 22:09:08 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673647f", 0x0, &(0x7f0000000100)) [ 313.056409] FAULT_INJECTION: forcing a failure. [ 313.056409] name failslab, interval 1, probability 0, space 0, times 0 [ 313.074739] CPU: 0 PID: 9856 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 313.082923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.092294] Call Trace: [ 313.094913] dump_stack+0x244/0x39d [ 313.098599] ? dump_stack_print_info.cold.1+0x20/0x20 22:09:08 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x3, &(0x7f0000002000), &(0x7f0000000080)='syzkaller\x00', 0x3, 0xc3, &(0x7f0000386000)=""/195}, 0x48) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000100)=r1, 0xfffffc61) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x3, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r2, &(0x7f0000000040), &(0x7f0000000100)}, 0x20) dup2(r2, r1) [ 313.103825] ? find_held_lock+0x36/0x1c0 [ 313.107944] should_fail.cold.4+0xa/0x17 [ 313.112045] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 313.117170] ? lock_downgrade+0x900/0x900 [ 313.121359] ? zap_class+0x640/0x640 [ 313.125105] ? idr_replace+0x163/0x250 [ 313.129042] ? find_held_lock+0x36/0x1c0 [ 313.133125] ? __lock_is_held+0xb5/0x140 [ 313.137216] ? perf_trace_sched_process_exec+0x860/0x860 [ 313.142693] __should_failslab+0x124/0x180 [ 313.146954] should_failslab+0x9/0x14 [ 313.150781] kmem_cache_alloc+0x2be/0x730 [ 313.154944] ? rcu_read_lock_sched_held+0x14f/0x180 [ 313.159979] ? __alloc_pages_nodemask+0xbf1/0xdd0 [ 313.164844] alloc_inode+0xb2/0x190 [ 313.168493] new_inode_pseudo+0x71/0x1a0 [ 313.172568] ? prune_icache_sb+0x1c0/0x1c0 [ 313.176840] ? refcount_add_not_zero_checked+0x330/0x330 [ 313.182310] new_inode+0x1c/0x40 [ 313.185691] simple_fill_super+0xfb/0x600 [ 313.189856] nfsd_fill_super+0x4f/0x60 [ 313.193755] mount_ns+0x12e/0x1d0 [ 313.197229] nfsd_mount+0xa4/0xd0 [ 313.200690] ? nfsd_mount+0xd0/0xd0 [ 313.204326] ? nfsd_umount+0x80/0x80 [ 313.208057] legacy_get_tree+0x12f/0x260 [ 313.212139] ? security_fs_context_validate+0x80/0xa0 [ 313.217340] vfs_get_tree+0x1cb/0x5c0 [ 313.221150] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 313.225916] do_mount+0x82a/0x1ff0 [ 313.229467] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 313.235065] ? copy_mount_string+0x40/0x40 [ 313.239317] ? copy_mount_options+0x5f/0x430 [ 313.243737] ? kmem_cache_alloc_trace+0x353/0x750 [ 313.248594] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 313.254140] ? _copy_from_user+0xdf/0x150 [ 313.258298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.263846] ? copy_mount_options+0x315/0x430 [ 313.268356] ksys_mount+0x12d/0x140 [ 313.271991] __x64_sys_mount+0xbe/0x150 [ 313.275974] do_syscall_64+0x1b9/0x820 [ 313.279869] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 313.285243] ? syscall_return_slowpath+0x5e0/0x5e0 [ 313.290179] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.295025] ? trace_hardirqs_on_caller+0x310/0x310 [ 313.300174] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 313.305199] ? prepare_exit_to_usermode+0x291/0x3b0 [ 313.310409] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.315264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.320460] RIP: 0033:0x457569 [ 313.323660] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.342586] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 313.350310] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:08 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:08 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 313.357592] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 313.364873] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 313.372162] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 313.379440] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:08 executing program 0 (fault-call:1 fault-nth:38): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:08 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:08 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 313.564374] FAULT_INJECTION: forcing a failure. [ 313.564374] name failslab, interval 1, probability 0, space 0, times 0 [ 313.597343] CPU: 1 PID: 9883 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 313.605541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.614935] Call Trace: [ 313.617543] dump_stack+0x244/0x39d [ 313.621195] ? dump_stack_print_info.cold.1+0x20/0x20 [ 313.626406] ? check_preemption_disabled+0x48/0x280 [ 313.631463] should_fail.cold.4+0xa/0x17 [ 313.635554] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 313.640685] ? mark_held_locks+0x130/0x130 [ 313.644942] ? kernel_text_address+0x79/0xf0 [ 313.649370] ? zap_class+0x640/0x640 [ 313.653584] ? unwind_get_return_address+0x61/0xa0 [ 313.658524] ? __save_stack_trace+0x8d/0xf0 [ 313.662863] ? find_held_lock+0x36/0x1c0 [ 313.666944] ? __lock_is_held+0xb5/0x140 [ 313.671111] ? mwifiex_process_sta_cmdresp+0x4dd8/0x7200 [ 313.676593] ? vfs_get_tree+0x1cb/0x5c0 [ 313.680678] ? perf_trace_sched_process_exec+0x860/0x860 [ 313.686135] ? do_syscall_64+0x1b9/0x820 [ 313.690200] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.695578] ? lock_downgrade+0x900/0x900 [ 313.699737] __should_failslab+0x124/0x180 [ 313.703985] should_failslab+0x9/0x14 [ 313.707792] kmem_cache_alloc+0x2be/0x730 [ 313.711950] ? find_held_lock+0x36/0x1c0 [ 313.716047] __d_alloc+0xc8/0xb90 [ 313.719510] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 313.724535] ? zap_class+0x640/0x640 [ 313.728260] ? kasan_check_read+0x11/0x20 [ 313.732410] ? do_raw_spin_unlock+0xa7/0x330 [ 313.736821] ? do_raw_spin_trylock+0x270/0x270 [ 313.741417] ? find_held_lock+0x36/0x1c0 [ 313.745487] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 313.751045] ? hashlen_string+0x1f2/0x300 [ 313.755206] d_alloc+0x96/0x380 [ 313.758496] ? __d_alloc+0xb90/0xb90 [ 313.762218] ? kasan_check_read+0x11/0x20 [ 313.766377] ? do_raw_spin_unlock+0xa7/0x330 [ 313.770815] d_alloc_name+0xbb/0x120 [ 313.774538] ? d_alloc+0x380/0x380 [ 313.778083] ? _raw_spin_unlock+0x2c/0x50 [ 313.782239] ? d_instantiate+0x7e/0xa0 [ 313.786137] simple_fill_super+0x463/0x600 [ 313.790389] nfsd_fill_super+0x4f/0x60 [ 313.794280] mount_ns+0x12e/0x1d0 [ 313.797739] nfsd_mount+0xa4/0xd0 [ 313.801193] ? nfsd_mount+0xd0/0xd0 [ 313.804828] ? nfsd_umount+0x80/0x80 [ 313.808552] legacy_get_tree+0x12f/0x260 [ 313.812620] ? security_fs_context_validate+0x80/0xa0 [ 313.817818] vfs_get_tree+0x1cb/0x5c0 [ 313.821631] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 313.826395] do_mount+0x82a/0x1ff0 [ 313.829946] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 313.835496] ? copy_mount_string+0x40/0x40 [ 313.839748] ? copy_mount_options+0x5f/0x430 [ 313.844170] ? kmem_cache_alloc_trace+0x353/0x750 [ 313.849025] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 313.854588] ? _copy_from_user+0xdf/0x150 [ 313.858745] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 313.864307] ? copy_mount_options+0x315/0x430 [ 313.868816] ksys_mount+0x12d/0x140 [ 313.872451] __x64_sys_mount+0xbe/0x150 [ 313.876437] do_syscall_64+0x1b9/0x820 [ 313.880339] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 313.885720] ? syscall_return_slowpath+0x5e0/0x5e0 [ 313.890666] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.895527] ? trace_hardirqs_on_caller+0x310/0x310 [ 313.900561] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 313.905596] ? prepare_exit_to_usermode+0x291/0x3b0 [ 313.910636] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 313.915501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 313.920701] RIP: 0033:0x457569 [ 313.923909] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 313.942826] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 313.950550] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 313.957830] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:09 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 313.965117] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 313.972395] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 313.979676] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 0 (fault-call:1 fault-nth:39): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11, &(0x7f0000000100)) 22:09:09 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="240000002e0007031dfffd946fa2830020200a000900000006000000000000000400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 22:09:09 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 314.223747] FAULT_INJECTION: forcing a failure. [ 314.223747] name failslab, interval 1, probability 0, space 0, times 0 [ 314.262123] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 314.304121] CPU: 0 PID: 9905 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 314.312301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.321668] Call Trace: [ 314.324285] dump_stack+0x244/0x39d [ 314.327944] ? dump_stack_print_info.cold.1+0x20/0x20 [ 314.333167] should_fail.cold.4+0xa/0x17 [ 314.337237] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 314.342347] ? mark_held_locks+0x130/0x130 [ 314.346578] ? mark_held_locks+0x130/0x130 [ 314.350826] ? __kernel_text_address+0xd/0x40 [ 314.355314] ? unwind_get_return_address+0x61/0xa0 [ 314.360239] ? zap_class+0x640/0x640 [ 314.363975] ? find_held_lock+0x36/0x1c0 [ 314.368047] ? __lock_is_held+0xb5/0x140 [ 314.372108] ? zap_class+0x640/0x640 [ 314.375823] ? perf_trace_sched_process_exec+0x860/0x860 [ 314.381274] __should_failslab+0x124/0x180 [ 314.385501] should_failslab+0x9/0x14 [ 314.389293] kmem_cache_alloc+0x2be/0x730 [ 314.393485] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 314.398670] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 314.403854] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 314.408431] __d_alloc+0xc8/0xb90 [ 314.411876] ? trace_hardirqs_off_caller+0x300/0x300 [ 314.416991] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 314.422004] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 314.427022] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 314.432230] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.437760] ? timespec64_trunc+0xea/0x180 [ 314.442024] ? inode_init_owner+0x340/0x340 [ 314.446357] ? _raw_spin_unlock+0x2c/0x50 [ 314.450498] ? current_time+0x10b/0x1b0 [ 314.454460] ? timespec64_trunc+0x180/0x180 [ 314.458775] d_make_root+0x43/0xc0 [ 314.462309] simple_fill_super+0x25b/0x600 [ 314.466561] nfsd_fill_super+0x4f/0x60 [ 314.470441] mount_ns+0x12e/0x1d0 [ 314.473905] nfsd_mount+0xa4/0xd0 [ 314.477348] ? nfsd_mount+0xd0/0xd0 [ 314.480974] ? nfsd_umount+0x80/0x80 [ 314.484706] legacy_get_tree+0x12f/0x260 [ 314.488777] ? security_fs_context_validate+0x80/0xa0 [ 314.493993] vfs_get_tree+0x1cb/0x5c0 [ 314.497799] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 314.502556] do_mount+0x82a/0x1ff0 [ 314.506109] ? copy_mount_string+0x40/0x40 [ 314.510352] ? retint_kernel+0x2d/0x2d [ 314.514240] ? copy_mount_options+0x1e3/0x430 [ 314.518742] ? __sanitizer_cov_trace_pc+0x3b/0x50 [ 314.523583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.529115] ? copy_mount_options+0x315/0x430 [ 314.533608] ksys_mount+0x12d/0x140 [ 314.537230] __x64_sys_mount+0xbe/0x150 [ 314.541199] do_syscall_64+0x1b9/0x820 [ 314.545097] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 314.550468] ? syscall_return_slowpath+0x5e0/0x5e0 [ 314.555408] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.560261] ? trace_hardirqs_on_caller+0x310/0x310 [ 314.565273] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 314.570287] ? prepare_exit_to_usermode+0x291/0x3b0 [ 314.575299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 314.580155] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.585333] RIP: 0033:0x457569 22:09:09 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:09 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x400000000000000, &(0x7f0000000100)) 22:09:10 executing program 2: r0 = memfd_create(&(0x7f00000000c0)="6d81351e39cfc228a4c67200", 0x4) fstatfs(r0, &(0x7f0000000000)=""/146) [ 314.588525] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.607432] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 314.615142] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 314.622409] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 314.629674] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 314.636937] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 314.644199] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:10 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f0", 0x0, &(0x7f0000000100)) 22:09:10 executing program 0 (fault-call:1 fault-nth:40): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:10 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00000000000000, &(0x7f0000000100)) 22:09:10 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 314.847578] FAULT_INJECTION: forcing a failure. [ 314.847578] name failslab, interval 1, probability 0, space 0, times 0 [ 314.872458] CPU: 1 PID: 9936 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 314.880654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.890026] Call Trace: [ 314.892657] dump_stack+0x244/0x39d [ 314.896312] ? dump_stack_print_info.cold.1+0x20/0x20 [ 314.901532] should_fail.cold.4+0xa/0x17 [ 314.905607] ? find_held_lock+0x36/0x1c0 [ 314.909683] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 314.914807] ? lock_downgrade+0x900/0x900 [ 314.918962] ? check_preemption_disabled+0x48/0x280 [ 314.923993] ? zap_class+0x640/0x640 [ 314.927741] ? find_held_lock+0x36/0x1c0 [ 314.931830] ? __lock_is_held+0xb5/0x140 [ 314.935932] ? perf_trace_sched_process_exec+0x860/0x860 [ 314.941414] ? zap_class+0x640/0x640 [ 314.945249] __should_failslab+0x124/0x180 [ 314.949512] should_failslab+0x9/0x14 [ 314.953369] kmem_cache_alloc+0x2be/0x730 [ 314.957562] ? find_held_lock+0x36/0x1c0 [ 314.961648] __d_alloc+0xc8/0xb90 [ 314.965110] ? d_add+0x5f9/0xa10 [ 314.968497] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 314.973529] ? kasan_check_read+0x11/0x20 [ 314.977710] ? do_raw_spin_unlock+0xa7/0x330 [ 314.982143] ? do_raw_spin_trylock+0x270/0x270 [ 314.986745] ? d_delete+0x220/0x220 [ 314.990392] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 314.995596] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 315.000804] ? _raw_spin_unlock+0x2c/0x50 [ 315.000822] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.000839] ? hashlen_string+0x1f2/0x300 [ 315.000863] d_alloc+0x96/0x380 [ 315.018846] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 315.024068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.029632] ? __d_alloc+0xb90/0xb90 [ 315.033380] d_alloc_name+0xbb/0x120 [ 315.037111] ? current_time+0x10b/0x1b0 [ 315.041104] ? d_alloc+0x380/0x380 [ 315.044665] ? timespec64_trunc+0x180/0x180 [ 315.049013] simple_fill_super+0x463/0x600 [ 315.053281] nfsd_fill_super+0x4f/0x60 [ 315.057183] mount_ns+0x12e/0x1d0 [ 315.060658] nfsd_mount+0xa4/0xd0 [ 315.064122] ? nfsd_mount+0xd0/0xd0 [ 315.067764] ? nfsd_umount+0x80/0x80 [ 315.071496] legacy_get_tree+0x12f/0x260 [ 315.075575] ? security_fs_context_validate+0x80/0xa0 [ 315.080780] vfs_get_tree+0x1cb/0x5c0 [ 315.080798] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 315.080818] do_mount+0x82a/0x1ff0 [ 315.080839] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 22:09:10 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff00000000, &(0x7f0000000100)) 22:09:10 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000b39000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc05c5340, &(0x7f0000000000)) 22:09:10 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff, &(0x7f0000000100)) 22:09:10 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000, &(0x7f0000000100)) [ 315.080861] ? copy_mount_string+0x40/0x40 [ 315.080881] ? copy_mount_options+0x5f/0x430 [ 315.089437] ? kmem_cache_alloc_trace+0x353/0x750 [ 315.089458] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.089476] ? _copy_from_user+0xdf/0x150 [ 315.089495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.089511] ? copy_mount_options+0x315/0x430 [ 315.089534] ksys_mount+0x12d/0x140 [ 315.135401] __x64_sys_mount+0xbe/0x150 [ 315.139406] do_syscall_64+0x1b9/0x820 [ 315.143314] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 22:09:10 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f000000, &(0x7f0000000100)) [ 315.148697] ? syscall_return_slowpath+0x5e0/0x5e0 [ 315.153652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.158522] ? trace_hardirqs_on_caller+0x310/0x310 [ 315.163562] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 315.168600] ? prepare_exit_to_usermode+0x291/0x3b0 [ 315.173640] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.173665] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.173682] RIP: 0033:0x457569 [ 315.186924] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.186933] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 315.186949] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 315.186958] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 315.186966] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 315.186975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 22:09:10 executing program 0 (fault-call:1 fault-nth:41): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:10 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 315.186984] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 315.288952] FAULT_INJECTION: forcing a failure. [ 315.288952] name failslab, interval 1, probability 0, space 0, times 0 [ 315.322144] CPU: 1 PID: 9963 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 315.330348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.339724] Call Trace: [ 315.342336] dump_stack+0x244/0x39d [ 315.345987] ? dump_stack_print_info.cold.1+0x20/0x20 [ 315.351210] should_fail.cold.4+0xa/0x17 [ 315.355294] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 315.360418] ? mark_held_locks+0x130/0x130 [ 315.364672] ? mark_held_locks+0x130/0x130 [ 315.368930] ? __kernel_text_address+0xd/0x40 [ 315.373443] ? unwind_get_return_address+0x61/0xa0 [ 315.378392] ? zap_class+0x640/0x640 [ 315.382132] ? find_held_lock+0x36/0x1c0 [ 315.386208] ? __lock_is_held+0xb5/0x140 [ 315.390355] ? xfs_btree_init_block_int+0x2e8/0x660 [ 315.395406] ? zap_class+0x640/0x640 [ 315.399131] ? perf_trace_sched_process_exec+0x860/0x860 [ 315.399156] __should_failslab+0x124/0x180 [ 315.399177] should_failslab+0x9/0x14 [ 315.399197] kmem_cache_alloc+0x2be/0x730 [ 315.408885] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 315.408906] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 315.408924] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 315.408945] __d_alloc+0xc8/0xb90 [ 315.416889] ? trace_hardirqs_off_caller+0x300/0x300 [ 315.416914] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 315.416937] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 315.416957] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 315.427342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.427356] ? timespec64_trunc+0xea/0x180 [ 315.427369] ? inode_init_owner+0x340/0x340 [ 315.427388] ? _raw_spin_unlock+0x2c/0x50 [ 315.427411] ? current_time+0x10b/0x1b0 [ 315.435456] ? timespec64_trunc+0x180/0x180 [ 315.445603] d_make_root+0x43/0xc0 [ 315.455796] simple_fill_super+0x25b/0x600 [ 315.465552] nfsd_fill_super+0x4f/0x60 [ 315.474013] mount_ns+0x12e/0x1d0 [ 315.497408] nfsd_mount+0xa4/0xd0 [ 315.500915] ? nfsd_mount+0xd0/0xd0 [ 315.504571] ? nfsd_umount+0x80/0x80 [ 315.508308] legacy_get_tree+0x12f/0x260 [ 315.512391] ? security_fs_context_validate+0x80/0xa0 [ 315.517606] vfs_get_tree+0x1cb/0x5c0 [ 315.521698] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 315.526464] do_mount+0x82a/0x1ff0 [ 315.526484] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 315.526507] ? copy_mount_string+0x40/0x40 [ 315.526528] ? copy_mount_options+0x5f/0x430 [ 315.535614] ? kmem_cache_alloc_trace+0x353/0x750 [ 315.549093] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.554661] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.560223] ? copy_mount_options+0x315/0x430 [ 315.564750] ksys_mount+0x12d/0x140 [ 315.568396] __x64_sys_mount+0xbe/0x150 [ 315.572397] do_syscall_64+0x1b9/0x820 [ 315.576307] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 315.581693] ? syscall_return_slowpath+0x5e0/0x5e0 [ 315.586642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.591503] ? trace_hardirqs_on_caller+0x310/0x310 [ 315.596537] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 315.601575] ? prepare_exit_to_usermode+0x291/0x3b0 [ 315.606618] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 315.611485] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.616690] RIP: 0033:0x457569 [ 315.619901] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:10 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:10 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000b39000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc05c5340, &(0x7f0000000000)) 22:09:10 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:10 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff, &(0x7f0000000100)) 22:09:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 315.638821] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 315.646549] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 315.654361] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 315.661649] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 315.668940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 315.676226] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:11 executing program 2: socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") syz_emit_ethernet(0x4a, &(0x7f0000000240)={@link_local, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0xe805, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty=0x9000000, @broadcast}, @udp={0x0, 0x0, 0x28}}}}}, &(0x7f0000000380)) 22:09:11 executing program 0 (fault-call:1 fault-nth:42): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff8c, &(0x7f0000000100)) 22:09:11 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 315.824622] ip_tunnel: non-ECT from 9.0.0.0 with TOS=0x1 [ 315.863310] FAULT_INJECTION: forcing a failure. [ 315.863310] name failslab, interval 1, probability 0, space 0, times 0 [ 315.903785] CPU: 1 PID: 9998 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 315.911988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.921364] Call Trace: [ 315.921398] dump_stack+0x244/0x39d [ 315.921424] ? dump_stack_print_info.cold.1+0x20/0x20 [ 315.921449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.938392] ? check_preemption_disabled+0x48/0x280 [ 315.943439] should_fail.cold.4+0xa/0x17 [ 315.947522] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 315.952646] ? rcu_read_lock_sched_held+0x14f/0x180 [ 315.952667] ? __lockdep_init_map+0x105/0x590 [ 315.952683] ? zap_class+0x640/0x640 [ 315.952701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.952718] ? d_set_d_op+0x31d/0x410 [ 315.952739] ? find_held_lock+0x36/0x1c0 [ 315.979376] ? __lock_is_held+0xb5/0x140 [ 315.983481] ? perf_trace_sched_process_exec+0x860/0x860 [ 315.988960] ? do_raw_spin_trylock+0x270/0x270 [ 315.993577] __should_failslab+0x124/0x180 [ 315.997869] should_failslab+0x9/0x14 [ 316.001715] kmem_cache_alloc+0x2be/0x730 [ 316.005885] ? __d_alloc+0xb90/0xb90 [ 316.009628] alloc_inode+0xb2/0x190 [ 316.013268] new_inode_pseudo+0x71/0x1a0 [ 316.017343] ? prune_icache_sb+0x1c0/0x1c0 [ 316.021589] ? d_alloc+0x380/0x380 [ 316.025138] ? timespec64_trunc+0x180/0x180 [ 316.029484] new_inode+0x1c/0x40 [ 316.032867] simple_fill_super+0x29d/0x600 [ 316.037132] nfsd_fill_super+0x4f/0x60 [ 316.041045] mount_ns+0x12e/0x1d0 [ 316.044534] nfsd_mount+0xa4/0xd0 [ 316.047999] ? nfsd_mount+0xd0/0xd0 [ 316.051652] ? nfsd_umount+0x80/0x80 [ 316.055389] legacy_get_tree+0x12f/0x260 [ 316.059475] ? security_fs_context_validate+0x80/0xa0 [ 316.064695] vfs_get_tree+0x1cb/0x5c0 [ 316.068518] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 316.073300] do_mount+0x82a/0x1ff0 [ 316.076863] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 316.082440] ? copy_mount_string+0x40/0x40 [ 316.086702] ? copy_mount_options+0x5f/0x430 [ 316.091131] ? kmem_cache_alloc_trace+0x353/0x750 [ 316.095995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.101567] ? _copy_from_user+0xdf/0x150 [ 316.105735] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.111291] ? copy_mount_options+0x315/0x430 [ 316.115808] ksys_mount+0x12d/0x140 [ 316.119458] __x64_sys_mount+0xbe/0x150 [ 316.123458] do_syscall_64+0x1b9/0x820 [ 316.127358] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 316.127379] ? syscall_return_slowpath+0x5e0/0x5e0 [ 316.127394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.127420] ? trace_hardirqs_on_caller+0x310/0x310 [ 316.137721] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 316.137738] ? prepare_exit_to_usermode+0x291/0x3b0 [ 316.137756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.137779] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.137792] RIP: 0033:0x457569 [ 316.137810] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.189971] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 316.197702] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0xf6) read(r0, &(0x7f0000000380)=""/42, 0x2a) 22:09:11 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600000000000000, &(0x7f0000000100)) 22:09:11 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736402", 0x0, &(0x7f0000000100)) [ 316.204992] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 316.212292] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 316.219582] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 316.226867] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:11 executing program 0 (fault-call:1 fault-nth:43): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:11 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100000000000000, &(0x7f0000000100)) 22:09:11 executing program 2: io_setup(0x6, &(0x7f00000012c0)=0x0) io_getevents(r0, 0x2, 0x80000000000005e, &(0x7f0000d83f60)=[{}, {}], &(0x7f00005cfff0)={0x4000000000001, 0x7}) r1 = memfd_create(&(0x7f0000000000)=':+lo#\x00', 0x0) io_submit(r0, 0x1, &(0x7f0000001280)=[&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080)}]) [ 316.420582] FAULT_INJECTION: forcing a failure. [ 316.420582] name failslab, interval 1, probability 0, space 0, times 0 [ 316.476718] CPU: 0 PID: 10034 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 316.485008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.494398] Call Trace: [ 316.497014] dump_stack+0x244/0x39d [ 316.500718] ? dump_stack_print_info.cold.1+0x20/0x20 [ 316.505948] should_fail.cold.4+0xa/0x17 [ 316.510038] ? find_held_lock+0x36/0x1c0 [ 316.514125] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 316.519377] ? lock_downgrade+0x900/0x900 [ 316.523556] ? check_preemption_disabled+0x48/0x280 [ 316.528605] ? zap_class+0x640/0x640 [ 316.532353] ? find_held_lock+0x36/0x1c0 [ 316.536453] ? __lock_is_held+0xb5/0x140 [ 316.540536] ? pull_dl_task+0x13e8/0x1ca0 [ 316.544716] ? perf_trace_sched_process_exec+0x860/0x860 [ 316.550184] ? zap_class+0x640/0x640 [ 316.553920] __should_failslab+0x124/0x180 [ 316.558189] should_failslab+0x9/0x14 [ 316.562018] kmem_cache_alloc+0x2be/0x730 [ 316.566193] ? find_held_lock+0x36/0x1c0 [ 316.570273] __d_alloc+0xc8/0xb90 [ 316.573743] ? d_add+0x5f9/0xa10 [ 316.577128] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 316.582163] ? kasan_check_read+0x11/0x20 [ 316.586321] ? do_raw_spin_unlock+0xa7/0x330 [ 316.590747] ? do_raw_spin_trylock+0x270/0x270 [ 316.595344] ? d_delete+0x220/0x220 [ 316.598983] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 316.604187] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 316.609400] ? _raw_spin_unlock+0x2c/0x50 [ 316.613573] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.619157] ? hashlen_string+0x1f2/0x300 [ 316.623345] d_alloc+0x96/0x380 [ 316.626632] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 316.631832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.637385] ? __d_alloc+0xb90/0xb90 [ 316.641127] d_alloc_name+0xbb/0x120 [ 316.644848] ? current_time+0x10b/0x1b0 [ 316.648835] ? d_alloc+0x380/0x380 [ 316.652612] ? timespec64_trunc+0x180/0x180 [ 316.656956] simple_fill_super+0x463/0x600 [ 316.661214] nfsd_fill_super+0x4f/0x60 [ 316.665113] mount_ns+0x12e/0x1d0 [ 316.668583] nfsd_mount+0xa4/0xd0 [ 316.672051] ? nfsd_mount+0xd0/0xd0 [ 316.675690] ? nfsd_umount+0x80/0x80 [ 316.679423] legacy_get_tree+0x12f/0x260 [ 316.683504] ? security_fs_context_validate+0x80/0xa0 [ 316.688716] vfs_get_tree+0x1cb/0x5c0 [ 316.692538] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 316.697309] do_mount+0x82a/0x1ff0 [ 316.700887] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 316.706448] ? copy_mount_string+0x40/0x40 [ 316.710723] ? copy_mount_options+0x5f/0x430 [ 316.715155] ? kmem_cache_alloc_trace+0x353/0x750 [ 316.720048] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 316.725620] ? _copy_from_user+0xdf/0x150 [ 316.729794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.735351] ? copy_mount_options+0x315/0x430 [ 316.739873] ksys_mount+0x12d/0x140 [ 316.743526] __x64_sys_mount+0xbe/0x150 [ 316.747523] do_syscall_64+0x1b9/0x820 [ 316.751430] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 316.756809] ? syscall_return_slowpath+0x5e0/0x5e0 [ 316.761756] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.766646] ? trace_hardirqs_on_caller+0x310/0x310 [ 316.771682] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 316.776714] ? prepare_exit_to_usermode+0x291/0x3b0 [ 316.781752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 316.786628] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.791831] RIP: 0033:0x457569 [ 316.795044] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.813979] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:12 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:12 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:12 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffffe, &(0x7f0000000100)) 22:09:12 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 316.821709] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 316.828989] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 316.836273] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 316.843560] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 316.850869] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:12 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x200000000000000, &(0x7f0000000100)) 22:09:12 executing program 0 (fault-call:1 fault-nth:44): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:12 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673648c", 0x0, &(0x7f0000000100)) 22:09:12 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 317.086511] FAULT_INJECTION: forcing a failure. [ 317.086511] name failslab, interval 1, probability 0, space 0, times 0 [ 317.115658] CPU: 0 PID: 10063 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 317.123928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.133293] Call Trace: [ 317.135913] dump_stack+0x244/0x39d [ 317.139556] ? dump_stack_print_info.cold.1+0x20/0x20 [ 317.144750] should_fail.cold.4+0xa/0x17 [ 317.148806] ? find_held_lock+0x36/0x1c0 [ 317.152861] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 317.157964] ? lock_downgrade+0x900/0x900 [ 317.162120] ? check_preemption_disabled+0x48/0x280 [ 317.167134] ? zap_class+0x640/0x640 [ 317.170851] ? find_held_lock+0x36/0x1c0 [ 317.174911] ? __lock_is_held+0xb5/0x140 [ 317.178976] ? perf_trace_sched_process_exec+0x860/0x860 [ 317.184426] ? zap_class+0x640/0x640 [ 317.188139] __should_failslab+0x124/0x180 [ 317.192370] should_failslab+0x9/0x14 [ 317.196177] kmem_cache_alloc+0x2be/0x730 [ 317.200334] ? find_held_lock+0x36/0x1c0 [ 317.204400] __d_alloc+0xc8/0xb90 [ 317.207845] ? d_add+0x5f9/0xa10 [ 317.211207] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 317.216231] ? kasan_check_read+0x11/0x20 [ 317.220386] ? do_raw_spin_unlock+0xa7/0x330 [ 317.224797] ? do_raw_spin_trylock+0x270/0x270 [ 317.229375] ? d_delete+0x220/0x220 [ 317.233002] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 317.238195] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 317.243408] ? _raw_spin_unlock+0x2c/0x50 [ 317.247551] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 317.253088] ? hashlen_string+0x1f2/0x300 [ 317.257236] d_alloc+0x96/0x380 [ 317.260512] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 317.265699] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.271234] ? __d_alloc+0xb90/0xb90 [ 317.274949] d_alloc_name+0xbb/0x120 [ 317.278657] ? current_time+0x10b/0x1b0 [ 317.282623] ? d_alloc+0x380/0x380 [ 317.286161] ? timespec64_trunc+0x180/0x180 [ 317.290487] simple_fill_super+0x463/0x600 [ 317.294722] nfsd_fill_super+0x4f/0x60 [ 317.298604] mount_ns+0x12e/0x1d0 [ 317.302066] nfsd_mount+0xa4/0xd0 [ 317.305509] ? nfsd_mount+0xd0/0xd0 [ 317.309143] ? nfsd_umount+0x80/0x80 [ 317.313025] legacy_get_tree+0x12f/0x260 [ 317.317089] ? security_fs_context_validate+0x80/0xa0 [ 317.322276] vfs_get_tree+0x1cb/0x5c0 [ 317.326084] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 317.330847] do_mount+0x82a/0x1ff0 [ 317.334385] ? copy_mount_string+0x40/0x40 [ 317.338623] ? retint_kernel+0x2d/0x2d [ 317.342509] ? copy_mount_options+0x228/0x430 [ 317.346994] ? copy_mount_options+0x239/0x430 [ 317.351481] ? __sanitizer_cov_trace_pc+0x18/0x50 [ 317.356337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.361873] ? copy_mount_options+0x315/0x430 [ 317.366367] ksys_mount+0x12d/0x140 [ 317.369999] __x64_sys_mount+0xbe/0x150 [ 317.373971] do_syscall_64+0x1b9/0x820 [ 317.377879] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 317.383263] ? syscall_return_slowpath+0x5e0/0x5e0 [ 317.388206] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.393054] ? trace_hardirqs_on_caller+0x310/0x310 [ 317.398071] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 317.403088] ? prepare_exit_to_usermode+0x291/0x3b0 [ 317.408105] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 317.412952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 317.418136] RIP: 0033:0x457569 22:09:12 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736406", 0x0, &(0x7f0000000100)) 22:09:12 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300, &(0x7f0000000100)) [ 317.421324] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 317.440234] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 317.447958] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 317.455224] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 317.462490] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 317.469754] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 317.477019] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:12 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3, &(0x7f0000000100)) 22:09:12 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="b7f2288a911993f0265df5cf1cdd8b55b062950b86bc01abc8464d4f8a906151", 0x20) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000001480)={0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000002c0)=""/4096, 0x34000}], 0x1, &(0x7f0000001400)=""/123, 0x7b}, 0x0) 22:09:12 executing program 0 (fault-call:1 fault-nth:45): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f9", 0x0, &(0x7f0000000100)) 22:09:13 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000, &(0x7f0000000100)) [ 317.724059] FAULT_INJECTION: forcing a failure. [ 317.724059] name failslab, interval 1, probability 0, space 0, times 0 22:09:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 317.795681] CPU: 0 PID: 10093 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 317.803964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.813337] Call Trace: [ 317.815948] dump_stack+0x244/0x39d [ 317.819597] ? dump_stack_print_info.cold.1+0x20/0x20 [ 317.824808] should_fail.cold.4+0xa/0x17 [ 317.828896] ? find_held_lock+0x36/0x1c0 [ 317.832979] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 317.838108] ? lock_downgrade+0x900/0x900 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 317.842274] ? check_preemption_disabled+0x48/0x280 [ 317.847317] ? zap_class+0x640/0x640 [ 317.851068] ? find_held_lock+0x36/0x1c0 [ 317.855162] ? __lock_is_held+0xb5/0x140 [ 317.859300] ? hfs_brec_update_parent+0x7b8/0xbe0 [ 317.864171] ? perf_trace_sched_process_exec+0x860/0x860 [ 317.869638] ? zap_class+0x640/0x640 [ 317.873375] __should_failslab+0x124/0x180 [ 317.877641] should_failslab+0x9/0x14 [ 317.881457] kmem_cache_alloc+0x2be/0x730 [ 317.885660] ? find_held_lock+0x36/0x1c0 [ 317.889752] __d_alloc+0xc8/0xb90 [ 317.893225] ? d_add+0x5f9/0xa10 [ 317.896618] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 317.901659] ? kasan_check_read+0x11/0x20 [ 317.905824] ? do_raw_spin_unlock+0xa7/0x330 [ 317.910253] ? do_raw_spin_trylock+0x270/0x270 [ 317.914856] ? d_delete+0x220/0x220 [ 317.918500] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 317.923711] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 317.928927] ? _raw_spin_unlock+0x2c/0x50 [ 317.933102] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 317.938658] ? hashlen_string+0x1f2/0x300 [ 317.942838] d_alloc+0x96/0x380 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00, &(0x7f0000000100)) [ 317.946163] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 317.951373] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 317.956934] ? __d_alloc+0xb90/0xb90 [ 317.960672] d_alloc_name+0xbb/0x120 [ 317.964402] ? current_time+0x10b/0x1b0 [ 317.968404] ? d_alloc+0x380/0x380 [ 317.971965] ? timespec64_trunc+0x180/0x180 [ 317.976315] simple_fill_super+0x463/0x600 [ 317.980574] nfsd_fill_super+0x4f/0x60 [ 317.984477] mount_ns+0x12e/0x1d0 [ 317.987950] nfsd_mount+0xa4/0xd0 [ 317.991422] ? nfsd_mount+0xd0/0xd0 [ 317.995076] ? nfsd_umount+0x80/0x80 [ 317.998803] legacy_get_tree+0x12f/0x260 [ 318.002875] ? security_fs_context_validate+0x80/0xa0 [ 318.008085] vfs_get_tree+0x1cb/0x5c0 [ 318.011902] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 318.016675] do_mount+0x82a/0x1ff0 [ 318.020242] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 318.025802] ? copy_mount_string+0x40/0x40 [ 318.030070] ? copy_mount_options+0x5f/0x430 [ 318.034499] ? kmem_cache_alloc_trace+0x353/0x750 [ 318.039364] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.044924] ? _copy_from_user+0xdf/0x150 [ 318.049097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.054655] ? copy_mount_options+0x315/0x430 [ 318.059174] ksys_mount+0x12d/0x140 [ 318.062825] __x64_sys_mount+0xbe/0x150 [ 318.066823] do_syscall_64+0x1b9/0x820 [ 318.070730] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 318.076115] ? syscall_return_slowpath+0x5e0/0x5e0 [ 318.081085] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.085945] ? trace_hardirqs_on_caller+0x310/0x310 [ 318.091076] ? prepare_exit_to_usermode+0x3b0/0x3b0 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffdf9, &(0x7f0000000100)) 22:09:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 318.096106] ? prepare_exit_to_usermode+0x291/0x3b0 [ 318.101147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.106017] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.111228] RIP: 0033:0x457569 [ 318.114432] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.133355] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300000000000000, &(0x7f0000000100)) 22:09:13 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000000, &(0x7f0000000100)) [ 318.141092] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 318.148380] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 318.155672] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 318.162954] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 318.170236] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:13 executing program 2: io_setup(0x3, &(0x7f0000000000)=0x0) r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) close(r1) openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000b00)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) 22:09:13 executing program 0 (fault-call:1 fault-nth:46): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:13 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f00000000, &(0x7f0000000100)) 22:09:13 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6000000, &(0x7f0000000100)) 22:09:13 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) 22:09:13 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 318.429785] FAULT_INJECTION: forcing a failure. [ 318.429785] name failslab, interval 1, probability 0, space 0, times 0 22:09:13 executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000280)='/dev/dri/card#\x00', 0x0, 0x0) ioctl(r0, 0xffffffffffffffb4, &(0x7f0000000040)) 22:09:13 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14, 0x15, 0x5, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) [ 318.479124] CPU: 1 PID: 10140 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 318.487412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.496784] Call Trace: [ 318.499419] dump_stack+0x244/0x39d [ 318.503109] ? dump_stack_print_info.cold.1+0x20/0x20 [ 318.508321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.513880] ? check_preemption_disabled+0x48/0x280 [ 318.518929] should_fail.cold.4+0xa/0x17 [ 318.523016] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:13 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000b39000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x402c5342, &(0x7f0000000000)) [ 318.528158] ? rcu_read_lock_sched_held+0x14f/0x180 [ 318.533198] ? __lockdep_init_map+0x105/0x590 [ 318.537713] ? zap_class+0x640/0x640 [ 318.541453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.547053] ? d_set_d_op+0x31d/0x410 [ 318.550881] ? find_held_lock+0x36/0x1c0 [ 318.554972] ? __lock_is_held+0xb5/0x140 [ 318.559076] ? perf_trace_sched_process_exec+0x860/0x860 [ 318.564558] ? do_raw_spin_trylock+0x270/0x270 [ 318.569176] __should_failslab+0x124/0x180 [ 318.573439] should_failslab+0x9/0x14 22:09:13 executing program 2: 22:09:13 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x100000000000000, &(0x7f0000000100)) [ 318.577271] kmem_cache_alloc+0x2be/0x730 [ 318.581446] ? __d_alloc+0xb90/0xb90 [ 318.585180] alloc_inode+0xb2/0x190 [ 318.588817] new_inode_pseudo+0x71/0x1a0 [ 318.592897] ? prune_icache_sb+0x1c0/0x1c0 [ 318.597149] ? d_alloc+0x380/0x380 [ 318.600704] ? timespec64_trunc+0x180/0x180 [ 318.605056] new_inode+0x1c/0x40 [ 318.608443] simple_fill_super+0x29d/0x600 [ 318.612704] nfsd_fill_super+0x4f/0x60 [ 318.616605] mount_ns+0x12e/0x1d0 [ 318.620083] nfsd_mount+0xa4/0xd0 [ 318.623553] ? nfsd_mount+0xd0/0xd0 22:09:13 executing program 2: r0 = socket(0x10, 0x2, 0xc) write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000f3e9000008000100010423dcffdf00", 0x1f) write(r0, &(0x7f0000000080)="1f0000000104ff00fd4354c007110000f305030008000100010423dcffdf00", 0x1f) [ 318.627200] ? nfsd_umount+0x80/0x80 [ 318.630942] legacy_get_tree+0x12f/0x260 [ 318.635023] ? security_fs_context_validate+0x80/0xa0 [ 318.640249] vfs_get_tree+0x1cb/0x5c0 [ 318.644081] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 318.648860] do_mount+0x82a/0x1ff0 [ 318.652888] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 318.658469] ? copy_mount_string+0x40/0x40 [ 318.660211] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 318.662726] ? copy_mount_options+0x5f/0x430 22:09:14 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20100000, &(0x7f0000000100)) [ 318.662747] ? kmem_cache_alloc_trace+0x353/0x750 [ 318.662770] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.685959] ? _copy_from_user+0xdf/0x150 [ 318.687947] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 318.690129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.690148] ? copy_mount_options+0x315/0x430 [ 318.690169] ksys_mount+0x12d/0x140 [ 318.712242] __x64_sys_mount+0xbe/0x150 [ 318.713659] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 318.716239] do_syscall_64+0x1b9/0x820 [ 318.716256] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 318.716273] ? syscall_return_slowpath+0x5e0/0x5e0 [ 318.716289] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.716311] ? trace_hardirqs_on_caller+0x310/0x310 [ 318.737877] netlink: 3 bytes leftover after parsing attributes in process `syz-executor2'. [ 318.738883] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 318.738913] ? prepare_exit_to_usermode+0x291/0x3b0 [ 318.767201] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 318.772078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.777278] RIP: 0033:0x457569 [ 318.780486] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.799420] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 318.799436] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 318.799444] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 318.799452] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 318.799460] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 318.799468] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:14 executing program 0 (fault-call:1 fault-nth:47): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:14 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa000000, &(0x7f0000000100)) 22:09:14 executing program 2: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKTRACESETUP(r0, 0xc0401273, &(0x7f0000000100)={[], 0x0, 0x81, 0xfff}) syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000180)={0x2a, 0x4, 0x0, {0x0, 0xea3, 0x2, 0x0, [0x0, 0x0]}}, 0x2a) 22:09:14 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff00000000, &(0x7f0000000100)) 22:09:14 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:14 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736404", 0x0, &(0x7f0000000100)) 22:09:14 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff00000000, &(0x7f0000000100)) 22:09:14 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff, &(0x7f0000000100)) 22:09:14 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/net/tun\x00', 0x2, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000680)={'ip6gretap0\x00', 0x1000e803}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000180), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) write$binfmt_aout(r0, &(0x7f0000000700)={{0x0, 0x0, 0x0, 0x354}}, 0x20) [ 319.111540] FAULT_INJECTION: forcing a failure. [ 319.111540] name failslab, interval 1, probability 0, space 0, times 0 [ 319.136363] CPU: 0 PID: 10192 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 319.144659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.154036] Call Trace: [ 319.156656] dump_stack+0x244/0x39d [ 319.160317] ? dump_stack_print_info.cold.1+0x20/0x20 [ 319.165560] should_fail.cold.4+0xa/0x17 [ 319.169665] ? find_held_lock+0x36/0x1c0 [ 319.173756] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 319.178887] ? lock_downgrade+0x900/0x900 [ 319.183064] ? check_preemption_disabled+0x48/0x280 [ 319.188107] ? zap_class+0x640/0x640 [ 319.191859] ? find_held_lock+0x36/0x1c0 [ 319.195935] ? __lock_is_held+0xb5/0x140 [ 319.200082] ? smaps_pte_range+0x17c8/0x1cc0 [ 319.204519] ? perf_trace_sched_process_exec+0x860/0x860 22:09:14 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff, &(0x7f0000000100)) [ 319.206957] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 319.209986] ? zap_class+0x640/0x640 [ 319.210014] __should_failslab+0x124/0x180 [ 319.210045] should_failslab+0x9/0x14 [ 319.210063] kmem_cache_alloc+0x2be/0x730 [ 319.210079] ? find_held_lock+0x36/0x1c0 [ 319.210102] __d_alloc+0xc8/0xb90 [ 319.229954] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 319.232463] ? d_add+0x5f9/0xa10 [ 319.232487] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 319.232511] ? kasan_check_read+0x11/0x20 [ 319.232528] ? do_raw_spin_unlock+0xa7/0x330 [ 319.232542] ? do_raw_spin_trylock+0x270/0x270 [ 319.232561] ? d_delete+0x220/0x220 [ 319.253531] 8021q: adding VLAN 0 to HW filter on device team0 [ 319.254945] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 319.254963] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 319.254989] ? _raw_spin_unlock+0x2c/0x50 [ 319.255008] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 319.255036] ? hashlen_string+0x1f2/0x300 [ 319.255063] d_alloc+0x96/0x380 [ 319.255082] ? ktime_get_coarse_real_ts64+0x22e/0x370 22:09:14 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x5000000, &(0x7f0000000100)) [ 319.310356] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.315919] ? __d_alloc+0xb90/0xb90 [ 319.319662] d_alloc_name+0xbb/0x120 [ 319.323384] ? current_time+0x10b/0x1b0 [ 319.327387] ? d_alloc+0x380/0x380 [ 319.330946] ? timespec64_trunc+0x180/0x180 [ 319.335907] simple_fill_super+0x463/0x600 [ 319.340164] nfsd_fill_super+0x4f/0x60 [ 319.344078] mount_ns+0x12e/0x1d0 [ 319.344580] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 319.347550] nfsd_mount+0xa4/0xd0 [ 319.347564] ? nfsd_mount+0xd0/0xd0 [ 319.347581] ? nfsd_umount+0x80/0x80 [ 319.347601] legacy_get_tree+0x12f/0x260 [ 319.347619] ? security_fs_context_validate+0x80/0xa0 [ 319.347639] vfs_get_tree+0x1cb/0x5c0 [ 319.347654] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 319.347673] do_mount+0x82a/0x1ff0 [ 319.347693] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 319.347714] ? copy_mount_string+0x40/0x40 [ 319.347736] ? copy_mount_options+0x5f/0x430 [ 319.347753] ? kmem_cache_alloc_trace+0x353/0x750 [ 319.347772] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:09:14 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff, &(0x7f0000000100)) 22:09:14 executing program 0 (fault-call:1 fault-nth:48): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:14 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736403", 0x0, &(0x7f0000000100)) [ 319.347788] ? _copy_from_user+0xdf/0x150 [ 319.347808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.347824] ? copy_mount_options+0x315/0x430 [ 319.347847] ksys_mount+0x12d/0x140 [ 319.347868] __x64_sys_mount+0xbe/0x150 [ 319.347889] do_syscall_64+0x1b9/0x820 [ 319.347905] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 319.347923] ? syscall_return_slowpath+0x5e0/0x5e0 [ 319.347939] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.347958] ? trace_hardirqs_on_caller+0x310/0x310 22:09:14 executing program 2: r0 = syz_open_dev$sndtimer(&(0x7f0000000100)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000180)={{0x3}}) readv(r0, &(0x7f00000012c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}], 0x1) [ 319.347976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 319.347994] ? prepare_exit_to_usermode+0x291/0x3b0 [ 319.348016] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 319.348053] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 319.348066] RIP: 0033:0x457569 [ 319.348082] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 319.348091] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:14 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 319.348107] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 319.348117] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 319.348126] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 319.348133] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 319.348140] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 319.511708] FAULT_INJECTION: forcing a failure. [ 319.511708] name failslab, interval 1, probability 0, space 0, times 0 22:09:15 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:15 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600, &(0x7f0000000100)) 22:09:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20100000, &(0x7f0000000100)) [ 319.804362] CPU: 1 PID: 10211 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 319.812644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 319.822037] Call Trace: [ 319.824651] dump_stack+0x244/0x39d [ 319.828302] ? dump_stack_print_info.cold.1+0x20/0x20 [ 319.833522] should_fail.cold.4+0xa/0x17 [ 319.837604] ? find_held_lock+0x36/0x1c0 [ 319.841686] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 319.846816] ? lock_downgrade+0x900/0x900 22:09:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000, &(0x7f0000000100)) 22:09:15 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100, &(0x7f0000000100)) [ 319.850978] ? check_preemption_disabled+0x48/0x280 [ 319.856018] ? zap_class+0x640/0x640 [ 319.859765] ? find_held_lock+0x36/0x1c0 [ 319.863856] ? __lock_is_held+0xb5/0x140 [ 319.867955] ? perf_trace_sched_process_exec+0x860/0x860 [ 319.873420] ? zap_class+0x640/0x640 [ 319.877162] __should_failslab+0x124/0x180 [ 319.881419] should_failslab+0x9/0x14 [ 319.885239] kmem_cache_alloc+0x2be/0x730 [ 319.889398] ? find_held_lock+0x36/0x1c0 [ 319.893480] __d_alloc+0xc8/0xb90 [ 319.896943] ? d_add+0x5f9/0xa10 22:09:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600, &(0x7f0000000100)) [ 319.900327] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 319.905367] ? kasan_check_read+0x11/0x20 [ 319.909532] ? do_raw_spin_unlock+0xa7/0x330 [ 319.913945] ? do_raw_spin_trylock+0x270/0x270 [ 319.918519] ? d_delete+0x220/0x220 [ 319.922133] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 319.927313] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 319.932493] ? _raw_spin_unlock+0x2c/0x50 [ 319.936629] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 319.942157] ? hashlen_string+0x1f2/0x300 [ 319.946299] d_alloc+0x96/0x380 [ 319.949572] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 319.954792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 319.960324] ? __d_alloc+0xb90/0xb90 [ 319.964045] d_alloc_name+0xbb/0x120 [ 319.967749] ? current_time+0x10b/0x1b0 [ 319.971729] ? d_alloc+0x380/0x380 [ 319.975258] ? timespec64_trunc+0x180/0x180 [ 319.979574] simple_fill_super+0x463/0x600 [ 319.983800] nfsd_fill_super+0x4f/0x60 [ 319.987676] mount_ns+0x12e/0x1d0 [ 319.991132] nfsd_mount+0xa4/0xd0 [ 319.994573] ? nfsd_mount+0xd0/0xd0 [ 319.998188] ? nfsd_umount+0x80/0x80 [ 320.001897] legacy_get_tree+0x12f/0x260 [ 320.005951] ? security_fs_context_validate+0x80/0xa0 [ 320.011135] vfs_get_tree+0x1cb/0x5c0 [ 320.014927] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 320.019673] do_mount+0x82a/0x1ff0 [ 320.023204] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 320.028751] ? copy_mount_string+0x40/0x40 [ 320.032996] ? copy_mount_options+0x5f/0x430 [ 320.037401] ? kmem_cache_alloc_trace+0x353/0x750 [ 320.042239] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.047771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.053300] ? copy_mount_options+0x315/0x430 [ 320.057785] ksys_mount+0x12d/0x140 [ 320.061403] __x64_sys_mount+0xbe/0x150 [ 320.065363] do_syscall_64+0x1b9/0x820 [ 320.069236] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.074589] ? syscall_return_slowpath+0x5e0/0x5e0 [ 320.079504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.084336] ? trace_hardirqs_on_caller+0x310/0x310 [ 320.089339] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 320.094344] ? prepare_exit_to_usermode+0x291/0x3b0 [ 320.099351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.104183] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.109358] RIP: 0033:0x457569 [ 320.112536] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 320.131424] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 320.139121] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 320.146398] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:15 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd`', 0x0, &(0x7f0000000100)) 22:09:15 executing program 0 (fault-call:1 fault-nth:49): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 320.153662] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 320.160920] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 320.168179] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:15 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100, &(0x7f0000000100)) [ 320.244528] FAULT_INJECTION: forcing a failure. [ 320.244528] name failslab, interval 1, probability 0, space 0, times 0 22:09:15 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00, &(0x7f0000000100)) [ 320.346486] CPU: 1 PID: 10245 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 320.354767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.364139] Call Trace: [ 320.366757] dump_stack+0x244/0x39d [ 320.370410] ? dump_stack_print_info.cold.1+0x20/0x20 [ 320.375632] should_fail.cold.4+0xa/0x17 [ 320.379709] ? find_held_lock+0x36/0x1c0 [ 320.383785] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 320.388995] ? lock_downgrade+0x900/0x900 [ 320.393165] ? check_preemption_disabled+0x48/0x280 [ 320.393187] ? zap_class+0x640/0x640 [ 320.393211] ? find_held_lock+0x36/0x1c0 [ 320.406087] ? __lock_is_held+0xb5/0x140 [ 320.410220] ? enic_hard_start_xmit+0x3f98/0x4030 [ 320.415090] ? perf_trace_sched_process_exec+0x860/0x860 [ 320.420547] ? zap_class+0x640/0x640 [ 320.424272] __should_failslab+0x124/0x180 [ 320.428517] should_failslab+0x9/0x14 [ 320.432325] kmem_cache_alloc+0x2be/0x730 [ 320.436475] ? find_held_lock+0x36/0x1c0 [ 320.440545] __d_alloc+0xc8/0xb90 [ 320.443997] ? d_add+0x5f9/0xa10 [ 320.447389] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 320.452416] ? kasan_check_read+0x11/0x20 [ 320.456571] ? do_raw_spin_unlock+0xa7/0x330 [ 320.460987] ? do_raw_spin_trylock+0x270/0x270 [ 320.465578] ? d_delete+0x220/0x220 [ 320.469209] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 320.474405] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 320.479607] ? _raw_spin_unlock+0x2c/0x50 [ 320.483764] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 320.489311] ? hashlen_string+0x1f2/0x300 [ 320.493474] d_alloc+0x96/0x380 [ 320.496759] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 320.501956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.507505] ? __d_alloc+0xb90/0xb90 [ 320.511241] d_alloc_name+0xbb/0x120 [ 320.514960] ? current_time+0x10b/0x1b0 [ 320.518945] ? d_alloc+0x380/0x380 [ 320.522488] ? timespec64_trunc+0x180/0x180 [ 320.526827] simple_fill_super+0x463/0x600 [ 320.531080] nfsd_fill_super+0x4f/0x60 [ 320.534977] mount_ns+0x12e/0x1d0 [ 320.538449] nfsd_mount+0xa4/0xd0 [ 320.541910] ? nfsd_mount+0xd0/0xd0 [ 320.545546] ? nfsd_umount+0x80/0x80 [ 320.549268] legacy_get_tree+0x12f/0x260 [ 320.553343] ? security_fs_context_validate+0x80/0xa0 [ 320.558552] vfs_get_tree+0x1cb/0x5c0 [ 320.562362] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 320.567133] do_mount+0x82a/0x1ff0 [ 320.570680] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 320.576233] ? copy_mount_string+0x40/0x40 [ 320.580481] ? copy_mount_options+0x5f/0x430 [ 320.584916] ? kmem_cache_alloc_trace+0x353/0x750 [ 320.589776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.595324] ? copy_mount_options+0x315/0x430 [ 320.599832] ksys_mount+0x12d/0x140 [ 320.603468] __x64_sys_mount+0xbe/0x150 [ 320.607452] do_syscall_64+0x1b9/0x820 [ 320.611348] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 320.616719] ? syscall_return_slowpath+0x5e0/0x5e0 [ 320.621674] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.626527] ? trace_hardirqs_on_caller+0x310/0x310 [ 320.631557] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 320.636583] ? prepare_exit_to_usermode+0x291/0x3b0 [ 320.641619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 320.646477] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 320.652191] RIP: 0033:0x457569 [ 320.655396] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 320.674309] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 320.682044] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 320.689328] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 320.696610] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 320.703900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 320.711179] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:16 executing program 2: perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x85a, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000140)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000080)={[], 0x0, 0x241}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000580)={0x0, 0x0, @pic={0x0, 0x2947ea45, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}) open(&(0x7f00000001c0)='./file0\x00', 0x20000, 0x41) 22:09:16 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa, &(0x7f0000000100)) 22:09:16 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xc0ed0000, &(0x7f0000000100)) 22:09:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:16 executing program 0 (fault-call:1 fault-nth:50): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffffe, &(0x7f0000000100)) 22:09:16 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f, &(0x7f0000000100)) [ 320.922550] FAULT_INJECTION: forcing a failure. [ 320.922550] name failslab, interval 1, probability 0, space 0, times 0 [ 320.961510] CPU: 1 PID: 10278 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 320.969784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.979170] Call Trace: [ 320.981787] dump_stack+0x244/0x39d [ 320.985439] ? dump_stack_print_info.cold.1+0x20/0x20 [ 320.990659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 320.996216] ? check_preemption_disabled+0x48/0x280 [ 321.001251] should_fail.cold.4+0xa/0x17 [ 321.005333] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 321.010499] ? rcu_read_lock_sched_held+0x14f/0x180 [ 321.015537] ? __lockdep_init_map+0x105/0x590 22:09:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010000000000000, &(0x7f0000000100)) [ 321.020056] ? zap_class+0x640/0x640 [ 321.023785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.029332] ? d_set_d_op+0x31d/0x410 [ 321.033149] ? find_held_lock+0x36/0x1c0 [ 321.037223] ? __lock_is_held+0xb5/0x140 [ 321.041311] ? perf_trace_sched_process_exec+0x860/0x860 [ 321.046772] ? do_raw_spin_trylock+0x270/0x270 [ 321.051372] __should_failslab+0x124/0x180 [ 321.055625] should_failslab+0x9/0x14 [ 321.059438] kmem_cache_alloc+0x2be/0x730 [ 321.063599] ? __d_alloc+0xb90/0xb90 [ 321.067337] alloc_inode+0xb2/0x190 22:09:16 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff00000000, &(0x7f0000000100)) 22:09:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000, &(0x7f0000000100)) [ 321.070981] new_inode_pseudo+0x71/0x1a0 [ 321.075062] ? prune_icache_sb+0x1c0/0x1c0 [ 321.079319] ? d_alloc+0x380/0x380 [ 321.082865] ? timespec64_trunc+0x180/0x180 [ 321.087209] new_inode+0x1c/0x40 [ 321.090590] simple_fill_super+0x29d/0x600 [ 321.094845] nfsd_fill_super+0x4f/0x60 [ 321.098747] mount_ns+0x12e/0x1d0 [ 321.102220] nfsd_mount+0xa4/0xd0 [ 321.105684] ? nfsd_mount+0xd0/0xd0 [ 321.109329] ? nfsd_umount+0x80/0x80 [ 321.113071] legacy_get_tree+0x12f/0x260 [ 321.117146] ? security_fs_context_validate+0x80/0xa0 22:09:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc0, &(0x7f0000000100)) [ 321.122355] vfs_get_tree+0x1cb/0x5c0 [ 321.126172] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 321.130945] do_mount+0x82a/0x1ff0 [ 321.134500] ? copy_mount_string+0x40/0x40 [ 321.138746] ? retint_kernel+0x2d/0x2d [ 321.142657] ? copy_mount_options+0x239/0x430 [ 321.147169] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 321.152037] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.152056] ? copy_mount_options+0x315/0x430 [ 321.152079] ksys_mount+0x12d/0x140 [ 321.152099] __x64_sys_mount+0xbe/0x150 [ 321.165764] do_syscall_64+0x1b9/0x820 [ 321.165782] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.165802] ? syscall_return_slowpath+0x5e0/0x5e0 [ 321.183941] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.188804] ? trace_hardirqs_on_caller+0x310/0x310 [ 321.193840] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 321.198872] ? prepare_exit_to_usermode+0x291/0x3b0 [ 321.203910] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.208763] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.213959] RIP: 0033:0x457569 [ 321.217153] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 321.236071] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 321.243782] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 321.251064] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 321.258338] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 321.265614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 22:09:16 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 321.272881] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:16 executing program 2: 22:09:16 executing program 0 (fault-call:1 fault-nth:51): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:16 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010, &(0x7f0000000100)) 22:09:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa, &(0x7f0000000100)) 22:09:16 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1000000, &(0x7f0000000100)) [ 321.529809] FAULT_INJECTION: forcing a failure. [ 321.529809] name failslab, interval 1, probability 0, space 0, times 0 [ 321.573965] CPU: 0 PID: 10315 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 321.582254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.591615] Call Trace: [ 321.594222] dump_stack+0x244/0x39d [ 321.597870] ? dump_stack_print_info.cold.1+0x20/0x20 [ 321.603086] should_fail.cold.4+0xa/0x17 [ 321.607159] ? find_held_lock+0x36/0x1c0 [ 321.611237] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 321.616354] ? lock_downgrade+0x900/0x900 [ 321.616369] ? check_preemption_disabled+0x48/0x280 [ 321.616388] ? zap_class+0x640/0x640 [ 321.616422] ? find_held_lock+0x36/0x1c0 [ 321.633339] ? __lock_is_held+0xb5/0x140 [ 321.637419] ? do_con_trol+0x2718/0x63a0 [ 321.641505] ? perf_trace_sched_process_exec+0x860/0x860 [ 321.646966] ? zap_class+0x640/0x640 [ 321.650703] __should_failslab+0x124/0x180 [ 321.654946] should_failslab+0x9/0x14 [ 321.658752] kmem_cache_alloc+0x2be/0x730 [ 321.658769] ? find_held_lock+0x36/0x1c0 [ 321.658793] __d_alloc+0xc8/0xb90 [ 321.658807] ? d_add+0x5f9/0xa10 [ 321.658828] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 321.658849] ? kasan_check_read+0x11/0x20 [ 321.682987] ? do_raw_spin_unlock+0xa7/0x330 [ 321.687411] ? do_raw_spin_trylock+0x270/0x270 [ 321.692006] ? d_delete+0x220/0x220 [ 321.692024] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 321.692052] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 321.692074] ? _raw_spin_unlock+0x2c/0x50 [ 321.700883] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.700901] ? hashlen_string+0x1f2/0x300 [ 321.700927] d_alloc+0x96/0x380 [ 321.723182] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 321.728383] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.733944] ? __d_alloc+0xb90/0xb90 [ 321.737681] d_alloc_name+0xbb/0x120 [ 321.741414] ? current_time+0x10b/0x1b0 [ 321.745415] ? d_alloc+0x380/0x380 [ 321.748965] ? timespec64_trunc+0x180/0x180 [ 321.753312] simple_fill_super+0x463/0x600 [ 321.757567] nfsd_fill_super+0x4f/0x60 [ 321.761468] mount_ns+0x12e/0x1d0 [ 321.764960] nfsd_mount+0xa4/0xd0 [ 321.768433] ? nfsd_mount+0xd0/0xd0 [ 321.772078] ? nfsd_umount+0x80/0x80 [ 321.775804] legacy_get_tree+0x12f/0x260 [ 321.779883] ? security_fs_context_validate+0x80/0xa0 [ 321.785092] vfs_get_tree+0x1cb/0x5c0 [ 321.788908] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 321.793687] do_mount+0x82a/0x1ff0 [ 321.797242] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 321.797266] ? copy_mount_string+0x40/0x40 [ 321.797292] ? copy_mount_options+0x5f/0x430 [ 321.807061] ? kmem_cache_alloc_trace+0x353/0x750 [ 321.807081] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:09:17 executing program 2: 22:09:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x200000000000000, &(0x7f0000000100)) 22:09:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:17 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xc0ed0000, &(0x7f0000000100)) 22:09:17 executing program 2: 22:09:17 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff00000000, &(0x7f0000000100)) 22:09:17 executing program 2: [ 321.807098] ? _copy_from_user+0xdf/0x150 [ 321.807118] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.807133] ? copy_mount_options+0x315/0x430 [ 321.807159] ksys_mount+0x12d/0x140 [ 321.839709] __x64_sys_mount+0xbe/0x150 [ 321.843700] do_syscall_64+0x1b9/0x820 [ 321.847610] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 321.852991] ? syscall_return_slowpath+0x5e0/0x5e0 [ 321.857945] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.862810] ? trace_hardirqs_on_caller+0x310/0x310 [ 321.867862] ? prepare_exit_to_usermode+0x3b0/0x3b0 22:09:17 executing program 2: [ 321.872903] ? prepare_exit_to_usermode+0x291/0x3b0 [ 321.877937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 321.882800] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.887993] RIP: 0033:0x457569 [ 321.891207] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 321.910121] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 321.917840] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 321.925120] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 321.932402] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 321.939679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 321.946954] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:17 executing program 0 (fault-call:1 fault-nth:52): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:17 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1000000, &(0x7f0000000100)) 22:09:17 executing program 2: 22:09:17 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:17 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff00000000, &(0x7f0000000100)) 22:09:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000000, &(0x7f0000000100)) 22:09:17 executing program 2: 22:09:17 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000, &(0x7f0000000100)) [ 322.161368] FAULT_INJECTION: forcing a failure. [ 322.161368] name failslab, interval 1, probability 0, space 0, times 0 [ 322.243842] CPU: 0 PID: 10350 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 322.252124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.261485] Call Trace: [ 322.264094] dump_stack+0x244/0x39d [ 322.267750] ? dump_stack_print_info.cold.1+0x20/0x20 [ 322.272972] should_fail.cold.4+0xa/0x17 [ 322.277062] ? find_held_lock+0x36/0x1c0 [ 322.281147] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 322.286276] ? lock_downgrade+0x900/0x900 22:09:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc000000000, &(0x7f0000000100)) 22:09:17 executing program 2: [ 322.290434] ? check_preemption_disabled+0x48/0x280 [ 322.295464] ? zap_class+0x640/0x640 [ 322.299197] ? find_held_lock+0x36/0x1c0 [ 322.303271] ? __lock_is_held+0xb5/0x140 [ 322.307355] ? perf_trace_sched_process_exec+0x860/0x860 [ 322.312826] ? zap_class+0x640/0x640 [ 322.316574] __should_failslab+0x124/0x180 [ 322.316595] should_failslab+0x9/0x14 [ 322.316611] kmem_cache_alloc+0x2be/0x730 [ 322.316625] ? find_held_lock+0x36/0x1c0 [ 322.316660] __d_alloc+0xc8/0xb90 [ 322.316680] ? d_add+0x5f9/0xa10 [ 322.324721] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 322.344722] ? kasan_check_read+0x11/0x20 [ 322.348882] ? do_raw_spin_unlock+0xa7/0x330 [ 322.353301] ? do_raw_spin_trylock+0x270/0x270 [ 322.357899] ? d_delete+0x220/0x220 [ 322.361537] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 322.366741] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 322.371951] ? _raw_spin_unlock+0x2c/0x50 [ 322.376109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 322.381656] ? hashlen_string+0x1f2/0x300 [ 322.385826] d_alloc+0x96/0x380 [ 322.389117] ? ktime_get_coarse_real_ts64+0x22e/0x370 22:09:17 executing program 2: [ 322.394321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.399886] ? __d_alloc+0xb90/0xb90 [ 322.403624] d_alloc_name+0xbb/0x120 [ 322.407345] ? current_time+0x10b/0x1b0 [ 322.411334] ? d_alloc+0x380/0x380 [ 322.414887] ? timespec64_trunc+0x180/0x180 [ 322.419235] simple_fill_super+0x463/0x600 [ 322.423491] nfsd_fill_super+0x4f/0x60 [ 322.427395] mount_ns+0x12e/0x1d0 [ 322.430863] nfsd_mount+0xa4/0xd0 [ 322.434323] ? nfsd_mount+0xd0/0xd0 [ 322.437960] ? nfsd_umount+0x80/0x80 [ 322.441690] legacy_get_tree+0x12f/0x260 [ 322.445768] ? security_fs_context_validate+0x80/0xa0 [ 322.450977] vfs_get_tree+0x1cb/0x5c0 [ 322.454789] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 322.459561] do_mount+0x82a/0x1ff0 [ 322.463119] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 322.468674] ? copy_mount_string+0x40/0x40 [ 322.472922] ? copy_mount_options+0x5f/0x430 [ 322.477340] ? kmem_cache_alloc_trace+0x353/0x750 [ 322.482195] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 322.487745] ? _copy_from_user+0xdf/0x150 [ 322.491912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.497462] ? copy_mount_options+0x315/0x430 [ 322.501974] ksys_mount+0x12d/0x140 [ 322.505615] __x64_sys_mount+0xbe/0x150 [ 322.509604] do_syscall_64+0x1b9/0x820 [ 322.513497] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 322.518873] ? syscall_return_slowpath+0x5e0/0x5e0 [ 322.523943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.528791] ? trace_hardirqs_on_caller+0x310/0x310 [ 322.533820] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 322.538844] ? prepare_exit_to_usermode+0x291/0x3b0 [ 322.543872] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 322.548731] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.553922] RIP: 0033:0x457569 [ 322.557115] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 322.576022] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 322.583743] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:17 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000, &(0x7f0000000100)) [ 322.591015] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 322.598293] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 322.605565] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 322.612866] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:18 executing program 0 (fault-call:1 fault-nth:53): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc0, &(0x7f0000000100)) 22:09:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff6, &(0x7f0000000100)) 22:09:18 executing program 2: 22:09:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:18 executing program 2: 22:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000, &(0x7f0000000100)) 22:09:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300, &(0x7f0000000100)) 22:09:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010, &(0x7f0000000100)) [ 322.917522] FAULT_INJECTION: forcing a failure. [ 322.917522] name failslab, interval 1, probability 0, space 0, times 0 [ 322.966707] CPU: 1 PID: 10396 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 322.974996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.984373] Call Trace: [ 322.986984] dump_stack+0x244/0x39d [ 322.990634] ? dump_stack_print_info.cold.1+0x20/0x20 [ 322.995842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.001399] ? check_preemption_disabled+0x48/0x280 [ 323.006435] should_fail.cold.4+0xa/0x17 [ 323.010516] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 323.015647] ? rcu_read_lock_sched_held+0x14f/0x180 [ 323.020684] ? __lockdep_init_map+0x105/0x590 [ 323.025195] ? zap_class+0x640/0x640 [ 323.028929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.034480] ? d_set_d_op+0x31d/0x410 [ 323.038303] ? find_held_lock+0x36/0x1c0 [ 323.042384] ? __lock_is_held+0xb5/0x140 [ 323.046474] ? perf_trace_sched_process_exec+0x860/0x860 [ 323.051940] ? do_raw_spin_trylock+0x270/0x270 [ 323.056546] __should_failslab+0x124/0x180 [ 323.060803] should_failslab+0x9/0x14 [ 323.064624] kmem_cache_alloc+0x2be/0x730 [ 323.068799] ? __d_alloc+0xb90/0xb90 [ 323.072529] alloc_inode+0xb2/0x190 [ 323.076173] new_inode_pseudo+0x71/0x1a0 [ 323.080254] ? prune_icache_sb+0x1c0/0x1c0 [ 323.084501] ? d_alloc+0x380/0x380 [ 323.088056] ? timespec64_trunc+0x180/0x180 [ 323.092399] new_inode+0x1c/0x40 [ 323.095781] simple_fill_super+0x29d/0x600 [ 323.100049] nfsd_fill_super+0x4f/0x60 [ 323.103947] mount_ns+0x12e/0x1d0 [ 323.107418] nfsd_mount+0xa4/0xd0 [ 323.110881] ? nfsd_mount+0xd0/0xd0 [ 323.114529] ? nfsd_umount+0x80/0x80 [ 323.118255] legacy_get_tree+0x12f/0x260 [ 323.122332] ? security_fs_context_validate+0x80/0xa0 [ 323.127541] vfs_get_tree+0x1cb/0x5c0 [ 323.131356] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 323.136130] do_mount+0x82a/0x1ff0 [ 323.139686] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 323.145242] ? copy_mount_string+0x40/0x40 [ 323.149496] ? copy_mount_options+0x5f/0x430 [ 323.153923] ? kmem_cache_alloc_trace+0x353/0x750 [ 323.158791] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 323.164349] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.169911] ? copy_mount_options+0x315/0x430 [ 323.174431] ksys_mount+0x12d/0x140 [ 323.178077] __x64_sys_mount+0xbe/0x150 [ 323.182077] do_syscall_64+0x1b9/0x820 [ 323.185975] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 323.191362] ? syscall_return_slowpath+0x5e0/0x5e0 [ 323.196304] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.201165] ? trace_hardirqs_on_caller+0x310/0x310 [ 323.206198] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 323.211236] ? prepare_exit_to_usermode+0x291/0x3b0 22:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00, &(0x7f0000000100)) 22:09:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11, &(0x7f0000000100)) 22:09:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffdf9, &(0x7f0000000100)) [ 323.216276] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.221139] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.226333] RIP: 0033:0x457569 [ 323.229538] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.248440] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 323.256142] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:18 executing program 0 (fault-call:1 fault-nth:54): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:18 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20000000, &(0x7f0000000100)) 22:09:18 executing program 2: [ 323.263402] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 323.270661] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 323.277936] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 323.285195] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:18 executing program 2: [ 323.413544] FAULT_INJECTION: forcing a failure. [ 323.413544] name failslab, interval 1, probability 0, space 0, times 0 22:09:18 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2, &(0x7f0000000100)) 22:09:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff6, &(0x7f0000000100)) [ 323.498509] CPU: 1 PID: 10417 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 323.506804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.516176] Call Trace: [ 323.518792] dump_stack+0x244/0x39d [ 323.522789] ? dump_stack_print_info.cold.1+0x20/0x20 [ 323.528003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.533566] ? check_preemption_disabled+0x48/0x280 [ 323.538605] should_fail.cold.4+0xa/0x17 [ 323.542688] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 323.547817] ? rcu_read_lock_sched_held+0x14f/0x180 [ 323.552850] ? __lockdep_init_map+0x105/0x590 [ 323.557351] ? zap_class+0x640/0x640 [ 323.557368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.557383] ? d_set_d_op+0x31d/0x410 [ 323.557404] ? find_held_lock+0x36/0x1c0 [ 323.557424] ? __lock_is_held+0xb5/0x140 [ 323.557452] ? perf_trace_sched_process_exec+0x860/0x860 [ 323.584024] ? do_raw_spin_trylock+0x270/0x270 [ 323.588642] __should_failslab+0x124/0x180 [ 323.592919] should_failslab+0x9/0x14 22:09:18 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffdf9, &(0x7f0000000100)) 22:09:18 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff00000000, &(0x7f0000000100)) [ 323.596735] kmem_cache_alloc+0x2be/0x730 [ 323.600902] ? __d_alloc+0xb90/0xb90 [ 323.604635] alloc_inode+0xb2/0x190 [ 323.608281] new_inode_pseudo+0x71/0x1a0 [ 323.612359] ? prune_icache_sb+0x1c0/0x1c0 [ 323.616608] ? d_alloc+0x380/0x380 [ 323.620155] ? timespec64_trunc+0x180/0x180 [ 323.624494] new_inode+0x1c/0x40 [ 323.627881] simple_fill_super+0x29d/0x600 [ 323.632154] nfsd_fill_super+0x4f/0x60 [ 323.636055] mount_ns+0x12e/0x1d0 [ 323.639544] nfsd_mount+0xa4/0xd0 [ 323.643090] ? nfsd_mount+0xd0/0xd0 [ 323.646738] ? nfsd_umount+0x80/0x80 [ 323.650465] legacy_get_tree+0x12f/0x260 [ 323.654541] ? security_fs_context_validate+0x80/0xa0 [ 323.659750] vfs_get_tree+0x1cb/0x5c0 [ 323.663567] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 323.668349] do_mount+0x82a/0x1ff0 [ 323.671916] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 323.677475] ? copy_mount_string+0x40/0x40 [ 323.681730] ? copy_mount_options+0x5f/0x430 [ 323.686158] ? kmem_cache_alloc_trace+0x353/0x750 [ 323.691022] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:09:19 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffffe, &(0x7f0000000100)) [ 323.696604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 323.702170] ? copy_mount_options+0x315/0x430 [ 323.706688] ksys_mount+0x12d/0x140 [ 323.710337] __x64_sys_mount+0xbe/0x150 [ 323.714329] do_syscall_64+0x1b9/0x820 [ 323.718707] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 323.724090] ? syscall_return_slowpath+0x5e0/0x5e0 [ 323.729047] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.733910] ? trace_hardirqs_on_caller+0x310/0x310 [ 323.738944] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 323.743973] ? prepare_exit_to_usermode+0x291/0x3b0 [ 323.749014] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 323.753901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 323.759105] RIP: 0033:0x457569 [ 323.762312] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 323.781230] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 323.788958] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:19 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff00000000, &(0x7f0000000100)) 22:09:19 executing program 2: [ 323.796408] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 323.803695] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 323.811036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 323.818310] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:19 executing program 0 (fault-call:1 fault-nth:55): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364c0", 0x0, &(0x7f0000000100)) 22:09:19 executing program 2: 22:09:19 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010000000000000, &(0x7f0000000100)) 22:09:19 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1020, &(0x7f0000000100)) 22:09:19 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f00000000, &(0x7f0000000100)) 22:09:19 executing program 2: [ 324.110859] FAULT_INJECTION: forcing a failure. [ 324.110859] name failslab, interval 1, probability 0, space 0, times 0 [ 324.157228] CPU: 1 PID: 10465 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 324.165502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.174866] Call Trace: [ 324.177479] dump_stack+0x244/0x39d [ 324.181132] ? dump_stack_print_info.cold.1+0x20/0x20 [ 324.186340] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.191899] ? check_preemption_disabled+0x48/0x280 [ 324.196941] should_fail.cold.4+0xa/0x17 [ 324.201015] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 324.206150] ? rcu_read_lock_sched_held+0x14f/0x180 [ 324.211187] ? __lockdep_init_map+0x105/0x590 [ 324.215696] ? zap_class+0x640/0x640 [ 324.219426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.224977] ? d_set_d_op+0x31d/0x410 [ 324.228799] ? find_held_lock+0x36/0x1c0 [ 324.232876] ? __lock_is_held+0xb5/0x140 [ 324.236964] ? perf_trace_sched_process_exec+0x860/0x860 [ 324.242434] ? do_raw_spin_trylock+0x270/0x270 [ 324.247051] __should_failslab+0x124/0x180 [ 324.251304] should_failslab+0x9/0x14 22:09:19 executing program 2: 22:09:19 executing program 2: 22:09:19 executing program 2: 22:09:19 executing program 2: [ 324.255114] kmem_cache_alloc+0x2be/0x730 [ 324.259274] ? __d_alloc+0xb90/0xb90 [ 324.263003] alloc_inode+0xb2/0x190 [ 324.266652] new_inode_pseudo+0x71/0x1a0 [ 324.270731] ? prune_icache_sb+0x1c0/0x1c0 [ 324.274981] ? d_alloc+0x380/0x380 [ 324.278525] ? timespec64_trunc+0x180/0x180 [ 324.282879] new_inode+0x1c/0x40 [ 324.286271] simple_fill_super+0x29d/0x600 [ 324.290543] nfsd_fill_super+0x4f/0x60 [ 324.294439] mount_ns+0x12e/0x1d0 [ 324.297918] nfsd_mount+0xa4/0xd0 [ 324.301382] ? nfsd_mount+0xd0/0xd0 22:09:19 executing program 2: [ 324.305022] ? nfsd_umount+0x80/0x80 [ 324.308763] legacy_get_tree+0x12f/0x260 [ 324.312841] ? security_fs_context_validate+0x80/0xa0 [ 324.318056] vfs_get_tree+0x1cb/0x5c0 [ 324.321869] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 324.326642] do_mount+0x82a/0x1ff0 [ 324.330208] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 324.335763] ? copy_mount_string+0x40/0x40 [ 324.340016] ? copy_mount_options+0x5f/0x430 [ 324.344451] ? kmem_cache_alloc_trace+0x353/0x750 [ 324.349313] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.354872] ? _copy_from_user+0xdf/0x150 [ 324.359051] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.364598] ? copy_mount_options+0x315/0x430 [ 324.369109] ksys_mount+0x12d/0x140 [ 324.372780] __x64_sys_mount+0xbe/0x150 [ 324.376759] do_syscall_64+0x1b9/0x820 [ 324.380648] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 324.386013] ? syscall_return_slowpath+0x5e0/0x5e0 [ 324.390953] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.395798] ? trace_hardirqs_on_caller+0x310/0x310 [ 324.400820] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 324.405839] ? prepare_exit_to_usermode+0x291/0x3b0 [ 324.410887] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.415748] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.420936] RIP: 0033:0x457569 [ 324.424135] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.443050] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 324.450764] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 324.458042] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 324.465314] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 324.472615] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 324.479887] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:19 executing program 0 (fault-call:1 fault-nth:56): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:19 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff00000000, &(0x7f0000000100)) 22:09:19 executing program 2: 22:09:19 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000, &(0x7f0000000100)) 22:09:19 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff00000000, &(0x7f0000000100)) 22:09:19 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 324.636984] FAULT_INJECTION: forcing a failure. [ 324.636984] name failslab, interval 1, probability 0, space 0, times 0 [ 324.655531] CPU: 0 PID: 10493 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 324.663802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.673168] Call Trace: [ 324.675774] dump_stack+0x244/0x39d [ 324.679435] ? dump_stack_print_info.cold.1+0x20/0x20 [ 324.684647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.690205] ? check_preemption_disabled+0x48/0x280 [ 324.695246] should_fail.cold.4+0xa/0x17 [ 324.699342] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 324.704472] ? rcu_read_lock_sched_held+0x14f/0x180 [ 324.709504] ? __lockdep_init_map+0x105/0x590 [ 324.714018] ? zap_class+0x640/0x640 [ 324.717757] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.723314] ? d_set_d_op+0x31d/0x410 [ 324.727137] ? find_held_lock+0x36/0x1c0 [ 324.731223] ? __lock_is_held+0xb5/0x140 22:09:20 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300, &(0x7f0000000100)) [ 324.735299] ? audit_add_tree_rule+0xdc8/0xe60 [ 324.739909] ? perf_trace_sched_process_exec+0x860/0x860 [ 324.745383] ? do_raw_spin_trylock+0x270/0x270 [ 324.750002] __should_failslab+0x124/0x180 [ 324.754269] should_failslab+0x9/0x14 [ 324.758087] kmem_cache_alloc+0x2be/0x730 [ 324.762254] ? __d_alloc+0xb90/0xb90 [ 324.765985] alloc_inode+0xb2/0x190 [ 324.769625] new_inode_pseudo+0x71/0x1a0 [ 324.773700] ? prune_icache_sb+0x1c0/0x1c0 [ 324.777944] ? d_alloc+0x380/0x380 [ 324.781497] ? timespec64_trunc+0x180/0x180 22:09:20 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd ', 0x0, &(0x7f0000000100)) [ 324.785840] new_inode+0x1c/0x40 [ 324.789221] simple_fill_super+0x29d/0x600 [ 324.793482] nfsd_fill_super+0x4f/0x60 [ 324.797379] mount_ns+0x12e/0x1d0 [ 324.800851] nfsd_mount+0xa4/0xd0 [ 324.804310] ? nfsd_mount+0xd0/0xd0 [ 324.807949] ? nfsd_umount+0x80/0x80 [ 324.811676] legacy_get_tree+0x12f/0x260 [ 324.815754] ? security_fs_context_validate+0x80/0xa0 [ 324.820964] vfs_get_tree+0x1cb/0x5c0 [ 324.824777] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 324.829547] do_mount+0x82a/0x1ff0 22:09:20 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa, &(0x7f0000000100)) [ 324.833105] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 324.838661] ? copy_mount_string+0x40/0x40 [ 324.842960] ? copy_mount_options+0x5f/0x430 [ 324.847371] ? kmem_cache_alloc_trace+0x353/0x750 [ 324.852211] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 324.857738] ? _copy_from_user+0xdf/0x150 [ 324.861881] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 324.867418] ? copy_mount_options+0x315/0x430 [ 324.871910] ksys_mount+0x12d/0x140 [ 324.875531] __x64_sys_mount+0xbe/0x150 [ 324.879497] do_syscall_64+0x1b9/0x820 [ 324.883373] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 324.888735] ? syscall_return_slowpath+0x5e0/0x5e0 [ 324.893652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.898486] ? trace_hardirqs_on_caller+0x310/0x310 [ 324.903493] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 324.908522] ? prepare_exit_to_usermode+0x291/0x3b0 [ 324.913532] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 324.918372] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 324.923550] RIP: 0033:0x457569 [ 324.926742] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 324.945634] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 324.953337] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 324.960600] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 324.967886] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 324.975166] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 22:09:20 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x5, &(0x7f0000000100)) 22:09:20 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4, &(0x7f0000000100)) 22:09:20 executing program 2: [ 324.982443] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:20 executing program 0 (fault-call:1 fault-nth:57): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:20 executing program 2: 22:09:20 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc000000000, &(0x7f0000000100)) 22:09:20 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000, &(0x7f0000000100)) [ 325.223942] FAULT_INJECTION: forcing a failure. [ 325.223942] name failslab, interval 1, probability 0, space 0, times 0 [ 325.293832] CPU: 1 PID: 10522 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 325.302115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.311476] Call Trace: [ 325.314081] dump_stack+0x244/0x39d [ 325.317739] ? dump_stack_print_info.cold.1+0x20/0x20 [ 325.322964] should_fail.cold.4+0xa/0x17 [ 325.327054] ? find_held_lock+0x36/0x1c0 [ 325.331138] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 325.331165] ? lock_downgrade+0x900/0x900 [ 325.331187] ? check_preemption_disabled+0x48/0x280 [ 325.340447] ? zap_class+0x640/0x640 [ 325.340475] ? find_held_lock+0x36/0x1c0 [ 325.340495] ? __lock_is_held+0xb5/0x140 [ 325.357355] ? perf_trace_sched_process_exec+0x860/0x860 [ 325.362819] ? zap_class+0x640/0x640 [ 325.366553] __should_failslab+0x124/0x180 [ 325.370803] should_failslab+0x9/0x14 [ 325.370821] kmem_cache_alloc+0x2be/0x730 [ 325.370839] ? find_held_lock+0x36/0x1c0 [ 325.370862] __d_alloc+0xc8/0xb90 [ 325.378801] ? d_add+0x5f9/0xa10 [ 325.378820] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 325.378843] ? kasan_check_read+0x11/0x20 [ 325.378862] ? do_raw_spin_unlock+0xa7/0x330 [ 325.403271] ? do_raw_spin_trylock+0x270/0x270 [ 325.407871] ? d_delete+0x220/0x220 [ 325.411522] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 325.416724] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 325.421944] ? _raw_spin_unlock+0x2c/0x50 [ 325.426105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 325.431652] ? hashlen_string+0x1f2/0x300 [ 325.435816] d_alloc+0x96/0x380 [ 325.439110] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 325.444312] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.444331] ? __d_alloc+0xb90/0xb90 [ 325.444356] d_alloc_name+0xbb/0x120 [ 325.453596] ? current_time+0x10b/0x1b0 [ 325.453614] ? d_alloc+0x380/0x380 [ 325.453627] ? timespec64_trunc+0x180/0x180 [ 325.453653] simple_fill_super+0x463/0x600 [ 325.473412] nfsd_fill_super+0x4f/0x60 [ 325.477313] mount_ns+0x12e/0x1d0 [ 325.480787] nfsd_mount+0xa4/0xd0 [ 325.484251] ? nfsd_mount+0xd0/0xd0 [ 325.487896] ? nfsd_umount+0x80/0x80 22:09:20 executing program 2: 22:09:20 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff00000000, &(0x7f0000000100)) 22:09:20 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff00000000, &(0x7f0000000100)) [ 325.491625] legacy_get_tree+0x12f/0x260 [ 325.495701] ? security_fs_context_validate+0x80/0xa0 [ 325.500921] vfs_get_tree+0x1cb/0x5c0 [ 325.504737] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 325.509515] do_mount+0x82a/0x1ff0 [ 325.513082] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 325.518641] ? copy_mount_string+0x40/0x40 [ 325.523090] ? copy_mount_options+0x5f/0x430 [ 325.527522] ? kmem_cache_alloc_trace+0x353/0x750 [ 325.532383] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 325.537940] ? _copy_from_user+0xdf/0x150 [ 325.542115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.547653] ? copy_mount_options+0x315/0x430 [ 325.552140] ksys_mount+0x12d/0x140 [ 325.555777] __x64_sys_mount+0xbe/0x150 [ 325.559744] do_syscall_64+0x1b9/0x820 [ 325.563618] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 325.568990] ? syscall_return_slowpath+0x5e0/0x5e0 [ 325.573915] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.578748] ? trace_hardirqs_on_caller+0x310/0x310 [ 325.583754] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 325.588764] ? prepare_exit_to_usermode+0x291/0x3b0 [ 325.593773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 325.598609] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.603801] RIP: 0033:0x457569 [ 325.606991] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 325.625882] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 325.633588] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:21 executing program 2: 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100000000000000, &(0x7f0000000100)) 22:09:21 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff6, &(0x7f0000000100)) [ 325.640862] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 325.648146] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 325.655412] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 325.662675] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:21 executing program 0 (fault-call:1 fault-nth:58): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:21 executing program 2: 22:09:21 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffffff00000000, &(0x7f0000000100)) 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff00000000, &(0x7f0000000100)) 22:09:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff, &(0x7f0000000100)) [ 325.859406] FAULT_INJECTION: forcing a failure. [ 325.859406] name failslab, interval 1, probability 0, space 0, times 0 22:09:21 executing program 2: 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffffff00000000, &(0x7f0000000100)) [ 325.950104] CPU: 1 PID: 10559 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 325.958374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.967740] Call Trace: [ 325.970349] dump_stack+0x244/0x39d [ 325.974006] ? dump_stack_print_info.cold.1+0x20/0x20 [ 325.979228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.984778] ? check_preemption_disabled+0x48/0x280 [ 325.989815] should_fail.cold.4+0xa/0x17 [ 325.993914] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 325.999052] ? rcu_read_lock_sched_held+0x14f/0x180 [ 326.004093] ? __lockdep_init_map+0x105/0x590 [ 326.008609] ? zap_class+0x640/0x640 [ 326.012342] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.017902] ? d_set_d_op+0x31d/0x410 [ 326.021729] ? find_held_lock+0x36/0x1c0 [ 326.025816] ? __lock_is_held+0xb5/0x140 [ 326.029914] ? perf_trace_sched_process_exec+0x860/0x860 [ 326.035381] ? do_raw_spin_trylock+0x270/0x270 [ 326.039987] __should_failslab+0x124/0x180 [ 326.044240] should_failslab+0x9/0x14 22:09:21 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000240)="ca01000005006e0000000000ffa2ada33f93820fd903378c58160aaacb57a80000061a80e19e33e3c2e7725f4a58611537a0be625ef7402810fadc5712f29508c008e265756fe5eb8f590e78", 0x4c, 0x0, &(0x7f0000000100)={0xa, 0x100200000800, 0x2, @loopback}, 0x1c) [ 326.048065] kmem_cache_alloc+0x2be/0x730 [ 326.052229] ? __d_alloc+0xb90/0xb90 [ 326.055965] alloc_inode+0xb2/0x190 [ 326.059605] new_inode_pseudo+0x71/0x1a0 [ 326.063693] ? prune_icache_sb+0x1c0/0x1c0 [ 326.067941] ? d_alloc+0x380/0x380 [ 326.071492] ? timespec64_trunc+0x180/0x180 [ 326.075836] new_inode+0x1c/0x40 [ 326.079213] simple_fill_super+0x29d/0x600 [ 326.083470] nfsd_fill_super+0x4f/0x60 [ 326.087366] mount_ns+0x12e/0x1d0 [ 326.090839] nfsd_mount+0xa4/0xd0 [ 326.094309] ? nfsd_mount+0xd0/0xd0 [ 326.097948] ? nfsd_umount+0x80/0x80 [ 326.101675] legacy_get_tree+0x12f/0x260 [ 326.105751] ? security_fs_context_validate+0x80/0xa0 [ 326.110960] vfs_get_tree+0x1cb/0x5c0 [ 326.114779] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 326.119556] do_mount+0x82a/0x1ff0 [ 326.123114] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 326.128668] ? copy_mount_string+0x40/0x40 [ 326.132929] ? copy_mount_options+0x5f/0x430 [ 326.137358] ? kmem_cache_alloc_trace+0x353/0x750 [ 326.142224] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 22:09:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f6", 0x0, &(0x7f0000000100)) 22:09:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff, &(0x7f0000000100)) 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f000000, &(0x7f0000000100)) [ 326.147774] ? _copy_from_user+0xdf/0x150 [ 326.147796] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.147819] ? copy_mount_options+0x315/0x430 [ 326.161997] ksys_mount+0x12d/0x140 [ 326.162021] __x64_sys_mount+0xbe/0x150 [ 326.169629] do_syscall_64+0x1b9/0x820 [ 326.173532] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 326.178925] ? syscall_return_slowpath+0x5e0/0x5e0 [ 326.183874] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.188746] ? trace_hardirqs_on_caller+0x310/0x310 [ 326.193783] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 326.198818] ? prepare_exit_to_usermode+0x291/0x3b0 [ 326.203860] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.208756] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.213960] RIP: 0033:0x457569 [ 326.217170] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 326.236083] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 326.243812] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff, &(0x7f0000000100)) [ 326.251097] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 326.258378] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 326.265665] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 326.272944] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:21 executing program 0 (fault-call:1 fault-nth:59): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:21 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000, &(0x7f0000000100)) 22:09:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1020, &(0x7f0000000100)) 22:09:21 executing program 2: r0 = memfd_create(&(0x7f0000000000)="6d81351e39cfc228a4c67200", 0x6) lseek(r0, 0xfffffffffffffffe, 0x4) 22:09:21 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff, &(0x7f0000000100)) 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xc0ed0000, &(0x7f0000000100)) [ 326.403094] FAULT_INJECTION: forcing a failure. [ 326.403094] name failslab, interval 1, probability 0, space 0, times 0 [ 326.539087] CPU: 0 PID: 10594 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 326.547358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.556730] Call Trace: [ 326.559337] dump_stack+0x244/0x39d [ 326.562982] ? dump_stack_print_info.cold.1+0x20/0x20 [ 326.568192] should_fail.cold.4+0xa/0x17 [ 326.572268] ? find_held_lock+0x36/0x1c0 [ 326.576343] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 326.581464] ? lock_downgrade+0x900/0x900 [ 326.585624] ? check_preemption_disabled+0x48/0x280 [ 326.590657] ? zap_class+0x640/0x640 [ 326.594407] ? find_held_lock+0x36/0x1c0 [ 326.598494] ? __lock_is_held+0xb5/0x140 [ 326.602588] ? perf_trace_sched_process_exec+0x860/0x860 [ 326.608060] ? zap_class+0x640/0x640 [ 326.611796] __should_failslab+0x124/0x180 [ 326.616065] should_failslab+0x9/0x14 [ 326.619883] kmem_cache_alloc+0x2be/0x730 [ 326.624055] ? find_held_lock+0x36/0x1c0 [ 326.628135] __d_alloc+0xc8/0xb90 [ 326.631597] ? d_add+0x5f9/0xa10 22:09:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3, &(0x7f0000000100)) 22:09:21 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2, &(0x7f0000000100)) [ 326.634982] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 326.640022] ? kasan_check_read+0x11/0x20 [ 326.644200] ? do_raw_spin_unlock+0xa7/0x330 [ 326.648640] ? do_raw_spin_trylock+0x270/0x270 [ 326.653536] ? d_delete+0x220/0x220 [ 326.657170] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 326.662375] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 326.667590] ? _raw_spin_unlock+0x2c/0x50 [ 326.671753] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 326.677303] ? hashlen_string+0x1f2/0x300 [ 326.681470] d_alloc+0x96/0x380 [ 326.684759] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 326.689962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.689978] ? __d_alloc+0xb90/0xb90 [ 326.690004] d_alloc_name+0xbb/0x120 [ 326.690019] ? current_time+0x10b/0x1b0 [ 326.690046] ? d_alloc+0x380/0x380 [ 326.690064] ? timespec64_trunc+0x180/0x180 [ 326.714828] simple_fill_super+0x463/0x600 [ 326.719087] nfsd_fill_super+0x4f/0x60 [ 326.722995] mount_ns+0x12e/0x1d0 [ 326.726476] nfsd_mount+0xa4/0xd0 [ 326.729930] ? nfsd_mount+0xd0/0xd0 [ 326.733544] ? nfsd_umount+0x80/0x80 [ 326.737246] legacy_get_tree+0x12f/0x260 [ 326.741295] ? security_fs_context_validate+0x80/0xa0 [ 326.746489] vfs_get_tree+0x1cb/0x5c0 [ 326.750295] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 326.755049] do_mount+0x82a/0x1ff0 [ 326.758581] ? copy_mount_string+0x40/0x40 [ 326.762803] ? retint_kernel+0x2d/0x2d [ 326.766695] ? copy_mount_options+0x228/0x430 [ 326.771205] ? write_comp_data+0x22/0x70 [ 326.775267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 326.780795] ? copy_mount_options+0x315/0x430 [ 326.785279] ksys_mount+0x12d/0x140 [ 326.788897] __x64_sys_mount+0xbe/0x150 [ 326.792871] do_syscall_64+0x1b9/0x820 [ 326.796759] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 326.802166] ? syscall_return_slowpath+0x5e0/0x5e0 [ 326.807096] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.811943] ? trace_hardirqs_on_caller+0x310/0x310 [ 326.816947] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 326.821953] ? prepare_exit_to_usermode+0x291/0x3b0 [ 326.826977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 326.831829] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 326.837020] RIP: 0033:0x457569 [ 326.840209] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 326.859099] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 326.866796] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 326.874054] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 326.881310] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:09:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736411", 0x0, &(0x7f0000000100)) 22:09:22 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4, &(0x7f0000000100)) 22:09:22 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000b39000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue1\x00'}) r1 = syz_open_dev$sndseq(&(0x7f00000000c0)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000000)={0x0, 0x0, {0x3000000}}) 22:09:22 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff00000000, &(0x7f0000000100)) 22:09:22 executing program 0 (fault-call:1 fault-nth:60): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 326.888563] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 326.895828] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 327.009722] FAULT_INJECTION: forcing a failure. [ 327.009722] name failslab, interval 1, probability 0, space 0, times 0 22:09:22 executing program 2: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070") r1 = socket(0x11, 0x4000000000080003, 0x0) setsockopt$packet_int(r1, 0x107, 0x11, &(0x7f0000000100)=0xfff, 0x4) bind$packet(r1, &(0x7f0000000080)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) setsockopt(r1, 0x107, 0x5, &(0x7f0000001000), 0xc5) r2 = socket$inet6(0xa, 0x1, 0x8010000400000084) bind$inet6(r2, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r2, &(0x7f0000925000)="e0", 0x1, 0x0, &(0x7f0000bb6000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) 22:09:22 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3000000, &(0x7f0000000100)) 22:09:22 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc0, &(0x7f0000000100)) 22:09:22 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4, &(0x7f0000000100)) [ 327.081522] CPU: 0 PID: 10620 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 327.089781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.089788] Call Trace: [ 327.089816] dump_stack+0x244/0x39d [ 327.089841] ? dump_stack_print_info.cold.1+0x20/0x20 [ 327.089865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.089889] ? check_preemption_disabled+0x48/0x280 [ 327.121185] should_fail.cold.4+0xa/0x17 [ 327.125263] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 327.130430] ? rcu_read_lock_sched_held+0x14f/0x180 [ 327.135467] ? __lockdep_init_map+0x105/0x590 [ 327.139977] ? zap_class+0x640/0x640 [ 327.139996] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.140013] ? d_set_d_op+0x31d/0x410 [ 327.140045] ? find_held_lock+0x36/0x1c0 [ 327.153085] ? __lock_is_held+0xb5/0x140 [ 327.153119] ? perf_trace_sched_process_exec+0x860/0x860 [ 327.153138] ? do_raw_spin_trylock+0x270/0x270 [ 327.171312] __should_failslab+0x124/0x180 [ 327.175563] should_failslab+0x9/0x14 22:09:22 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000, &(0x7f0000000100)) [ 327.179382] kmem_cache_alloc+0x2be/0x730 [ 327.183547] ? __d_alloc+0xb90/0xb90 [ 327.187278] alloc_inode+0xb2/0x190 [ 327.190920] new_inode_pseudo+0x71/0x1a0 [ 327.194997] ? prune_icache_sb+0x1c0/0x1c0 [ 327.199262] ? d_alloc+0x380/0x380 [ 327.202817] ? timespec64_trunc+0x180/0x180 [ 327.207154] new_inode+0x1c/0x40 [ 327.210530] simple_fill_super+0x29d/0x600 [ 327.214789] nfsd_fill_super+0x4f/0x60 [ 327.218691] mount_ns+0x12e/0x1d0 [ 327.222164] nfsd_mount+0xa4/0xd0 [ 327.225628] ? nfsd_mount+0xd0/0xd0 [ 327.229264] ? nfsd_umount+0x80/0x80 [ 327.232982] legacy_get_tree+0x12f/0x260 [ 327.237058] ? security_fs_context_validate+0x80/0xa0 [ 327.242259] vfs_get_tree+0x1cb/0x5c0 [ 327.246067] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 327.250835] do_mount+0x82a/0x1ff0 [ 327.254381] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 327.259940] ? copy_mount_string+0x40/0x40 [ 327.264190] ? copy_mount_options+0x5f/0x430 [ 327.268606] ? kmem_cache_alloc_trace+0x353/0x750 [ 327.273457] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 327.279000] ? _copy_from_user+0xdf/0x150 [ 327.283160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.288723] ? copy_mount_options+0x315/0x430 [ 327.293228] ksys_mount+0x12d/0x140 [ 327.296862] __x64_sys_mount+0xbe/0x150 [ 327.300848] do_syscall_64+0x1b9/0x820 [ 327.304738] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 327.310110] ? syscall_return_slowpath+0x5e0/0x5e0 [ 327.315052] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.319904] ? trace_hardirqs_on_caller+0x310/0x310 [ 327.324943] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 327.329962] ? prepare_exit_to_usermode+0x291/0x3b0 [ 327.334990] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.339844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.345043] RIP: 0033:0x457569 [ 327.348242] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 327.367149] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 327.374863] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 22:09:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 327.382137] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 327.389408] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 327.396679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 327.403954] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:22 executing program 0 (fault-call:1 fault-nth:61): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:22 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000000000000, &(0x7f0000000100)) 22:09:22 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000, &(0x7f0000000100)) [ 327.597915] FAULT_INJECTION: forcing a failure. [ 327.597915] name failslab, interval 1, probability 0, space 0, times 0 [ 327.617862] CPU: 1 PID: 10654 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 327.626131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.635491] Call Trace: [ 327.638102] dump_stack+0x244/0x39d [ 327.641756] ? dump_stack_print_info.cold.1+0x20/0x20 [ 327.646972] should_fail.cold.4+0xa/0x17 [ 327.651058] ? find_held_lock+0x36/0x1c0 [ 327.655135] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 327.660261] ? lock_downgrade+0x900/0x900 [ 327.664414] ? check_preemption_disabled+0x48/0x280 [ 327.669438] ? zap_class+0x640/0x640 [ 327.673174] ? find_held_lock+0x36/0x1c0 [ 327.677246] ? __lock_is_held+0xb5/0x140 [ 327.677280] ? perf_trace_sched_process_exec+0x860/0x860 [ 327.677295] ? zap_class+0x640/0x640 [ 327.677319] __should_failslab+0x124/0x180 [ 327.686820] should_failslab+0x9/0x14 [ 327.686837] kmem_cache_alloc+0x2be/0x730 [ 327.686853] ? find_held_lock+0x36/0x1c0 [ 327.686877] __d_alloc+0xc8/0xb90 [ 327.686898] ? d_add+0x5f9/0xa10 [ 327.686918] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 327.718648] ? kasan_check_read+0x11/0x20 [ 327.722816] ? do_raw_spin_unlock+0xa7/0x330 [ 327.727243] ? do_raw_spin_trylock+0x270/0x270 [ 327.731840] ? d_delete+0x220/0x220 [ 327.735484] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 327.740684] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 327.745903] ? _raw_spin_unlock+0x2c/0x50 [ 327.750064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 327.755607] ? hashlen_string+0x1f2/0x300 [ 327.755632] d_alloc+0x96/0x380 [ 327.755653] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 327.768274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.773827] ? __d_alloc+0xb90/0xb90 [ 327.777568] d_alloc_name+0xbb/0x120 [ 327.781291] ? current_time+0x10b/0x1b0 [ 327.785282] ? d_alloc+0x380/0x380 [ 327.788831] ? timespec64_trunc+0x180/0x180 [ 327.793178] simple_fill_super+0x463/0x600 [ 327.797432] nfsd_fill_super+0x4f/0x60 [ 327.801325] mount_ns+0x12e/0x1d0 [ 327.804799] nfsd_mount+0xa4/0xd0 [ 327.808270] ? nfsd_mount+0xd0/0xd0 [ 327.811915] ? nfsd_umount+0x80/0x80 [ 327.815642] legacy_get_tree+0x12f/0x260 [ 327.819717] ? security_fs_context_validate+0x80/0xa0 [ 327.824927] vfs_get_tree+0x1cb/0x5c0 [ 327.828740] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 327.833515] do_mount+0x82a/0x1ff0 [ 327.837078] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 327.842639] ? copy_mount_string+0x40/0x40 22:09:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11000000, &(0x7f0000000100)) 22:09:23 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00000000000000, &(0x7f0000000100)) 22:09:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\n', 0x0, &(0x7f0000000100)) [ 327.846905] ? copy_mount_options+0x5f/0x430 [ 327.851335] ? kmem_cache_alloc_trace+0x353/0x750 [ 327.856199] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 327.861752] ? _copy_from_user+0xdf/0x150 [ 327.865919] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 327.871476] ? copy_mount_options+0x315/0x430 [ 327.875990] ksys_mount+0x12d/0x140 [ 327.879653] __x64_sys_mount+0xbe/0x150 [ 327.883645] do_syscall_64+0x1b9/0x820 [ 327.887545] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 327.892923] ? syscall_return_slowpath+0x5e0/0x5e0 [ 327.897905] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.902770] ? trace_hardirqs_on_caller+0x310/0x310 [ 327.907807] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 327.912843] ? prepare_exit_to_usermode+0x291/0x3b0 [ 327.917879] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 327.917913] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 327.917930] RIP: 0033:0x457569 [ 327.927952] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 327.927960] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 327.927975] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 327.927983] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 327.927992] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 327.928001] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 327.928010] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364f0", 0x0, &(0x7f0000000100)) 22:09:23 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11000000, &(0x7f0000000100)) 22:09:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x500, &(0x7f0000000100)) 22:09:23 executing program 0 (fault-call:1 fault-nth:62): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:23 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000580)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="b7f2288a911993f0265df5cf1cdd8b55", 0x10) r1 = accept$alg(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000005a00)=[{{&(0x7f0000001bc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001c40)=""/180, 0x7ffff000}], 0x1, &(0x7f0000001e40)=""/213, 0xfffffffffffffd74}}], 0x1, 0x0, &(0x7f0000005c00)={0x77359400}) 22:09:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff, &(0x7f0000000100)) 22:09:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100, &(0x7f0000000100)) [ 328.228294] FAULT_INJECTION: forcing a failure. [ 328.228294] name failslab, interval 1, probability 0, space 0, times 0 22:09:23 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00, &(0x7f0000000100)) 22:09:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600, &(0x7f0000000100)) [ 328.287002] CPU: 1 PID: 10692 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 328.295286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.304658] Call Trace: [ 328.307273] dump_stack+0x244/0x39d [ 328.310932] ? dump_stack_print_info.cold.1+0x20/0x20 [ 328.316148] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 328.321709] ? check_preemption_disabled+0x48/0x280 [ 328.326750] should_fail.cold.4+0xa/0x17 [ 328.330826] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 328.330854] ? rcu_read_lock_sched_held+0x14f/0x180 [ 328.330875] ? __lockdep_init_map+0x105/0x590 [ 328.341001] ? zap_class+0x640/0x640 [ 328.341020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 328.341047] ? d_set_d_op+0x31d/0x410 [ 328.341069] ? find_held_lock+0x36/0x1c0 [ 328.362652] ? __lock_is_held+0xb5/0x140 [ 328.366727] ? btrfs_rename2+0x1108/0x3760 [ 328.370984] ? perf_trace_sched_process_exec+0x860/0x860 [ 328.376450] ? do_raw_spin_trylock+0x270/0x270 [ 328.381063] __should_failslab+0x124/0x180 [ 328.385326] should_failslab+0x9/0x14 [ 328.389144] kmem_cache_alloc+0x2be/0x730 [ 328.393308] ? __d_alloc+0xb90/0xb90 [ 328.397049] alloc_inode+0xb2/0x190 [ 328.400691] new_inode_pseudo+0x71/0x1a0 [ 328.404768] ? prune_icache_sb+0x1c0/0x1c0 [ 328.409016] ? d_alloc+0x380/0x380 [ 328.412577] ? timespec64_trunc+0x180/0x180 [ 328.416926] new_inode+0x1c/0x40 [ 328.420304] simple_fill_super+0x29d/0x600 [ 328.424560] nfsd_fill_super+0x4f/0x60 [ 328.428465] mount_ns+0x12e/0x1d0 [ 328.431945] nfsd_mount+0xa4/0xd0 [ 328.435409] ? nfsd_mount+0xd0/0xd0 [ 328.439059] ? nfsd_umount+0x80/0x80 [ 328.442779] legacy_get_tree+0x12f/0x260 [ 328.446858] ? security_fs_context_validate+0x80/0xa0 [ 328.452067] vfs_get_tree+0x1cb/0x5c0 [ 328.455877] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 328.460650] do_mount+0x82a/0x1ff0 [ 328.464206] ? copy_mount_string+0x40/0x40 [ 328.468445] ? retint_kernel+0x2d/0x2d [ 328.472346] ? copy_mount_options+0x25c/0x430 [ 328.476846] ? write_comp_data+0x6c/0x70 [ 328.480918] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 328.487071] ? copy_mount_options+0x315/0x430 [ 328.491576] ksys_mount+0x12d/0x140 [ 328.495213] __x64_sys_mount+0xbe/0x150 [ 328.499195] do_syscall_64+0x1b9/0x820 [ 328.503085] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 328.508454] ? syscall_return_slowpath+0x5e0/0x5e0 [ 328.513388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.518238] ? trace_hardirqs_on_caller+0x310/0x310 [ 328.523261] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 328.528295] ? prepare_exit_to_usermode+0x291/0x3b0 [ 328.533323] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 328.538181] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.543381] RIP: 0033:0x457569 [ 328.546592] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 328.565511] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 328.573236] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 328.580534] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000, &(0x7f0000000100)) [ 328.587819] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 328.595094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 328.602372] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000, &(0x7f0000000100)) 22:09:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:24 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x400000000000000, &(0x7f0000000100)) 22:09:24 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:24 executing program 0 (fault-call:1 fault-nth:63): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:24 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xedc000000000, &(0x7f0000000100)) 22:09:24 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x200000000000000, &(0x7f0000000100)) 22:09:24 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6000000, &(0x7f0000000100)) [ 328.890910] FAULT_INJECTION: forcing a failure. [ 328.890910] name failslab, interval 1, probability 0, space 0, times 0 [ 328.943703] CPU: 0 PID: 10734 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 328.951979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 328.961345] Call Trace: [ 328.963956] dump_stack+0x244/0x39d [ 328.967617] ? dump_stack_print_info.cold.1+0x20/0x20 [ 328.972836] should_fail.cold.4+0xa/0x17 [ 328.976909] ? find_held_lock+0x36/0x1c0 [ 328.980987] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 328.986120] ? lock_downgrade+0x900/0x900 22:09:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00000000000000, &(0x7f0000000100)) [ 328.990285] ? check_preemption_disabled+0x48/0x280 [ 328.995319] ? zap_class+0x640/0x640 [ 328.999149] ? find_held_lock+0x36/0x1c0 [ 329.003232] ? __lock_is_held+0xb5/0x140 [ 329.007312] ? perf_trace_sched_process_exec+0x860/0x860 [ 329.007328] ? zap_class+0x640/0x640 [ 329.007352] __should_failslab+0x124/0x180 [ 329.007369] should_failslab+0x9/0x14 [ 329.007383] kmem_cache_alloc+0x2be/0x730 [ 329.007405] ? find_held_lock+0x36/0x1c0 [ 329.007429] __d_alloc+0xc8/0xb90 [ 329.007448] ? d_add+0x5f9/0xa10 [ 329.039641] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 329.044672] ? kasan_check_read+0x11/0x20 [ 329.048831] ? do_raw_spin_unlock+0xa7/0x330 [ 329.053251] ? do_raw_spin_trylock+0x270/0x270 [ 329.057851] ? d_delete+0x220/0x220 [ 329.061497] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 329.066700] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 329.071910] ? _raw_spin_unlock+0x2c/0x50 [ 329.076076] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.081630] ? hashlen_string+0x1f2/0x300 [ 329.085803] d_alloc+0x96/0x380 [ 329.089103] ? ktime_get_coarse_real_ts64+0x22e/0x370 22:09:24 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000000, &(0x7f0000000100)) 22:09:24 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x8cffffff, &(0x7f0000000100)) [ 329.094305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.099878] ? __d_alloc+0xb90/0xb90 [ 329.103619] d_alloc_name+0xbb/0x120 [ 329.107342] ? current_time+0x10b/0x1b0 [ 329.111329] ? d_alloc+0x380/0x380 [ 329.114875] ? timespec64_trunc+0x180/0x180 [ 329.119237] simple_fill_super+0x463/0x600 [ 329.123492] nfsd_fill_super+0x4f/0x60 [ 329.127402] mount_ns+0x12e/0x1d0 [ 329.130875] nfsd_mount+0xa4/0xd0 [ 329.134340] ? nfsd_mount+0xd0/0xd0 [ 329.137981] ? nfsd_umount+0x80/0x80 22:09:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3000000, &(0x7f0000000100)) [ 329.141705] legacy_get_tree+0x12f/0x260 [ 329.145784] ? security_fs_context_validate+0x80/0xa0 [ 329.150989] vfs_get_tree+0x1cb/0x5c0 [ 329.154808] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 329.159582] do_mount+0x82a/0x1ff0 [ 329.163150] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 329.168708] ? copy_mount_string+0x40/0x40 [ 329.172980] ? copy_mount_options+0x5f/0x430 [ 329.177410] ? kmem_cache_alloc_trace+0x353/0x750 [ 329.177439] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.177459] ? copy_mount_options+0x315/0x430 22:09:24 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6, &(0x7f0000000100)) [ 329.192320] ksys_mount+0x12d/0x140 [ 329.195964] __x64_sys_mount+0xbe/0x150 [ 329.199961] do_syscall_64+0x1b9/0x820 [ 329.203860] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 329.209238] ? syscall_return_slowpath+0x5e0/0x5e0 [ 329.214184] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.219056] ? trace_hardirqs_on_caller+0x310/0x310 [ 329.224091] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 329.229126] ? prepare_exit_to_usermode+0x291/0x3b0 [ 329.234157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.239024] entry_SYSCALL_64_after_hwframe+0x49/0xbe 22:09:24 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000000, &(0x7f0000000100)) [ 329.244236] RIP: 0033:0x457569 [ 329.247436] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 329.266348] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 329.274081] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 329.281362] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:24 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xc0ed0000, &(0x7f0000000100)) 22:09:24 executing program 0 (fault-call:1 fault-nth:64): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6000000, &(0x7f0000000100)) [ 329.288643] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 329.295928] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 329.303212] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 329.343907] FAULT_INJECTION: forcing a failure. [ 329.343907] name failslab, interval 1, probability 0, space 0, times 0 [ 329.355441] CPU: 0 PID: 10756 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 329.363675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.373042] Call Trace: [ 329.373068] dump_stack+0x244/0x39d [ 329.373089] ? dump_stack_print_info.cold.1+0x20/0x20 [ 329.373115] should_fail.cold.4+0xa/0x17 [ 329.373132] ? find_held_lock+0x36/0x1c0 [ 329.373151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 329.397742] ? lock_downgrade+0x900/0x900 [ 329.401907] ? check_preemption_disabled+0x48/0x280 [ 329.406942] ? zap_class+0x640/0x640 [ 329.410681] ? find_held_lock+0x36/0x1c0 [ 329.414760] ? __lock_is_held+0xb5/0x140 [ 329.418848] ? perf_trace_sched_process_exec+0x860/0x860 [ 329.424319] ? zap_class+0x640/0x640 [ 329.428066] __should_failslab+0x124/0x180 [ 329.432321] should_failslab+0x9/0x14 [ 329.436135] kmem_cache_alloc+0x2be/0x730 [ 329.440298] ? find_held_lock+0x36/0x1c0 [ 329.444381] __d_alloc+0xc8/0xb90 [ 329.444405] ? d_add+0x5f9/0xa10 [ 329.444427] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 329.444450] ? kasan_check_read+0x11/0x20 [ 329.444469] ? do_raw_spin_unlock+0xa7/0x330 [ 329.464838] ? do_raw_spin_trylock+0x270/0x270 [ 329.464857] ? d_delete+0x220/0x220 [ 329.464882] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 329.464897] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 329.464920] ? _raw_spin_unlock+0x2c/0x50 [ 329.464942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.493167] ? hashlen_string+0x1f2/0x300 [ 329.497342] d_alloc+0x96/0x380 [ 329.500630] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 329.500661] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.500678] ? __d_alloc+0xb90/0xb90 [ 329.500707] d_alloc_name+0xbb/0x120 [ 329.500724] ? current_time+0x10b/0x1b0 [ 329.515151] ? d_alloc+0x380/0x380 [ 329.515167] ? timespec64_trunc+0x180/0x180 [ 329.515196] simple_fill_super+0x463/0x600 [ 329.515220] nfsd_fill_super+0x4f/0x60 [ 329.539376] mount_ns+0x12e/0x1d0 [ 329.542856] nfsd_mount+0xa4/0xd0 [ 329.542871] ? nfsd_mount+0xd0/0xd0 [ 329.542888] ? nfsd_umount+0x80/0x80 [ 329.542906] legacy_get_tree+0x12f/0x260 [ 329.542927] ? security_fs_context_validate+0x80/0xa0 [ 329.542947] vfs_get_tree+0x1cb/0x5c0 [ 329.542968] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 329.553754] do_mount+0x82a/0x1ff0 [ 329.553777] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 329.553800] ? copy_mount_string+0x40/0x40 [ 329.553824] ? copy_mount_options+0x5f/0x430 [ 329.553845] ? kmem_cache_alloc_trace+0x353/0x750 [ 329.553877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 329.553899] ? _copy_from_user+0xdf/0x150 [ 329.575213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 329.575233] ? copy_mount_options+0x315/0x430 [ 329.575257] ksys_mount+0x12d/0x140 [ 329.575278] __x64_sys_mount+0xbe/0x150 [ 329.575299] do_syscall_64+0x1b9/0x820 [ 329.594322] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 329.594345] ? syscall_return_slowpath+0x5e0/0x5e0 [ 329.594361] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.594387] ? trace_hardirqs_on_caller+0x310/0x310 [ 329.594410] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 329.650718] ? prepare_exit_to_usermode+0x291/0x3b0 [ 329.655764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 329.660639] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 329.665834] RIP: 0033:0x457569 [ 329.669050] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 329.687968] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:25 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff, &(0x7f0000000100)) 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f, &(0x7f0000000100)) [ 329.695696] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 329.702979] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 329.710260] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 329.717543] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 329.724823] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:25 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000000, &(0x7f0000000100)) 22:09:25 executing program 0 (fault-call:1 fault-nth:65): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x100000000000000, &(0x7f0000000100)) 22:09:25 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6, &(0x7f0000000100)) [ 329.919184] FAULT_INJECTION: forcing a failure. [ 329.919184] name failslab, interval 1, probability 0, space 0, times 0 [ 329.997578] CPU: 0 PID: 10790 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 330.005854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.015233] Call Trace: [ 330.017851] dump_stack+0x244/0x39d [ 330.021514] ? dump_stack_print_info.cold.1+0x20/0x20 [ 330.026736] should_fail.cold.4+0xa/0x17 [ 330.030812] ? find_held_lock+0x36/0x1c0 [ 330.034892] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 330.040013] ? lock_downgrade+0x900/0x900 [ 330.044198] ? check_preemption_disabled+0x48/0x280 [ 330.049236] ? zap_class+0x640/0x640 [ 330.052976] ? find_held_lock+0x36/0x1c0 [ 330.057065] ? __lock_is_held+0xb5/0x140 [ 330.061161] ? perf_trace_sched_process_exec+0x860/0x860 [ 330.066629] ? zap_class+0x640/0x640 [ 330.070371] __should_failslab+0x124/0x180 [ 330.074628] should_failslab+0x9/0x14 [ 330.078445] kmem_cache_alloc+0x2be/0x730 [ 330.082609] ? find_held_lock+0x36/0x1c0 [ 330.086690] __d_alloc+0xc8/0xb90 [ 330.090162] ? d_add+0x5f9/0xa10 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x500000000000000, &(0x7f0000000100)) 22:09:25 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300000000000000, &(0x7f0000000100)) 22:09:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff, &(0x7f0000000100)) 22:09:25 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000, &(0x7f0000000100)) [ 330.093542] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 330.098575] ? kasan_check_read+0x11/0x20 [ 330.102748] ? do_raw_spin_unlock+0xa7/0x330 [ 330.107169] ? do_raw_spin_trylock+0x270/0x270 [ 330.111771] ? d_delete+0x220/0x220 [ 330.115420] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 330.120620] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 330.125843] ? _raw_spin_unlock+0x2c/0x50 [ 330.130007] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 330.135568] ? hashlen_string+0x1f2/0x300 [ 330.139736] d_alloc+0x96/0x380 [ 330.139754] ? ktime_get_coarse_real_ts64+0x22e/0x370 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010, &(0x7f0000000100)) [ 330.139771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.139787] ? __d_alloc+0xb90/0xb90 [ 330.139812] d_alloc_name+0xbb/0x120 [ 330.139830] ? current_time+0x10b/0x1b0 [ 330.165205] ? d_alloc+0x380/0x380 [ 330.168760] ? timespec64_trunc+0x180/0x180 [ 330.173118] simple_fill_super+0x463/0x600 [ 330.177372] nfsd_fill_super+0x4f/0x60 [ 330.181274] mount_ns+0x12e/0x1d0 [ 330.184751] nfsd_mount+0xa4/0xd0 [ 330.188217] ? nfsd_mount+0xd0/0xd0 [ 330.191858] ? nfsd_umount+0x80/0x80 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11, &(0x7f0000000100)) [ 330.195586] legacy_get_tree+0x12f/0x260 [ 330.199659] ? security_fs_context_validate+0x80/0xa0 [ 330.204892] vfs_get_tree+0x1cb/0x5c0 [ 330.208717] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 330.213489] do_mount+0x82a/0x1ff0 [ 330.217049] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 330.222605] ? copy_mount_string+0x40/0x40 [ 330.226864] ? copy_mount_options+0x5f/0x430 [ 330.231292] ? kmem_cache_alloc_trace+0x353/0x750 [ 330.236173] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.241726] ? copy_mount_options+0x315/0x430 [ 330.246241] ksys_mount+0x12d/0x140 [ 330.249886] __x64_sys_mount+0xbe/0x150 [ 330.253898] do_syscall_64+0x1b9/0x820 [ 330.257805] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.263189] ? syscall_return_slowpath+0x5e0/0x5e0 [ 330.268137] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.273017] ? trace_hardirqs_on_caller+0x310/0x310 [ 330.278080] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 330.283118] ? prepare_exit_to_usermode+0x291/0x3b0 [ 330.288153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.293008] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.298203] RIP: 0033:0x457569 [ 330.301398] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 330.320294] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 330.327995] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 330.335255] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:25 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa000000, &(0x7f0000000100)) 22:09:25 executing program 0 (fault-call:1 fault-nth:66): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 330.342515] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 330.349773] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 330.357041] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 330.398704] FAULT_INJECTION: forcing a failure. [ 330.398704] name failslab, interval 1, probability 0, space 0, times 0 [ 330.410114] CPU: 0 PID: 10811 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 330.418360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.427733] Call Trace: [ 330.430346] dump_stack+0x244/0x39d [ 330.433994] ? dump_stack_print_info.cold.1+0x20/0x20 [ 330.439212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.439230] ? check_preemption_disabled+0x48/0x280 [ 330.439251] should_fail.cold.4+0xa/0x17 [ 330.439269] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 330.439295] ? rcu_read_lock_sched_held+0x14f/0x180 [ 330.439316] ? __lockdep_init_map+0x105/0x590 [ 330.468509] ? zap_class+0x640/0x640 [ 330.472239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.477792] ? d_set_d_op+0x31d/0x410 [ 330.481620] ? find_held_lock+0x36/0x1c0 [ 330.481645] ? __lock_is_held+0xb5/0x140 [ 330.489776] ? perf_trace_sched_process_exec+0x860/0x860 [ 330.489804] ? do_raw_spin_trylock+0x270/0x270 [ 330.489831] __should_failslab+0x124/0x180 [ 330.489852] should_failslab+0x9/0x14 [ 330.489872] kmem_cache_alloc+0x2be/0x730 [ 330.499896] ? __d_alloc+0xb90/0xb90 [ 330.499915] alloc_inode+0xb2/0x190 [ 330.499931] new_inode_pseudo+0x71/0x1a0 [ 330.499945] ? prune_icache_sb+0x1c0/0x1c0 [ 330.499961] ? d_alloc+0x380/0x380 [ 330.499975] ? timespec64_trunc+0x180/0x180 [ 330.499997] new_inode+0x1c/0x40 [ 330.500014] simple_fill_super+0x29d/0x600 [ 330.500049] nfsd_fill_super+0x4f/0x60 [ 330.500064] mount_ns+0x12e/0x1d0 [ 330.500083] nfsd_mount+0xa4/0xd0 [ 330.512239] ? nfsd_mount+0xd0/0xd0 [ 330.512257] ? nfsd_umount+0x80/0x80 [ 330.512276] legacy_get_tree+0x12f/0x260 [ 330.512297] ? security_fs_context_validate+0x80/0xa0 [ 330.512318] vfs_get_tree+0x1cb/0x5c0 [ 330.512340] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 330.519695] do_mount+0x82a/0x1ff0 [ 330.519717] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 330.519741] ? copy_mount_string+0x40/0x40 [ 330.519764] ? copy_mount_options+0x5f/0x430 [ 330.519783] ? kmem_cache_alloc_trace+0x353/0x750 [ 330.519805] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 330.531620] ? _copy_from_user+0xdf/0x150 [ 330.543532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 330.543552] ? copy_mount_options+0x315/0x430 [ 330.543575] ksys_mount+0x12d/0x140 [ 330.543597] __x64_sys_mount+0xbe/0x150 [ 330.543623] do_syscall_64+0x1b9/0x820 [ 330.633545] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 330.638944] ? syscall_return_slowpath+0x5e0/0x5e0 [ 330.643893] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.648755] ? trace_hardirqs_on_caller+0x310/0x310 [ 330.654122] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 330.659153] ? prepare_exit_to_usermode+0x291/0x3b0 [ 330.664186] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 330.669059] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 330.674257] RIP: 0033:0x457569 [ 330.677459] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 22:09:26 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010000000000000, &(0x7f0000000100)) 22:09:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600000000000000, &(0x7f0000000100)) [ 330.696372] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 330.704107] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 330.711406] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 330.718685] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 330.718695] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 330.718704] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736402", 0x0, &(0x7f0000000100)) 22:09:26 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:26 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1000000, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000, &(0x7f0000000100)) 22:09:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x600000000000000, &(0x7f0000000100)) 22:09:26 executing program 0 (fault-call:1 fault-nth:67): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 331.092831] FAULT_INJECTION: forcing a failure. [ 331.092831] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 331.104689] CPU: 1 PID: 10861 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 331.112933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.122292] Call Trace: [ 331.124903] dump_stack+0x244/0x39d [ 331.128558] ? dump_stack_print_info.cold.1+0x20/0x20 [ 331.133767] ? zap_class+0x640/0x640 [ 331.137504] should_fail.cold.4+0xa/0x17 [ 331.141584] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 331.146700] ? find_held_lock+0x36/0x1c0 [ 331.150794] ? get_mem_cgroup_from_mm.part.62+0x204/0x880 [ 331.156356] ? lock_downgrade+0x900/0x900 [ 331.160517] ? check_preemption_disabled+0x48/0x280 [ 331.165549] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 331.170493] ? kasan_check_read+0x11/0x20 [ 331.174667] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 331.179954] ? zap_class+0x640/0x640 [ 331.183678] ? rcu_softirq_qs+0x20/0x20 [ 331.187693] ? rcu_read_unlock+0x16/0x60 [ 331.191782] __alloc_pages_nodemask+0x34b/0xdd0 [ 331.196464] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 331.201403] ? kasan_check_read+0x11/0x20 [ 331.205571] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 331.210603] ? __lock_is_held+0xb5/0x140 [ 331.214712] ? trace_hardirqs_off+0xb8/0x310 [ 331.219137] cache_grow_begin+0xa5/0x8c0 [ 331.223214] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.228759] ? check_preemption_disabled+0x48/0x280 [ 331.233792] kmem_cache_alloc+0x66b/0x730 [ 331.237959] alloc_inode+0xb2/0x190 [ 331.241595] new_inode_pseudo+0x71/0x1a0 [ 331.245662] ? prune_icache_sb+0x1c0/0x1c0 [ 331.249916] ? d_alloc+0x380/0x380 [ 331.253471] ? timespec64_trunc+0x180/0x180 [ 331.257818] new_inode+0x1c/0x40 [ 331.261197] simple_fill_super+0x29d/0x600 [ 331.265458] nfsd_fill_super+0x4f/0x60 [ 331.269364] mount_ns+0x12e/0x1d0 [ 331.272841] nfsd_mount+0xa4/0xd0 [ 331.276307] ? nfsd_mount+0xd0/0xd0 [ 331.279943] ? nfsd_umount+0x80/0x80 [ 331.283673] legacy_get_tree+0x12f/0x260 [ 331.287756] ? security_fs_context_validate+0x80/0xa0 [ 331.292971] vfs_get_tree+0x1cb/0x5c0 [ 331.296786] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 331.301558] do_mount+0x82a/0x1ff0 [ 331.305118] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 331.310675] ? copy_mount_string+0x40/0x40 [ 331.314940] ? copy_mount_options+0x5f/0x430 [ 331.319367] ? kmem_cache_alloc_trace+0x353/0x750 [ 331.324228] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.329782] ? _copy_from_user+0xdf/0x150 [ 331.333954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.339499] ? copy_mount_options+0x315/0x430 [ 331.344011] ksys_mount+0x12d/0x140 [ 331.347667] __x64_sys_mount+0xbe/0x150 [ 331.351657] do_syscall_64+0x1b9/0x820 [ 331.355561] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 331.360933] ? syscall_return_slowpath+0x5e0/0x5e0 [ 331.360950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.360971] ? trace_hardirqs_on_caller+0x310/0x310 [ 331.360988] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 331.361008] ? prepare_exit_to_usermode+0x291/0x3b0 [ 331.370775] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 331.370800] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.370813] RIP: 0033:0x457569 [ 331.370831] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.417951] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 331.425671] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 331.432949] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff00000000, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfeffffff, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f, &(0x7f0000000100)) 22:09:26 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20000000, &(0x7f0000000100)) 22:09:26 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff0, &(0x7f0000000100)) [ 331.440225] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 331.447503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 331.454779] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:26 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x11000000, &(0x7f0000000100)) 22:09:26 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff0, &(0x7f0000000100)) 22:09:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100000000000000, &(0x7f0000000100)) 22:09:26 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:27 executing program 0 (fault-call:1 fault-nth:68): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:27 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3000000, &(0x7f0000000100)) [ 331.795761] FAULT_INJECTION: forcing a failure. [ 331.795761] name failslab, interval 1, probability 0, space 0, times 0 [ 331.844078] CPU: 0 PID: 10904 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 331.852353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.861722] Call Trace: [ 331.864341] dump_stack+0x244/0x39d [ 331.867995] ? dump_stack_print_info.cold.1+0x20/0x20 [ 331.873220] should_fail.cold.4+0xa/0x17 [ 331.877297] ? find_held_lock+0x36/0x1c0 [ 331.881372] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 331.886501] ? lock_downgrade+0x900/0x900 [ 331.890666] ? check_preemption_disabled+0x48/0x280 [ 331.895705] ? zap_class+0x640/0x640 [ 331.899456] ? find_held_lock+0x36/0x1c0 [ 331.903537] ? __lock_is_held+0xb5/0x140 [ 331.907624] ? perf_trace_sched_process_exec+0x860/0x860 [ 331.913094] ? zap_class+0x640/0x640 [ 331.916844] __should_failslab+0x124/0x180 [ 331.921097] should_failslab+0x9/0x14 [ 331.924913] kmem_cache_alloc+0x2be/0x730 [ 331.929069] ? find_held_lock+0x36/0x1c0 [ 331.933152] __d_alloc+0xc8/0xb90 [ 331.936612] ? d_add+0x5f9/0xa10 22:09:27 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:27 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x40000000, &(0x7f0000000100)) 22:09:27 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = open(&(0x7f0000000180)='./file0\x00', 0x40, 0x20) lsetxattr$trusted_overlay_opaque(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='trusted.overlay.opaque\x00', &(0x7f0000000140)='y\x00', 0x2, 0x3) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000000080)=0xe8) bind$packet(r0, &(0x7f0000000440)={0x11, 0x0, r1, 0x1, 0x1}, 0x14) mount(&(0x7f0000000480)=ANY=[@ANYBLOB="439083a8860fc4f205ed177a0613f60dc5045941e0dcc821d9b2c36e5fc6b5c334df1b909588dff94d8f5dd6d49b48b2b8141a8b87f5298c6b614fdbfbc7615468e03596dee6acd682dfa09b5b427b4e4dd7dbdb5dfbb67c0919372e271593f6ccde2aa54e4aac13aec95ecb8875495e47ae188fa435c10b6be3a98ebe9da7873d3f1c7cd9ef5f49a8679074851b38919c43f451b8045edb49ba4f612c8d1024638393d09c41ae21610a1707000000e4000000528126898f908870c1e9ed496000d0b4945e9581d3359ad2de0a9145fdb796fa1c13b54eee423d7573fdff82dc14e72477d3fb8d4c9d47f2da674cdb4b1f788f5b59d8e87f79b4e1a11ec886054a6a0173856ead2d5fd6ca32a11888e9fdffffffffffffff4589e8e480a1bdf8e35fc516289f55554513086bd7c48655151993360717a12ae1fbc462154f23cdfe8187b7c50d33"], &(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:27 executing program 5: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000040), &(0x7f0000000100)=0x6) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="5084a5c2a22049305909d2b7bc50c0de346fa9958b734ce5"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 331.939991] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 331.945039] ? kasan_check_read+0x11/0x20 [ 331.949202] ? do_raw_spin_unlock+0xa7/0x330 [ 331.953626] ? do_raw_spin_trylock+0x270/0x270 [ 331.958221] ? d_delete+0x220/0x220 [ 331.961863] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 331.967072] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 331.972294] ? _raw_spin_unlock+0x2c/0x50 [ 331.976452] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.982001] ? hashlen_string+0x1f2/0x300 [ 331.986174] d_alloc+0x96/0x380 [ 331.989466] ? ktime_get_coarse_real_ts64+0x22e/0x370 22:09:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 331.994668] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.000223] ? __d_alloc+0xb90/0xb90 [ 332.003960] d_alloc_name+0xbb/0x120 [ 332.007682] ? current_time+0x10b/0x1b0 [ 332.011662] ? d_alloc+0x380/0x380 [ 332.015205] ? timespec64_trunc+0x180/0x180 [ 332.019550] simple_fill_super+0x463/0x600 [ 332.023801] nfsd_fill_super+0x4f/0x60 [ 332.027705] mount_ns+0x12e/0x1d0 [ 332.031174] nfsd_mount+0xa4/0xd0 [ 332.034641] ? nfsd_mount+0xd0/0xd0 [ 332.038280] ? nfsd_umount+0x80/0x80 [ 332.042012] legacy_get_tree+0x12f/0x260 [ 332.046094] ? security_fs_context_validate+0x80/0xa0 [ 332.051301] vfs_get_tree+0x1cb/0x5c0 [ 332.055114] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 332.059889] do_mount+0x82a/0x1ff0 [ 332.063454] ? copy_mount_string+0x40/0x40 [ 332.067705] ? retint_kernel+0x2d/0x2d [ 332.071619] ? copy_mount_options+0x1e3/0x430 [ 332.076127] ? __sanitizer_cov_trace_pc+0x3f/0x50 [ 332.080989] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.086545] ? copy_mount_options+0x315/0x430 [ 332.091067] ksys_mount+0x12d/0x140 22:09:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 332.094708] __x64_sys_mount+0xbe/0x150 [ 332.098701] do_syscall_64+0x1b9/0x820 [ 332.102599] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 332.107974] ? syscall_return_slowpath+0x5e0/0x5e0 [ 332.112911] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.117768] ? trace_hardirqs_on_caller+0x310/0x310 [ 332.122795] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 332.127821] ? prepare_exit_to_usermode+0x291/0x3b0 [ 332.132857] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.137723] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.142928] RIP: 0033:0x457569 [ 332.146117] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 332.165019] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 332.172723] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 332.179978] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 332.187231] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:09:27 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000000000000, &(0x7f0000000100)) 22:09:27 executing program 0 (fault-call:1 fault-nth:69): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 332.194510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 332.201765] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 332.327717] FAULT_INJECTION: forcing a failure. [ 332.327717] name failslab, interval 1, probability 0, space 0, times 0 22:09:27 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[@ANYBLOB="9c2c81761709d7b8d063f213d963906e10d0b69bd42d634e4170921a65400da5bac6444c6f40dc631373295128147238603c09bfc31a3235c3ee840df811d4820497a0d84e13be7eba57c5ddce120ef96b719d3df6f70becb2c1a74e9508fe225cc29879985c36a0991302f2333963115c7cd20598fb37d66c29fee495ff9552a2031cd1e3ecb6dc2f60625476360b6b4d5c7fe3a52f499b3ef0ad1f848fa93ee85d"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 332.391863] CPU: 0 PID: 10930 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 332.400149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.409511] Call Trace: [ 332.412126] dump_stack+0x244/0x39d [ 332.415781] ? dump_stack_print_info.cold.1+0x20/0x20 [ 332.420992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.426546] ? check_preemption_disabled+0x48/0x280 [ 332.431582] should_fail.cold.4+0xa/0x17 [ 332.435655] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736410", 0x0, &(0x7f0000000100)) [ 332.440781] ? rcu_read_lock_sched_held+0x14f/0x180 [ 332.445816] ? __lockdep_init_map+0x105/0x590 [ 332.450320] ? zap_class+0x640/0x640 [ 332.454058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.459604] ? d_set_d_op+0x31d/0x410 [ 332.463400] ? find_held_lock+0x36/0x1c0 [ 332.467453] ? __lock_is_held+0xb5/0x140 [ 332.471506] ? perf_trace_sched_process_exec+0x860/0x860 [ 332.476946] ? do_raw_spin_trylock+0x270/0x270 [ 332.481516] __should_failslab+0x124/0x180 [ 332.485738] should_failslab+0x9/0x14 [ 332.489527] kmem_cache_alloc+0x2be/0x730 [ 332.493663] ? __d_alloc+0xb90/0xb90 [ 332.497365] alloc_inode+0xb2/0x190 [ 332.500981] new_inode_pseudo+0x71/0x1a0 [ 332.505032] ? prune_icache_sb+0x1c0/0x1c0 [ 332.509256] ? d_alloc+0x380/0x380 [ 332.512777] ? timespec64_trunc+0x180/0x180 [ 332.517087] new_inode+0x1c/0x40 [ 332.520440] simple_fill_super+0x29d/0x600 [ 332.525189] nfsd_fill_super+0x4f/0x60 [ 332.529064] mount_ns+0x12e/0x1d0 [ 332.532509] nfsd_mount+0xa4/0xd0 [ 332.535948] ? nfsd_mount+0xd0/0xd0 [ 332.539559] ? nfsd_umount+0x80/0x80 [ 332.543261] legacy_get_tree+0x12f/0x260 [ 332.547313] ? security_fs_context_validate+0x80/0xa0 [ 332.552490] vfs_get_tree+0x1cb/0x5c0 [ 332.556281] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 332.561071] do_mount+0x82a/0x1ff0 [ 332.564598] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 332.570125] ? copy_mount_string+0x40/0x40 [ 332.574348] ? copy_mount_options+0x5f/0x430 [ 332.578786] ? kmem_cache_alloc_trace+0x353/0x750 [ 332.583624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.589149] ? copy_mount_options+0x315/0x430 [ 332.593632] ksys_mount+0x12d/0x140 [ 332.597268] __x64_sys_mount+0xbe/0x150 [ 332.601237] do_syscall_64+0x1b9/0x820 [ 332.605109] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 332.610465] ? syscall_return_slowpath+0x5e0/0x5e0 [ 332.615385] ? trace_hardirqs_on_caller+0x310/0x310 [ 332.620399] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 332.625408] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 332.632062] ? __switch_to_asm+0x40/0x70 [ 332.636117] ? __switch_to_asm+0x34/0x70 [ 332.640180] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 332.645014] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 332.650198] RIP: 0033:0x457569 [ 332.653658] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 332.672551] RSP: 002b:00007f7bc7b74c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 332.680250] RAX: ffffffffffffffda RBX: 00007f7bc7b74c90 RCX: 0000000000457569 22:09:28 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x400000000000000, &(0x7f0000000100)) 22:09:28 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:28 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1020, &(0x7f0000000100)) [ 332.687507] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 332.694782] RBP: 000000000072bfa0 R08: 0000000020000100 R09: 0000000000000000 [ 332.702050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b756d4 [ 332.709308] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:28 executing program 0 (fault-call:1 fault-nth:70): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:28 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="6889b1299f6c0c1e09ebbef609000000000000004c2cdb68c76c99002b48eab79b34c83e8a0000ffe400000066954c6131c61400"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x100) [ 332.905431] FAULT_INJECTION: forcing a failure. [ 332.905431] name failslab, interval 1, probability 0, space 0, times 0 [ 332.930065] CPU: 0 PID: 10959 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 332.938326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.947680] Call Trace: [ 332.950284] dump_stack+0x244/0x39d [ 332.953925] ? dump_stack_print_info.cold.1+0x20/0x20 [ 332.959144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.964684] ? check_preemption_disabled+0x48/0x280 [ 332.969729] should_fail.cold.4+0xa/0x17 [ 332.973798] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 332.978910] ? rcu_read_lock_sched_held+0x14f/0x180 [ 332.983932] ? __lockdep_init_map+0x105/0x590 [ 332.988430] ? zap_class+0x640/0x640 [ 332.992147] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 332.997687] ? d_set_d_op+0x31d/0x410 [ 333.001494] ? find_held_lock+0x36/0x1c0 [ 333.005559] ? __lock_is_held+0xb5/0x140 [ 333.009623] ? ieee80211_tx_dequeue+0x2248/0x36c0 [ 333.014481] ? perf_trace_sched_process_exec+0x860/0x860 [ 333.019933] ? do_raw_spin_trylock+0x270/0x270 [ 333.024542] __should_failslab+0x124/0x180 [ 333.028785] should_failslab+0x9/0x14 [ 333.032592] kmem_cache_alloc+0x2be/0x730 [ 333.036747] ? __d_alloc+0xb90/0xb90 [ 333.040465] alloc_inode+0xb2/0x190 [ 333.044787] new_inode_pseudo+0x71/0x1a0 [ 333.048851] ? prune_icache_sb+0x1c0/0x1c0 [ 333.053088] ? d_alloc+0x380/0x380 [ 333.056629] ? timespec64_trunc+0x180/0x180 [ 333.060959] new_inode+0x1c/0x40 [ 333.064330] simple_fill_super+0x29d/0x600 [ 333.068577] nfsd_fill_super+0x4f/0x60 [ 333.072461] mount_ns+0x12e/0x1d0 [ 333.075918] nfsd_mount+0xa4/0xd0 [ 333.079380] ? nfsd_mount+0xd0/0xd0 [ 333.083018] ? nfsd_umount+0x80/0x80 [ 333.086745] legacy_get_tree+0x12f/0x260 [ 333.090814] ? security_fs_context_validate+0x80/0xa0 [ 333.096013] vfs_get_tree+0x1cb/0x5c0 [ 333.099828] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 333.104588] do_mount+0x82a/0x1ff0 [ 333.108133] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 333.113679] ? copy_mount_string+0x40/0x40 [ 333.117920] ? copy_mount_options+0x5f/0x430 [ 333.122339] ? kmem_cache_alloc_trace+0x353/0x750 [ 333.127187] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 333.132730] ? _copy_from_user+0xdf/0x150 [ 333.136883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.142422] ? copy_mount_options+0x315/0x430 [ 333.146923] ksys_mount+0x12d/0x140 [ 333.150563] __x64_sys_mount+0xbe/0x150 [ 333.154557] do_syscall_64+0x1b9/0x820 [ 333.158452] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 333.163822] ? syscall_return_slowpath+0x5e0/0x5e0 [ 333.168757] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.173613] ? trace_hardirqs_on_caller+0x310/0x310 [ 333.178633] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 333.183652] ? prepare_exit_to_usermode+0x291/0x3b0 [ 333.188674] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.193524] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.198717] RIP: 0033:0x457569 [ 333.201914] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 333.220821] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 333.228538] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 333.235809] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 333.243082] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 22:09:28 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20000000, &(0x7f0000000100)) 22:09:28 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xfffffff0, &(0x7f0000000100)) [ 333.250360] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 333.257635] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:28 executing program 0 (fault-call:1 fault-nth:71): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:28 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:28 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000000000000, &(0x7f0000000100)) 22:09:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e6673648c", 0x0, &(0x7f0000000100)) 22:09:28 executing program 5: clone(0x802182001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d030100000000009500000000000000712600000000000035060000ff000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d43010000000000950000000000000061540000000000006b25000000000000070500000e0000000f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) exit(0x10000000003) removexattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@random={'security.', '/\x00'}) write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x71, 0x2, {{0x80, 0x0, 0x8}, 0x401}}, 0x18) r1 = dup(r0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 333.447598] FAULT_INJECTION: forcing a failure. [ 333.447598] name failslab, interval 1, probability 0, space 0, times 0 22:09:28 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00, &(0x7f0000000100)) [ 333.499106] CPU: 0 PID: 10974 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 333.507381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 333.516762] Call Trace: [ 333.516791] dump_stack+0x244/0x39d [ 333.516816] ? dump_stack_print_info.cold.1+0x20/0x20 [ 333.516840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.516859] ? check_preemption_disabled+0x48/0x280 [ 333.516883] should_fail.cold.4+0xa/0x17 [ 333.523294] ? fault_create_debugfs_attr+0x1f0/0x1f0 22:09:28 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e66736410", 0x0, &(0x7f0000000100)) [ 333.523326] ? rcu_read_lock_sched_held+0x14f/0x180 [ 333.553257] ? __lockdep_init_map+0x105/0x590 [ 333.557764] ? zap_class+0x640/0x640 [ 333.561495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.567054] ? d_set_d_op+0x31d/0x410 [ 333.570877] ? find_held_lock+0x36/0x1c0 [ 333.574953] ? __lock_is_held+0xb5/0x140 [ 333.579048] ? perf_trace_sched_process_exec+0x860/0x860 [ 333.584509] ? do_raw_spin_trylock+0x270/0x270 [ 333.589109] __should_failslab+0x124/0x180 [ 333.593367] should_failslab+0x9/0x14 [ 333.597190] kmem_cache_alloc+0x2be/0x730 [ 333.601358] ? __d_alloc+0xb90/0xb90 [ 333.605104] alloc_inode+0xb2/0x190 [ 333.608741] new_inode_pseudo+0x71/0x1a0 [ 333.612823] ? prune_icache_sb+0x1c0/0x1c0 [ 333.617076] ? d_alloc+0x380/0x380 [ 333.620628] ? timespec64_trunc+0x180/0x180 [ 333.624967] new_inode+0x1c/0x40 [ 333.628349] simple_fill_super+0x29d/0x600 [ 333.632603] nfsd_fill_super+0x4f/0x60 [ 333.636506] mount_ns+0x12e/0x1d0 [ 333.639979] nfsd_mount+0xa4/0xd0 [ 333.643440] ? nfsd_mount+0xd0/0xd0 [ 333.647076] ? nfsd_umount+0x80/0x80 [ 333.650802] legacy_get_tree+0x12f/0x260 [ 333.654897] ? security_fs_context_validate+0x80/0xa0 [ 333.660366] vfs_get_tree+0x1cb/0x5c0 [ 333.664189] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 333.668957] do_mount+0x82a/0x1ff0 [ 333.672513] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 333.678126] ? copy_mount_string+0x40/0x40 [ 333.682380] ? copy_mount_options+0x5f/0x430 [ 333.686803] ? kmem_cache_alloc_trace+0x353/0x750 [ 333.691653] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 333.697197] ? _copy_from_user+0xdf/0x150 [ 333.701359] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 333.706908] ? copy_mount_options+0x315/0x430 [ 333.711425] ksys_mount+0x12d/0x140 [ 333.715072] __x64_sys_mount+0xbe/0x150 [ 333.719066] do_syscall_64+0x1b9/0x820 [ 333.722970] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 333.728343] ? syscall_return_slowpath+0x5e0/0x5e0 [ 333.733278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.738131] ? trace_hardirqs_on_caller+0x310/0x310 [ 333.743154] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 333.748178] ? prepare_exit_to_usermode+0x291/0x3b0 [ 333.753207] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 333.758070] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 333.763268] RIP: 0033:0x457569 [ 333.766468] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 333.785551] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 333.793271] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 333.800546] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 333.807908] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 333.815184] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 333.822457] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:29 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff8c, &(0x7f0000000100)) 22:09:29 executing program 0 (fault-call:1 fault-nth:72): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:29 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00000000000000, &(0x7f0000000100)) 22:09:29 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00000000000000, &(0x7f0000000100)) 22:09:29 executing program 2: clone(0x4000000000200, &(0x7f0000000040), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f00000001c0)) mknod(&(0x7f0000000180)='./file0\x00', 0x103e, 0x0) execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000500)) r0 = inotify_init1(0x0) r1 = getpid() fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff) kcmp(r1, r2, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) kcmp$KCMP_EPOLL_TFD(r1, r1, 0x4, 0xffffffffffffffff, &(0x7f0000000440)) open$dir(&(0x7f0000000000)='./file0\x00', 0x4000000027e, 0x0) 22:09:29 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00000000000000, &(0x7f0000000100)) 22:09:29 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) statx(r0, &(0x7f0000000040)='./file0\x00', 0x6000, 0x2a1, &(0x7f0000000100)) [ 334.443331] FAULT_INJECTION: forcing a failure. [ 334.443331] name failslab, interval 1, probability 0, space 0, times 0 [ 334.472528] CPU: 0 PID: 11027 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 334.480789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.490151] Call Trace: 22:09:29 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x20100000, &(0x7f0000000100)) 22:09:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 334.492756] dump_stack+0x244/0x39d [ 334.496410] ? dump_stack_print_info.cold.1+0x20/0x20 [ 334.501628] should_fail.cold.4+0xa/0x17 [ 334.505703] ? find_held_lock+0x36/0x1c0 [ 334.509783] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 334.514904] ? lock_downgrade+0x900/0x900 [ 334.519074] ? check_preemption_disabled+0x48/0x280 [ 334.524107] ? zap_class+0x640/0x640 [ 334.527845] ? find_held_lock+0x36/0x1c0 [ 334.531924] ? __lock_is_held+0xb5/0x140 [ 334.536011] ? perf_trace_sched_process_exec+0x860/0x860 [ 334.541481] ? zap_class+0x640/0x640 [ 334.545217] __should_failslab+0x124/0x180 [ 334.549468] should_failslab+0x9/0x14 [ 334.553283] kmem_cache_alloc+0x2be/0x730 [ 334.557438] ? find_held_lock+0x36/0x1c0 [ 334.561526] __d_alloc+0xc8/0xb90 [ 334.564985] ? d_add+0x5f9/0xa10 [ 334.568371] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 334.573422] ? kasan_check_read+0x11/0x20 [ 334.577583] ? do_raw_spin_unlock+0xa7/0x330 [ 334.582007] ? do_raw_spin_trylock+0x270/0x270 [ 334.586612] ? d_delete+0x220/0x220 [ 334.590250] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 334.595454] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 334.600663] ? _raw_spin_unlock+0x2c/0x50 [ 334.604825] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 334.610377] ? hashlen_string+0x1f2/0x300 [ 334.614560] d_alloc+0x96/0x380 [ 334.617857] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 334.623071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.628623] ? __d_alloc+0xb90/0xb90 [ 334.632359] d_alloc_name+0xbb/0x120 [ 334.636087] ? current_time+0x10b/0x1b0 [ 334.640074] ? d_alloc+0x380/0x380 22:09:29 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffffff00000000, &(0x7f0000000100)) [ 334.643619] ? timespec64_trunc+0x180/0x180 [ 334.643646] simple_fill_super+0x463/0x600 [ 334.652538] nfsd_fill_super+0x4f/0x60 [ 334.656437] mount_ns+0x12e/0x1d0 [ 334.659904] nfsd_mount+0xa4/0xd0 [ 334.663371] ? nfsd_mount+0xd0/0xd0 [ 334.667016] ? nfsd_umount+0x80/0x80 [ 334.670756] legacy_get_tree+0x12f/0x260 [ 334.674834] ? security_fs_context_validate+0x80/0xa0 [ 334.680053] vfs_get_tree+0x1cb/0x5c0 [ 334.683871] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 334.688646] do_mount+0x82a/0x1ff0 22:09:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff7f00000000, &(0x7f0000000100)) [ 334.692207] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 334.697760] ? copy_mount_string+0x40/0x40 [ 334.702019] ? copy_mount_options+0x5f/0x430 [ 334.706450] ? kmem_cache_alloc_trace+0x353/0x750 [ 334.711308] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 334.717085] ? _copy_from_user+0xdf/0x150 [ 334.721252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.726800] ? copy_mount_options+0x315/0x430 [ 334.726825] ksys_mount+0x12d/0x140 [ 334.726847] __x64_sys_mount+0xbe/0x150 [ 334.726867] do_syscall_64+0x1b9/0x820 [ 334.726884] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 334.726913] ? syscall_return_slowpath+0x5e0/0x5e0 [ 334.735033] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.735054] ? trace_hardirqs_on_caller+0x310/0x310 [ 334.735073] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 334.735091] ? prepare_exit_to_usermode+0x291/0x3b0 [ 334.735113] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 334.777939] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.783137] RIP: 0033:0x457569 [ 334.786342] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 334.805255] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 334.812973] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 334.820251] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 334.827522] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 334.827532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 22:09:30 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0xc080, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000280)=0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000300)=0x0) kcmp(r1, r2, 0x4, r0, r0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vcs\x00', 0x200900, 0x0) statx(r0, &(0x7f0000000100)='./file0\x00', 0x1800, 0x40, &(0x7f0000000140)) mount(&(0x7f00000002c0)=ANY=[@ANYBLOB='/Oev/loop0\x00'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000280)) faccessat(r3, &(0x7f00000003c0)='./file0\x00', 0x0, 0x400) ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f0000000380)={0xb, {0xff, 0xf00e, 0x4f}, {0x7fffffff, 0xc8, 0x8, 0x9}, {0x73d02442, 0x8}}) write$input_event(r0, &(0x7f0000000240)={{0x0, 0x7530}, 0x11, 0xffffffffffff8000, 0xf7}, 0x18) [ 334.827540] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:30 executing program 2: clone(0x802182001ffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000140), 0xffffffffffffffff) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d030100000000009500000000000000712600000000000035060000ff000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d43010000000000950000000000000061540000000000006b25000000000000070500000e0000000f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) exit(0x10000000003) removexattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@random={'security.', '/\x00'}) write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x71, 0x2, {{0x80, 0x0, 0x8}, 0x401}}, 0x18) r1 = dup(r0) ioctl$sock_inet6_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000240)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2000000, &(0x7f0000000100)) 22:09:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:30 executing program 0 (fault-call:1 fault-nth:73): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:30 executing program 5: r0 = syz_open_dev$admmidi(&(0x7f00000001c0)='/dev/admmidi#\x00', 0x7, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x81, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in=@broadcast, @in6=@local}}, {{@in=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000040)=0xe8) connect(r0, &(0x7f0000000140)=@in={0x2, 0x4e20, @rand_addr=0x16}, 0x80) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) socket$inet6_udplite(0xa, 0x2, 0x88) 22:09:30 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x0) io_setup(0x7fff, &(0x7f0000000200)=0x0) io_submit(r1, 0x5, &(0x7f0000003540)=[&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x9, r0, &(0x7f0000000240)="103ee8d4f3be608f8cbc2d3da528cc513a66f2b8f864b5be6b71bfdbad4951359320f0e259f6b29e61b792d72698b964f42f0927288f84a2966ce0e5b5884b5b869847e27aab0e45a007d43af8161fa2d9790a6774fa689013c8747d9612507efa3c03535b849f86bbe4b10b6684cf6a57bd8bb4ec8b21beea8c0e605d6ece9e0b00a711325fd66e9dacdc93fa01212e12539a4dc6ffc38d96fb0560a41a956f6d11cc349c0c1eefd5142462e9ef9d4308de568ccafdfc0eb0901781838a44b302067a875479c6a8eb1ee10613183fc3d3d36dd475cb98cbc7f5f778560e467ee401ceaab009959bdfadb303b02f85d8241109036155440f0813d0fb961cb381c15cd7e6ed45847a3c2a8f7d4e4c33954203f993a3b402fbc1cb08000591308530a3ecc49b29d8cebf7cfe0331284b65ee1e9edb280215a779ffd308872d20300f686600007a847accc03d4bf5795809d571af6554ef2ce6a2bc49fd18b65216ddf082a8c2666ca935d230656a76888d2eb74a05c4c39c6e29115caf6fd718a1e449a397d06786eabc7f680421edebc74a6bab04b48f5cf239b80f23df4e03620ce48e3fd2d561c0cce873b62908b3c1b73f8ce880ce541d8b2d62479270647e805ac25663d32d5705d36b11de06e5e1614866a905e041bb8f29e0773b812e50f024a91bc9cda49d890daa739a1ca329db79403ac8dae31ae1f22206f9262c42a2c759408a640c42df7d77c07357a47acfc854175b5158d5fb59967c38bc76023ebb0d289078d5d6ffdad665eeb9b97b40553a0cbaf2e2bbaf1e13ed4200c23c7c501780890621a2d456ad27d90431baba8f5f611175566369864e8b0592b26947be46a224b57fb9a2d0f9ef25e4078d7ccfa87a0d7724d71bf4adddafbcac1cad1f9aa4fc7661fe25bbe98248293c0dd1ee70cb2655091c579c651e8d6d49715f924e25afc3d5fdfa0ef2073afff1dddb164b033a3a66758841650ac87987adfebb93e76c1f540f023d38c9cc62dabc3b0c0eafe2849217e31334c97faca5f1e2085a9809db4ede676cbdda785db040a48b72701b8c5b3b998f6e4f8e308c113ba8aedc47e6c9b92f06550bf5976a3421f854243d8773bcd3f6fefb4bb70aa6814a50a99121fa44f4dd60a994788049d6ab8f83f328449ccbf7522d7435389d7d0effeb164f8ec2686221c31cc8d8e64d855479d5cd1529b5a55244448c85f31691754ca695f0928df8039dd73927f56c4151e95626b14085abd1ff80566a3830699443a4e545e35319f8de06fa219b3a4bfac3a6111ddafef9c471af68594b7537ef7146abd0d6dd94e75a97e5761fe20ef8a215dca977b9440b0bbe8d16cecd5dbf0d69a6e39b47b8a6d0815106b56448c157aa098d7e215eeda8a0e404bf05dea3df16686f4e974c1855b76a74f05c8d0d0e2865ce879777909c287bc0bc2532cb44457d4d28230c45985841f24451c7902eaa9b0455e6914de87b5a15ea8ee44fb8f76bde78903e07dc0130996cefe7f35689d2dd896dd4549c2ac2c8716e7fc7585197c6cdaa766bed4a185f1417bd49c8c6f96a6fb48a691bea490a7baea6c6dedde20ff4a72c65c59be80755bc6ba9d19efe6beceb23753c5a4e3c66b07969e1612bfdb11a5b10bfb939d2aa8d6b764e3687a1f50267073bdec9369deb51cb83c9c8b3f231ac219e75e12214dad59800e79c0e3a5c2c1feded4a4ebedd28b11d5794964c48b33331f0c61a929e75d8cc858d7eff90f596568c2d6db4d5ffedbdce0b08b3390ae135d1dcf1d5ad76aaca352085c6ebfc6aa5c301dbd383aab2bdd1fd63c995897fcb9b1a599cd27035057eabf2d56989170d12dfeef1ffe4affd4effab06921f5a194a561651f69d93313d8a83c18cc4088789a7217b754980fc32d7b145f62aaeccf9db036cfde1efe2e5add3605c18c5f91ed6299bbcc59a90ae90b399760a965eb2547d2b7303ca0465509fe2eba527b17da68f889f0c143af398425fc94bcd09b4da9712113ffd5d0aa6c8c9a86d8984f5f1d74fb98c578c9ec4490a58232a2403b7af83233fcaa151def2699783f0652afbd539a550223e96d82f9c3360c9f727153fbaff2f11074408d41bf719b3b4875afe4bfc33b97cb2cb71d11988d39c50aec8a7ffcfc293ceebe606adfe7b919d2b28670c9de7f07505f7635ad357028b3920bee27c4cc89a7b751c0da1953d58b2e826fa917e9fac62473a8e105a985e1995533ac03c5a07dc7dcc6580c8fbfe4e151c2f997caa9aacd81a0ea51abff1fd987e088258a862005f48bc86c7d748ba97289fc825355f32d5f76da2b01e3b101a7b624df3452cb3e59a2bc4f211b9c83e0c0fc3bbc26f44c92f21f38229e216127e7093639e0cd021b0331de8f8cc7d4c0692d9974ef5d173723f145bd39c5505ee0d03541d860834fe95c13f156d0e325e2ae91ea88360d39996fd488c4e315091a54f21c03d01c41abfa89d2345637bef346910733341b9ef7708d96cee59048bb67281f00453c0733820c3b265874bb4f9cb538b5c82de17b2cf9cf073c03f023ca59dcf8d8440538f79c0444cd9f8fde69399a45c30c7bdd041d285037344879cd35e032c2a62d7302466e6c5cbcd6a52277d0a660f90b7d646b599d7ef23c392da63b2cb1f72c317784bddc0cdd11b28bb3f2aa5c5caf5d23b5163f1a1576a99d5cea4e052083f8184afc3fd29011a60124b4144d7b978b985dd3c68cf1935a9a3f5f84cf20656f4297a0cd1049187c8f0909575be1518dbe2eae2d3cfea49e782bb7dfbc831d08a050e79aac6f0c2b3a89403ad39a1aa082b1ff269ea39a662f5ed84f92342bf3fbdafc633ddbaef9eba89145880608e668db251fedc768d2f31c61b19fb0a625d018ccf5ec5a9be180dfe20b44d5d18976344c669150b6ef3c46ca46a4fec759aa234c7eb48fae5535ee333a8bc2073b45971e8598c94f72cf89bddad314cbfd783f55ae001be41ba565010cf9efb7b5f03c1b7948e73cc3a14bb4cf64c153db551d853c5ff5630607acad9b7c282cc966e7ad717e08bb4977583d9a51ae2d8966878aa15dac851fc17747a07288d964fdb1c0edc937c3cdb9c6c521dc1a31ef88180db8b7deb48ce264e8fa5240d14fc0ee86c0a69829a0a2098f296d506d29ea2b9329c6af889110db71bafd0bf9e723b234989c541530fa7edc0b693d3cc6ffa3dd9baa8f6496a1eb75dc8c35263b2c1e791dc455c2a82015896e57a3193ac4e857ecf4ae30966c77fbbec8d6e4977b8d4292464b4b7c16c2b8528e94bf2dad779b1d59c743558126df0053de88273e32f83f83cda9f34741e21346cd7e01b517cb64cd57cc8613d6bcf1e6721c3c7b0f0e4b4e58c75b33b4654638f12349b23b6273ee0426d988da017cfd464c80c52424b14040292d5fe49585ef716124657b3c7b00fde71483119e0096dd8b21969ed7c1d5a6164245a1ba1a469ffbdbbb6c1e2daa9fdcf6358a7d361ae797965ae1b58cbaf417e2332d819af17e8248c48eba939dc85aa55494b3eb860cad90def05abd4f3d5915ee0b2986db810402222ff21738bdfa1655ae93197700b8d524d37a5a8d3dda0ed5f16044fce1a478d2dceb8966ecd241b1297ce54fb920c759630584eb993ca8b21447b841d5ef94f85317ff01426685f5570d9beca94531efac9e39c0e42d62a4696671348fc284022a96260b32b7959be8976a295fa3d6dcea37b92c262abfa285885cb29ca7ec4547f4faa5ea3a483b25cfaa1c1a8a998e0ea203d4a4f363204320a66bb4afe6b41192d940eea55f1b931f1147e6bca6bb73f0d5345070b6ae40ec711552db0360fc3ce7ddb9b1bbb746aea40a0e55fc17c6e56704d7637e41ea59e1f77eb2ecb3d01e05821dfa2f8ee0c90dc32e47f92071f028ac4901c1fd922f1599a38614186991b859c45d1a8d35ab9c0fa4e5f1b3e30dbb4f0c7ba3ed2ad07f33b8f040fd329c223941cacc63befbb295ce216557599d8221808d745b4052da35bcd30af2fc9cdc34643a5d8433cf44c43bbd13573cfbb443268360f4d15276c9297034e5bd3838b9358acf4e2a35e2a66acafe927b386a8bdddae7bb1556ef1d329a78cf34d72c576ccc8727ae3451339734137997ea4b35e156411ae3784e3ecb383811192bfbcb17fa7489ff538484f3dbde29ac412696fae1eca0fdb665eeb5f871ce86d8ce2d00e6849d5b32d2e3319f56027f378b30a504f5701c9ce7a52d5808277a4ad37b3bb0ec584367472833ff8810d8916e55ab4b5a042466a88f2442ad646ced0126936d94d39b92c5f324d52ca2f02b775e7016a2cc474ff23bfb80a16dd210b85b1bf2b13e5a50fb56cb5f4b22b2bf47265123fdf9f559ed311816f5e411fd2b4a7c35d2190f2bd8d6d35da20b5db9dc198d7a2868adbaaac5c84def33494424723d3cd90f97fad97781fea5086017c566933450c0be6f22d44ae39dcb8e049f476e1f9c11280aa6983e09f3dbd4b9b2c594057eab7f567627133c2c769186eb9d9c675ba8287f54f7840d17d4af52eceff87aaedde06098045777ddf8cfd25c595e907dd54867dfb5929cd55bf63004e457c0890a25b7f56f9b1de4ae0769dd656aed401b3fc6a8f23fc6e616c98e1f786e9ed13f88f9d2fbd82ab3a9a3b1e24cfb0a66fd2335ae9f3bdafe2165322151974a0bd5c01cb828ce284628efd7f921103bcdf97afb4a0091f798685349259fbe9a34ab883c586a19b8032b40c831652070b2dec2f31d0b79114767d44aa9744c4e33744814c58c6cf7661bad06039076a8075e0449ca5fbbca01c240f48320fde129f3e0072e8267c2fbd794924107316fa81fbc7104f105b03af75900262fc4e27adc63f230537b48fce068a0ee16fff189a27ab41ab1e42683596245da1210fd6c2cfa9f488e77b8f2d50cd80c226ac7c8d903d316f2cf461a59312a5e2a34364b932c278512400b6c0a23229771b0def8274e76eb9c93ae977c88529fcecbbc0823838df5743a67d80f32c5593762e328c0830d8ed6d7b6545ffaca58dd2ee7bb64a399246497ad99750a236f22381bd76718a2ffe9b8143ab5606b08ae3605abda86529077589a1f12b326b45140aaf28812cf649c6991d8ebccaf1decb07a84d7357b72314e2675a444d5613ce1d111cf070e07ea61999a5637146483b719644eae0685c5d05d27e3e2f95faf13bf1f8454db5df9d1b2e5ae96dbb8923b2f69ad69a9a21d07fba45ce4844aa255a6fb89f84cd913b12d445a9a34ca7b91185a376d1589d30fc369ccad96c8175efa0cf417d406ca8d1cb152ecc24eaf66cb88774836b761d65d01986dd071bc49c047739dc2cfb32c33e730c3d5e82b772f8a677dc4ae0ec8c025290373e03c36175420a2e8857981424c77522fa541b211c119311b01d64ea5bf14224713b76dacccf3cc835ec7016cf98fb51f17b6e2c125fd2f0e029b079cc2321f4dc0738b7610eb913f54d03e3eb0e8a0d29f22f011da7b81e5cb4cb71d3b7cadaeec18f71767b81ce40aae0c4c47eae66636f886fdb6e1dbcf26d602a7b28a3e304574bf7512ef39f80717bd78c57b3d08990e49585aa7c0ad3567b1e4de3666d840d912ee0e2ca076a51b2e5f6388978e0896e0891b33aebdd9460b1738f150add53123a8766e712765359d0195bac130b7b5f878fded0b46566e8d78f445f52dd9701f1eeb34e84d37bd1211446aa8940046aec49cbb75de263afc19244fe1b1fcd82d00d1f52b988682254c29976edd860129a2445ebfeb66fd327417495f5e4210197ae", 0x1000, 0x1, 0x0, 0x0, r0}, &(0x7f0000002280)={0x0, 0x0, 0x0, 0x7, 0x10001, r0, &(0x7f0000001280)="c80c895eae864741aaaa6399f194a94bf0c8c3f93a9a47996a38f38163de3bdfa0a021628e25d8900bc92f31b7d3637067c1b00a27c1b413158925ba5c1521e45987f145e64cf84dbb8defa3d6d12e546de8b7a6b5f9931da6f6fb1dc9b78a1e169d9a93be06d773539af098ad09ad584c4f153a7b5439812b7f341a3f3b86e08cafa7802582231b6a83adf957d7015c5218c5a87e71464f6fd4582c4f578a410dfdb6517fd42b86940382173279b21adc004af78bc44de9a5a4fb8b66e38fee33655ed9a4e94f84ee1e7584063ce84ac2d9df077484f1aa57b86559f18c72e36e4d4fb36a66c22c6a5e419e3d7041b9e0db8eb91f2231ba3a9f42e2e016cc0b04ccb18452cedcbfb04c1d2b99e3b029a7807f810426639121963766ec81cce84eb42a383b45c8cff1034d1848d8003534bbc13d73223788ad70b48a22faf7d5abde9c7cda648ae9ff85a0f45257671260c8b303a5b83dd9766c07bbc7f8c50b5ba6a019b46f0d896aaad9e62c53c4b311459fb83a772433271f0cc45077e49c1adbc08cb5fc237a2c0c44f999eda1e94f141e82ee433e1688caae2821fbba05b39e1016d67210c7c0eaabe484022814d2f1933cfbfcdeffdc1021cffa98e636286e2f2bda55ccb83b5889f1c3f05c6f78a16eef8dded52c184ecfe9131c46c69ed413666e5b9767fdb0897eb49d9f7d5fced5df923a1b28935336d1e39cc21e51e1cc7c6d6da704360cc057298a9f0c106eb8fb4f092bbe225f0eb07098fecff729518ca156e0ebf944ebf9ff626fa548614e4e7e27437f3fc42a8f8cddcee556355370eac3e6b965bf37447927e2ffea2ab9317b6c19a443ecab77661d7c301fe926628aedf9e784da06f8507043b6d41ea0dbb3fc0877c15e2b3dc46733655432a82ede120730fd5650c397b3e74b5ecae6e74d6a10380451c6a00ebad2fb70415a04cfe790faa4786d84fa504f28ee6b44c5106a90b7bdbb07749b0f213eb16d855142d26f329acda9ced9a8f133853da8ab7f14d7f7386f73c92d49d0e81e1f229372b1fa3fb0c64827c0147899df647d92d7b5ab063c55ddd8d63fdfad7b161f55b3bdc0b02b156a684a96b79f1f9cd95840ba574da83298273ab879d2726e485de59f8e19dd98e315ec59e3c1a9d631c511920037a35f9ddc867146def29815b8b44153adde816368ffcd97afc1e4ef72931b7d2158a8a2175a4533e6cc9cae0cff572bc9f06117455b164723b19e6b2a88ed7e1b7dbb40f27a1c58926afe57dc207cccfa7a0f767316c59c6720166f1b50159bb5a0b2e172bd8f89922afa47c04bd85410bea54619f876cd32c32344ffbd0cc10767ab34357cc05babcf8f85f9351df4fb6197a134c860c232845125c0c867069651a691f945bd440b0f46c95ea7a28f04047c680cb6ce3320fc3da211d6b0c7820a5eee69227b1a2c38f07a5405e87c6cf0e83962dbfe53b29f0e521b5192bd9dc04ce5650131ccdf0d4fc7b4ae0c7392a532235c189727f174e05ed53cbacca767ac82f731331f8196bc3da021a8fafee82cdd517a26efa5acc877a7f2d069e70114524705c2ece9908d605ce03a20b42d19ffcba2f95243558497fe162a164e29ff1187dd5ae63e4d022b0c8168d8785f68b44055eac1a1f4b94dd60363fc0bbfa59e0351e5abf39d73875ade37ce0175d7f65a9aa08e74bde32cc32d647c98fc691dad3774a6ec1ce985cfecb7f445e26da484a5c0772fc96f6a38f53d95b65a8cd5669bfbc517652c7f04d3d09804eda16a28ad2d09a2d6f52d17c9b8db9356ca1d76c789c9a461564171f867ab6bfb78e2e9ba71a308977cb68bbf959f3a27f85dd571fc3d041f246095eec0c5576a6a1bbe0df364521cb6fa46c88504ac0119fb50a5e87f46109674d08736fa7c6dafd4420baacdffe5144f1555ccae3653c605b39159d36abbcb1d2b65b38094fc6b7d9dddbc610c856ae6a1173787c9e6c5413a831bccc5b19de27d9da444f3e70c14fee1c01b90157fc83c9f82a07cd7fd453bb19bc8b439097101175711da8d230e9ed1e9946cd88ce61a765c5927a918ef51a0cd875a106cf02b1a582e6df914ae78c47e98578b87140ebd6bd27201225f1ea1fe53e12d214b8ab5c13810c5d000eb2c3763e62dd548d0196e8639b6ce1427b837c0339d1db679ef1dc899389de316ec94bb8dc8a656ff7eba6e12172fad5faa151c72971c75eba9b39000d2c92c2536342fc15645e429fdf55616fefc64617c51fe7498e614a2e9578a08286926b21fd9097c83b3a74a814eb905db5c19f6be25d705ef606854fdd2389f1e8d28e0b2e40b73790ee66ebe235040e1e1d07fceaa9c6f5b4c1e94ae8ac92dfb0a2159d1ab0c40a50f721e38694baba0690446320041b24d521fe9e49a8088a9b44fbf61a141747cb1b164d2813e12efdf6a1460bed224fa39e8c65596108640a8e3914af310dcdfa86a065631a7576c0b9c8cd2aabce55ab694957795e332dbb663b509629f489a7af84feeb1cdf7b564d452d1d72b015ab4302707e86ffc10ad28afc847ab7d17c9e0e3de6cb6c502554a1a8a9381d8764d7543b673ff5080bbb452202145e6e202556b293e69eb8da730c821fc4b94eed549b8fa95f943b86825118e86f4d469c6fdde5ac4ebe0d346e0ed3be97d6ad3c525a0b12cbab47dbe45d368622e6e82a5ec28ea9d0d60987b639addefe92b97d9a3d42e837bbbabfda0dd7233fcb8255593e619b236ca47f65bc74250f11dd619dff95432e6b95b74ac0ff0ff0027c69c6775b692d0d44eae68e019340bfd4099dc161752163b7e6c7c47d1c2ca578fe0dafffddd5ff64c81e267ac17b8c279c12607aa9a258e64800a7d4cee3bd26522f334171812bb2f20f11450d117d9520c7c10a6008b5a1bc402a53b6543038e40cfa684610f181400fec97c4fa1bcea07f5fb3c0cd9afd9b1ce0e9923ea0c5f8a5c32ae89e50173e0da5551730373082d8c0b2d614f2fbc8e935cff85e3786a36a6632680ceb012cd90dd494fba92f2203fedfc235d247db65ccc82f776451029c4a45a203fd2e42a1defe985d4c68bf89195db7b9edf2ac5a199ce0cb13f707c03a1c9859979b70f5e1c2f71a7959f3af87c3ea4bb5f346da97aa14bcd75d07e6461480e38c115756b6a35c805f0882ff16547ef32ef61778f1bc525a7850b27089b3a6893f71c4eec4bf16d3125a4ad74898ac60a5a006edbb312b9575dd2ece05e71f646c6f868c73c7e8ea08825850cd8ce98a0bb707fe052b69246948a03704e91e5127a3985d863640e8a3d3d7606243c95e850c1f79149bc8d2b8165540d4b2de46446bb763da1b9560944c3f41fd4c892bcc1b7d795e3b8f0bb9dee017c7bbcfa59059390e064332b863d2d9a5eae4c967cdf5e3b7c5824f4cdd15bd2031e59b2e8607ac8d1e76003cfed93866d7b175a71bf8e987d3d102f6cb6c8e163bad445662b875a8dc29519a19f15ba34fd36c3c952e1dc21eda22346115b9d1852412a848ea6145be5641eb6a03af61e168d03c3b57f5b49d4cc643687967457db02544fca6bc4116c0aae513f5eaffc371eb5233ef4bc2c5e7fee26577b38948e3cc09151515c361e0404d62e77b2e6359158b0a23ba478b83c7eb567248dfac26b9e6cef6ad860f986c28f862d671a88a1a72091e7b6cda9252e66191d187604019b8b34d2a35e3e60744fa5438b5cb8e55272c8c6c6f38a8ff5286e67b62837ecdb4debe1a8ebe6b5cfc90daa6b11237b485474c995361cca772f147efc40e20f5caf90df5d04f8a8c6b1b7d950ce402a3362c21248d76b0a4a102f77f0b91b04fd5be59f68eeceb113a275e455ec901b237422b91ab78d4778920bd5bb1d5b7d0574db1f72b96a3c5cb538319b8a14769f4e024503e1dddcdb64c7c9ff9a7937cdd6a7e09d4a3259a12ac27f27093357a034798f0c5edf79bbeec2bc6250c6bcb82eda4d53d95ccf2783c59173b4d332f720c5bffbd6d86ad179a7acdc132f43c91ac517a60fad80416f3d9716f242b19d8ece66faf4251f2e479aad360254f0349f3de0d302bf1757540ac692a100cb0cf68ca3ad5771f7b8d2219123eaceaf2c196b318e027218307d4df3738ef6d08d96bd6bc2faa178fb6353111abaa2088ec38efaa2f89a2a54b56c8b85207d77f7ac708871a6c185d448170be79cfb248e791d3850e991c1148fd32397c482aec0be12bc354ca6bf6db1907660d0a98b752908b39a7feab8ceb6bfa633696af2fae4d2169ccbde5e092e110b35b9e4c65effc9cb17ea41e1acc8f84d367ab2d3a88d64405ddb5b61c658f3a4e2e1de78bdccbbd41ccff3f91a5a037cf15f8789860a10b76e407c801638df62a9c6f5fdb786c6d91ae03bf72071b39dcbf2a132067e9920607bdc11b7c805b2eef1f5970167fa927766fed3706ea64aaa6d2009137294fa0c3281ad3daed0435a20ddc15c5d48e9dacc5b75cde74ad378597b265fce540fa9463ff1ce98a2daed36f9953c7c0196cbbc8163078191bb2ba35b4a291faa45c74c1ec9916dd38401892218032c7e14e7af0735d5798ba268a0814e97573fe42cda7986ea82f68a4ccfb15dfbaca0baa81b0176887a5cfc87834bf1dfe9f29de9b74a62e7e334bce71678c6a18bc42f1b9573a410c10862d975e41728201211a282f58bf2dc40e807527faf2e8e2dcd2e2c8d6f043b3d489073fd02ede086d68ba9176c8b2630be9a4ddd8cfd622a8370d87dd9364e697aedbe3c944cb9cbc9baf8bd175be73bb238442a6e08ae5f376b93d47e3c79472cbc224995cb7bf607f156dfbac2322b089a702ad938eec0e7d46802a831023f43f72d52d4e2221d43c0b2362dee759326e6a79c444025e5fb1f57c680600b2fb8cd30e897240ae2fb8af0dbafaba22fc8bd7f938fe966ff7e478663751d9c34652502542e0f90d02c6b58a6c008f60baf8c364fae670289cee79ef2aa0337766919429f3ef4b91862b44a94fcdadc8b76b62a8cdab46ee3959684e19e17546ebadc648d6f72111335d6dc1b47ec27cdeffed4997390465962fb3343091ac600d7ad8901406d414b6219d5ebfa2195b29d1839fe722bf59320567662e6224bcc6427043fd770d079c74e4e37870847599f34d1859b941584e3b4fbda6adf5335722dea17d3fb6deebd13c6f59bd62f1d2a0e9a9b0662865013d6e44ffa15c5af1d6721f9b1e448a52f2850e918e11165e90aed2b095aa9fc3823fba9569ea2135e1987d9a3c3da454676fb697d4965be1daac2c7eafe1e9d596289c44c1e51ecd935de89a7027e600cb1c934a023eddf8e8502c4b18c5779aaf9c6ce74a753ca8308085caf7cbc123214268fc042a51264a013d8dbbaf64fe31e36ae9c7e6c97b71a1174b5f95fb3abe1b54d720cead87043fe7d919bf126fae4de12f0c178ca358f802231cbd02b853d75b92e8c11504ca65ee7fded0dfcf37e1b4c74747d913921642bde5c1e937cd7a0d84ac95707b47aa0cae06234ff945cc1f3484810aa321419e8aebca7272765aa87cc461f3b3dc5ac994661283a1de9a035fad61377ae9d0b9c88e6e85ddbbdee51db204684496a44adf7130ecb1607a52a1f674b8c52a7478277c32673b730e112053eda544ca343f6e2512212b0da4b7aa5f791917a3ff3589265f5258eb04243867e495987495fb8c196c2653475b37266a36331d6bcd8d7a6d4a99a395d2ff3bcea3b79b12aa54c9dd462b7318adba7efcc715de09488abfce69cf1dad4fae5593fae345536ada15e1bf8defb31442a6a0e404f", 0x1000, 0x6700ce5d, 0x0, 0x0, r0}, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x3, 0x200, r0, &(0x7f00000022c0)="65027b6a8e459cdcb60570b13d1318275100f44864ad3fdf4c3fb32a00b93ef09e3811e418080f3df27669d6717709df7015ffa907ae8c78f51509225aa9b4a29246f7e9c7c6ed0788ac8b54f3d59a578f89b190e89c7dc87e7a09b3521fd47427edaaab4daa1c1ec88cd61a653f2c3267c0eac0232ce2178c480927b30b4bf259744d8136bb16f15040df2577d0e650d515bb9f14dbfaba19b509fc73003c594c2d67c1a943109c0a3cf28e855ecb5377084c3cc4e7e23250d0e1bd34", 0xbd, 0x6, 0x0, 0x0, r0}, &(0x7f00000033c0)={0x0, 0x0, 0x0, 0x2, 0xffffffffffff0000, r0, &(0x7f00000023c0)="a91a84f65463984604ab2c876a34c055a4dc7c058fc566e44e58eecfd500374ab9e39a1617582100456eb150305fc88eab464586b238b3f0626278661b7e662157d206e98fe7ecaf9694e9b70e5ad863383e00ea94df4e2c4ada76a855e39599ab2e19714eb48367cb573a4a8f2a29df5749209a479814d740b3e3939d47aec3da1584a0096f404a0fd421c3d3f5137adae612f7e1542b699ecc2ea1254c188b7f52c82132db5987754211f3ffda0cdb9fbeb36f6fd23ad7911195b1122ed001781a8a5ec9c5adcabd644dc359abb163e1a27791c6eac5dc5d9fd077d106563b24abd652f934af7d339f045bf483475fa658c387129f470cc46db34a3dd72fe7993289ca8379a7995081e605cffbfaeed89f3f13a797a71fc54e04b3d1caec81eb6742b07a4238cc87b189c48baed8de1e627dd474464cdeea80e8627bd5ac65620dfe77118ee0a3bdd4c058faa4296308f4c4e0bd89cc45ef44c83feebbfb367e311cfc1cd80ab83b8b2a741bee1021bb174daac4d9529e4f987f92b66e59b313abe732be77b7d13d422f4e21e3e48a7ae08535dd1d87679b0fc869278034f2c61a993cf79a931b07d6de13ba2e5c557df5bc9e92aae538f88b42bbfaad6685d0b4c8d6ca1986dd6ad8097e79d91bd88a24a5de529f5f04594616deabf5297ae25bab2be3e6bf39034a497cc57b227403b181f0b83960e1e4f389c57f21665eebee62eb3a1dea396639ba3580f8ee2037da12af425360f86f653d861aaaf5b4078ea83b87a7d4006bf3b5c65c15db898c2759d036d80e8c4490fdc68973900a2eef443b097bccdf3de81a7b9b801dbcdd7cb62ca405e7d1f74864c9fb5617d37d8ceb184456d0d1f01bcc3373ae11a013fa36acc183bc5811295a00745238c905562e6403e6da980c00e9aff27efc04fa58329a6b72671a34b6a94bcc88043b5d80ca151cc9cc1dfc84c6d6c300e36d31c7052d1b46c7ddf67e7e33f64fc7088496670b521612b09033d6d1e5248dbecef04f0f6edff1c6914d6ba6c5279cf6ed0ec4af4e92e96ed87b09e9d4bf6f0360f4528d7f0f4f5d0632ec6fc8dd06a2c7cbd3b3cc11c1d624f5e7889f8bfc061d9e5ed2bd75f47c4bfbebcc6351fa663bc238db74ef1d1d5dbc299631cc0ed6577f1f6e264c83319f3b6a87ccb350ff34627a5304e555412b48ebf24ad0d23763f17656da5088914cf0325853ca67b7ef674739a64c9e3752de4d34c4f544f072bca092b0ec76951ff5ce9dfd602ffc0755abb0eef95044099aeee6ae4d30572c822aa2ab4fc4c418f56264849fe45f11f8d044284b1525eef50ea4eff6eb0c2f2161879ee90fbc62c5c3b592bf37629f4ec3210526fe036921f299220671831fd1412ce5a5b561490fc58c3f3ed8a16ab5230d8726b12e09c09c8d89aab216d77343a2ccd5fa857ea1e4316a08b1361dfa304a28122a5733e445a69d24338498846a665eb14ab96166b1e2360510ccbae57529eb43525f54557964a57f29848be0a08a7ad4f47764739ad58c5a46f03103aa0354e586877ce9b73002ef2854b0b553338c65c73a35b50e6a13b12fbe25c6dcb173c58aeeca0625b35041eb9f9201168a8c06450e9d906467debaaa4c7e1bf8273984ece189d4bb2bb2d8eabc246025e189fd8694d4076177593f575e4670be331d782e01ac3370fee4a25bc1dcc82575490f1c0d6d52be09fa07c969991b3aa6de6fba00d72ef83763a35f4a5dd5fa85a5c27e0f2cc32167ec5ad076d94e364412bf3dc26132bfb80b3c43d2f99c508e7fee40e5e5b20b69168ee50f97a188606c99f3f60a4577a8314e76e3fd22274c90eff021d5b2173cf6652cb71bff8fbc7c7062daec38379606c4c3dfbc09f5e308dc0ae4acc0fb3f8b427617934f8fef1d6443cdf26e5c6f94fb5da6e584902912a4428cba6959800d0992ef1f84691f454e3beb301c3eadf50fb74c5d849899266841d6e9b5d289044aa72661cadc8b7aa923a2cac7279533ed9001cb9e891e74bdb68c1df45b88de03d71e1e9fb32ac7df3fb1ddbff9ab482c76ba50bdc79884a60a7af2df8bc3c84c5a4a292401cbc1e8476febbb8683ff3ef73c263aadea925505daf5a6ccf59893a0669f0886e97ff50687aa1ba9d0b41db2fcf903f0e293d78356b7c4974457ef9c55cbcae178da95142edbf456fb5f029b1531f92927497c5555bbcefa096768b01531c0442d728ff25943c84c394268e84c885d2b746231d1aceab2c477d5de652d94e0177c09b90b14a4494e85e93e594d8ad6f25bc418e9c16ed79fc77746327aa015ceb83c3dfc76700010f6a4418e2a748aeac7d18f079d51e1fe74b206dc7132d2ae84dd79c7962b631978092ecf32060255575f6e218716659db3ef7adec20476a1de03fa453376d5245e78065788d471d2408f8e197466ec290c5c77ea9c802c6e3b5d0f94d4801792dc05b3ebec4c40ae8dd107f6e5004f23653da98b76571e61e76e7f368eafb1d27fcd834fc5c7c5ea10e6058ada8e0b93030f0b7cf86db7360e5ac2d8308a27c27ce6b3b1791df03f2a88f7a282819afe5102296b35306b9f0796047c2d84b4065dadc6b20deb2c45e9eff09f1f1c642f389412dfc19abfa13e339ff333dfaa6ad0b418b05fcae56e976b4a9ff0c6b0b26414cf4ef1ee13375ff5b70ef406e57fd015ee292f9dc8625fa72c5fd129883c065bd1f8aa2a03476637346af4d58977053976e5997a27b5b661e85d745627a2a5bb7f45628296f173bca23c13f573d431af4c20c346959fb4834687ff9ccf5532680af6770c3e91178ecb7a4991a4991f1c13c3472119c695a49fe57e8a53a19727acd94db729cb2937f4a9c1ac27e45753cdab5614e13cd6a5250b54820b3ab082a5a16e647aefb2ef25b6689a88b7db2f86c6ccb53450bbb4643dcb0f15eb8bc941fddb9e1ebb0012d0678d3e081dfd8ffa65926fde56315d9bde72d350a99ef14e2d52167115c4def6784a3bc635e456460fd8c58ba13515b6f6aaf777eec2c0516e7b29ac5d492c80797be51dab1167afe47fea183a80db4a0dcac201efe639c6035bf0e1f5d5ee9a86a29a75c27f6e441e81075677a99809e055a69a004de39fa47a7992a4bf706dfc02bda5ac8ce314ccd03974f2b68ba663aaea953a4c78e1c7c1d9154ddbf17fbdf8ffacc5fa73f6356a01f70563a79569cb2a90194c26f884f519cf9ea40f6b3511e1a3ccaac5f6dee04f0d802a98587cc02649dad4d13190b0cdb5c040d0ea588229a769b2b7d92e76e037bb7f40089a1d54c49413521a2247f82470aeca4939bde2a2f1f13fb52e4a1b4cac8c0809b567dc616d5aa71b70bdb0d0c5c5b1932a8d24a6d077214013f4170182fcca68d10755cec945f0d23f7c90fb99fcf8eee780d2baf3d57571ca8b6c68d6e640ce02fa15e36eae3bd2e515eb8a20d0855877927fc85f9dadecd4ef8736cae5c58dbaa307caae56924d06b840a994ab498c3cc0ff116bb56594fe6f5fe7290f09105ec3b27009c15b3206bbe370d4e76e9a9a6a906a664f3ba111648a3b74f5085051e6803cb221cc6ba05f6e485e3d97118a3f55a29552c20c91ff1dcf85ff8c6de08c38844987290b59617641803dcdd46c7233fb7b8921f2f5d6456c6a438758eaf4517fd9d2bdae503bb4714f494aba522bc1ede4b02616624361bfba144eafc8c3118439189d1902e573e676e381b2ca628ec1b9c1285272859eeda66aeabce8ac985f56521dc3ae786f06b4712280d06c8f0ca9f9cbb79ef5b1e1b74e6135b9f695be46bd16734c68aa2769e9b6a75b400232e0fea8a16554f341bc7d6c63cb4be2286750ebdb3eeb619cfba9dc3ed7f5693cae049da126cb44e2dea9623f373337edd32b06d410281bbd30558f828b43e15d82707140b1f0d31df1af327b645c6b80519f163efc0145801062908ef2eb5c42bb2166eaeca8b5e6f1f646786631da56ef79f267870a91c18ff66d896f9e31e5102d9cf6db93d669f70ce3307e57086d48f36ae8b4ceec93485bc34450e9a0177a4cc9f2195232bad4f7dfb4867cbcdb390ba8aa0b7c12ff63ca8083c1aa67de2eff0f7cf952f3f4110e3bfe72f0ac68968bf2b8033f3b5e2e7754423e125402110e2c4b398eb02a85f479bc9d24302420fc14edfe971a219081989af39c9987af857244bd68b556b371f26c0e38a2708c881a195e1525b9076d1196f1eff1b3a08990ffcf55ece399c511ae452dc333819fd7dc1eb7c7deded69749bf0aee2ac2489cd1607c91f1a47123927da126500cbd4356559d7af4ee7608a90ee325ca1dfe8bea2e84371066d6f04a31f9b60b994d6f6ca32d5149913a8383386542450b540df0d6e7f2bbd19806cb4c210e3ba76b5fa2b2be04aa5066a67e9b0fc16ebd83957b4d3e0a608951ac142bd125533846b86a51879a90f76c0969f3db1e512efc173aaa284c98fff0376010fa2eb066570b69dd70947431dee2a770a5ec28f2b77de88f49aba5a2b5d03e3790912dd5cebd7d86ee000074d0afcbe85f1215d4461276315f56d435de31605e0520d3a04d9e742a304e2b393523bccf9dfa5b32b5db8c9ffc03cc23f129f9438a4e4805bd4c3f773f5ca054bb45e21ad53a6d2c4c5675d2cf997e2c3f0c514055c934e8d9bbe93a0aa3fadb5b187fd380d3074fb45ea9aa49df36715adad3f5f10c8c1b09d9cad58f2032b94215c8409b36641037ee9637e7102ff3f379bab66f53167012291e19f2a52210611a920e2d7f90ac18ab119386dcf55a82e20bdb068f120ed3c2927d93be1bc319df9f008813e1759f30a512066d8b873ee46f9acd310dca20639f443beadb8f6c79a6ff41e03ede024ee6fcb3d98c80150e61fe7913341c5d9f32b67bdcf40165fa2028d8a70c7a9ec1d6cfb8a8d5f753843648a43a4b207df11df2445fba9eb662f20ac5e34fd3b0c998c71d245f3a753396ad7b0690e6256ddecbda5b31447834680b978d6057320986ce286ae195ce77e3074af95a69403a540decf029ffc5daffedd9dc78ba5a1d7851ef61576ccdc727b875f1608f69cebcbecf02e6a382f1cbc3e7a4ad16ab08a91fc272baf8cbf05bf604ceb703e7140c4dfec5ee068a3d38c5a59a155e0de3899aaae3499434f39833357e8b4df06e01ae0d7aca6c622cf0ef00d1ad119abdf016b5a325f2b4641199b693ad2ee40bd4d26350ffc60ac21cd5dd133d62d8103a8736f6bb739637c5c80d7d87aa3da500a5005e2af22793aa70c0e7d0b7b1d9ed70c1dc6545ad7a26f14e2ce0523208125e6948a04100bc781266f6684838b79b463edd5eaad51672ed397649a7de19a7085b92563d1c1da43b99a4f847640dfc27777ffde714b76bf89dc4622f14af8f74ce28deb2459a6043195fcea17bb76cb463c02608302538040ead7dc658cf48a9a01b9b8c908a96c4b2d123156af56eb9c29c26d8cd7b34561230a96a63eb80e87b62c6753ead0a303071fb045a5de6dce67df22e13dc7d8d8eda82ee1af71d943ea4bfa5acb4c618073ccd40ac99184b8e44eb25473522e1fc8decb6ea64927f37e85d67077ca4accf1ba3e51d7b43bce29343f33fc5788c29f3834f8bf62a2c2c59071d8e2946f3479e299f564e388781f6b8add4326fb1ffd2f5a4794456802fdca07f254d7bae052fa17f83d71a19ccf5cfdf257057454474c188abd7fcd731196dca237c15b4cd78544cf5c5165be2e7126b4c7d1c1d4fcdc056e796c478046c8062e235df44a0a93e01f0eb7f481ca32031367ce2047e65804c9299aab113", 0x1000, 0x100000000, 0x0, 0x3, r0}, &(0x7f0000003500)={0x0, 0x0, 0x0, 0xa, 0x4, r0, &(0x7f0000003400)="e09e0c3687cbe37288dc73e9b9a9535df894ec21b5552a8bda3c3faf6ad3cd107cb70812ca576a0794dc0c93480df596118c6cd46c3c0967cb360f6858e84d74e86d1613f90a85a9a398bf948354f1f1e028586272a87b871f8bfa2ac84281d199ce30788a1e263e5291331591d41076ed3c11265c7b71d3ec190d57fd46014b631adac4226f82ace38f62695b0b2454ce54e337e63141b35e868b57aa7e69cbbbdaa14246355881d69999e55f33ceec8d0301e9442331542291f2f66a16b90dd93afff6eddc042085722fd40785546ab12edd08262e7080fc710a0349e991bde421eeae8e49fbe6adb8042edfe98e72c735f3", 0xf3, 0x6, 0x0, 0x0, 0xffffffffffffff9c}]) readlinkat(r0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/10, 0xa) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="3d51ae465f2f7d8bc7f5caa348368602b6fecf7564f078e63dc195356d15102c51d5aef558d804bd46b57b22c5940000000000000000000000000000"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) syz_open_dev$evdev(&(0x7f00000001c0)='/dev/input/event#\x00', 0x1000, 0x80) [ 335.042299] FAULT_INJECTION: forcing a failure. [ 335.042299] name failslab, interval 1, probability 0, space 0, times 0 [ 335.094006] CPU: 0 PID: 11072 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 335.102287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.111647] Call Trace: [ 335.114254] dump_stack+0x244/0x39d [ 335.117905] ? dump_stack_print_info.cold.1+0x20/0x20 [ 335.123114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.128663] ? check_preemption_disabled+0x48/0x280 [ 335.133701] should_fail.cold.4+0xa/0x17 [ 335.137786] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 335.142995] ? rcu_read_lock_sched_held+0x14f/0x180 [ 335.148052] ? __lockdep_init_map+0x105/0x590 [ 335.152564] ? zap_class+0x640/0x640 [ 335.156293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.161841] ? d_set_d_op+0x31d/0x410 [ 335.165660] ? find_held_lock+0x36/0x1c0 [ 335.169741] ? __lock_is_held+0xb5/0x140 [ 335.173812] ? runtime_status_show+0x168/0x180 [ 335.178430] ? perf_trace_sched_process_exec+0x860/0x860 [ 335.183895] ? do_raw_spin_trylock+0x270/0x270 [ 335.188501] __should_failslab+0x124/0x180 22:09:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2, &(0x7f0000000100)) 22:09:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)="6e667364ff", 0x0, &(0x7f0000000100)) [ 335.192751] should_failslab+0x9/0x14 [ 335.196571] kmem_cache_alloc+0x2be/0x730 [ 335.200752] ? __d_alloc+0xb90/0xb90 [ 335.204491] alloc_inode+0xb2/0x190 [ 335.208129] new_inode_pseudo+0x71/0x1a0 [ 335.212201] ? prune_icache_sb+0x1c0/0x1c0 [ 335.216445] ? d_alloc+0x380/0x380 [ 335.219996] ? timespec64_trunc+0x180/0x180 [ 335.224348] new_inode+0x1c/0x40 [ 335.227733] simple_fill_super+0x29d/0x600 [ 335.231992] nfsd_fill_super+0x4f/0x60 [ 335.235892] mount_ns+0x12e/0x1d0 [ 335.239358] nfsd_mount+0xa4/0xd0 [ 335.242814] ? nfsd_mount+0xd0/0xd0 [ 335.246427] ? nfsd_umount+0x80/0x80 [ 335.250131] legacy_get_tree+0x12f/0x260 [ 335.254181] ? security_fs_context_validate+0x80/0xa0 [ 335.259384] vfs_get_tree+0x1cb/0x5c0 [ 335.263186] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 335.267932] do_mount+0x82a/0x1ff0 [ 335.271468] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 335.277007] ? copy_mount_string+0x40/0x40 [ 335.281246] ? copy_mount_options+0x5f/0x430 [ 335.285640] ? kmem_cache_alloc_trace+0x353/0x750 [ 335.290484] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 335.296038] ? _copy_from_user+0xdf/0x150 [ 335.300189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.305729] ? copy_mount_options+0x315/0x430 [ 335.310217] ksys_mount+0x12d/0x140 [ 335.313831] __x64_sys_mount+0xbe/0x150 [ 335.317796] do_syscall_64+0x1b9/0x820 [ 335.321668] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 335.327021] ? syscall_return_slowpath+0x5e0/0x5e0 [ 335.331944] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.336773] ? trace_hardirqs_on_caller+0x310/0x310 [ 335.341785] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 335.346807] ? prepare_exit_to_usermode+0x291/0x3b0 [ 335.351819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.356662] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.361843] RIP: 0033:0x457569 [ 335.365046] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.383944] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:30 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:30 executing program 5: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x404040, 0x0) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000040)='veth1_to_bridge\x00') setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0x4) 22:09:30 executing program 0 (fault-call:1 fault-nth:74): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 335.391661] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 335.398923] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 335.406188] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 335.413450] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 335.420706] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 335.469490] FAULT_INJECTION: forcing a failure. [ 335.469490] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 335.481344] CPU: 0 PID: 11085 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 335.489578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.489590] Call Trace: [ 335.501547] dump_stack+0x244/0x39d [ 335.505191] ? dump_stack_print_info.cold.1+0x20/0x20 [ 335.510411] ? zap_class+0x640/0x640 [ 335.514148] should_fail.cold.4+0xa/0x17 [ 335.518225] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 335.523815] ? find_held_lock+0x36/0x1c0 [ 335.527894] ? get_mem_cgroup_from_mm.part.62+0x204/0x880 [ 335.533441] ? lock_downgrade+0x900/0x900 [ 335.537600] ? check_preemption_disabled+0x48/0x280 [ 335.542628] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 335.542647] ? kasan_check_read+0x11/0x20 [ 335.542663] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 335.542680] ? zap_class+0x640/0x640 [ 335.542693] ? rcu_softirq_qs+0x20/0x20 [ 335.542737] ? rcu_read_unlock+0x16/0x60 [ 335.564749] __alloc_pages_nodemask+0x34b/0xdd0 [ 335.564768] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 335.564785] ? kasan_check_read+0x11/0x20 [ 335.564807] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 335.578450] ? __lock_is_held+0xb5/0x140 [ 335.578503] ? trace_hardirqs_off+0xb8/0x310 [ 335.578526] cache_grow_begin+0xa5/0x8c0 [ 335.578545] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 335.578563] ? check_preemption_disabled+0x48/0x280 [ 335.578583] kmem_cache_alloc+0x66b/0x730 [ 335.578608] alloc_inode+0xb2/0x190 22:09:30 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 335.578626] new_inode_pseudo+0x71/0x1a0 [ 335.596225] ? prune_icache_sb+0x1c0/0x1c0 [ 335.596243] ? d_alloc+0x380/0x380 [ 335.596257] ? timespec64_trunc+0x180/0x180 [ 335.596280] new_inode+0x1c/0x40 [ 335.596296] simple_fill_super+0x29d/0x600 [ 335.596320] nfsd_fill_super+0x4f/0x60 [ 335.596333] mount_ns+0x12e/0x1d0 [ 335.596354] nfsd_mount+0xa4/0xd0 [ 335.596371] ? nfsd_mount+0xd0/0xd0 [ 335.610974] ? nfsd_umount+0x80/0x80 [ 335.610994] legacy_get_tree+0x12f/0x260 [ 335.611015] ? security_fs_context_validate+0x80/0xa0 [ 335.611046] vfs_get_tree+0x1cb/0x5c0 [ 335.611066] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 335.634942] do_mount+0x82a/0x1ff0 [ 335.634964] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 335.634988] ? copy_mount_string+0x40/0x40 [ 335.635011] ? copy_mount_options+0x5f/0x430 [ 335.635041] ? kmem_cache_alloc_trace+0x353/0x750 [ 335.642634] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 335.642659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.642677] ? copy_mount_options+0x315/0x430 [ 335.642700] ksys_mount+0x12d/0x140 22:09:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffff8c, &(0x7f0000000100)) [ 335.642721] __x64_sys_mount+0xbe/0x150 [ 335.642741] do_syscall_64+0x1b9/0x820 [ 335.728114] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 335.733496] ? syscall_return_slowpath+0x5e0/0x5e0 [ 335.738441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.743304] ? trace_hardirqs_on_caller+0x310/0x310 [ 335.748336] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 335.753370] ? prepare_exit_to_usermode+0x291/0x3b0 [ 335.758421] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 335.763285] entry_SYSCALL_64_after_hwframe+0x49/0xbe 22:09:31 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='hfs\x00', 0x40, 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f00000002c0)=0xe8) getgroups(0x3, &(0x7f0000000300)=[0xee00, 0xffffffffffffffff, 0x0]) getresuid(&(0x7f0000000340)=0x0, &(0x7f0000000380), &(0x7f00000003c0)) write$P9_RSTATu(r0, &(0x7f0000000400)={0x65, 0x7d, 0x1, {{0x0, 0x42, 0x3ff, 0x2, {0x8, 0x3, 0x1}, 0x11000000, 0x1, 0xade, 0x4, 0x0, "", 0x4, 'hfs\x00', 0x4, 'hfs\x00', 0x7, 'selinux'}, 0xe, '/!\\\\selfvmnet1', r1, r2, r3}}, 0x65) [ 335.768482] RIP: 0033:0x457569 [ 335.771686] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.790602] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 335.798414] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 335.805697] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 335.812975] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 335.820251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 335.827525] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 335.836372] block nbd5: Attempted send on invalid socket [ 335.842232] print_req_error: I/O error, dev nbd5, sector 2 [ 335.848819] hfs: can't find a HFS filesystem on dev nbd5 [ 335.888425] block nbd5: Attempted send on invalid socket [ 335.893947] print_req_error: I/O error, dev nbd5, sector 2 [ 335.915920] hfs: can't find a HFS filesystem on dev nbd5 22:09:31 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) alarm(0xe8) 22:09:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6, &(0x7f0000000100)) 22:09:31 executing program 0 (fault-call:1 fault-nth:75): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:31 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="dece0d8c55953f61bfea6b2434d84a3fa8f02c444e63175ab1d2f051a7e1772d84c4340ca34c8fabf4a89d94d258cec49af4a99024acaedd661d2d8616d78ed63661c25187c6c19943bc96cb0197c43fc9daca318d804bea8941d776b2e1f26ff09f544d2b858f7de54130101d8e32a6876def8fd87442c095778f18e6d457917caa9b7f98835e7c07d952efad5b7e30"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:31 executing program 2 (fault-call:2 fault-nth:0): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6, &(0x7f0000000100)) [ 336.042539] FAULT_INJECTION: forcing a failure. [ 336.042539] name failslab, interval 1, probability 0, space 0, times 0 [ 336.145470] FAULT_INJECTION: forcing a failure. [ 336.145470] name failslab, interval 1, probability 0, space 0, times 0 [ 336.165127] CPU: 1 PID: 11119 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 336.173397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.182762] Call Trace: [ 336.185368] dump_stack+0x244/0x39d [ 336.189017] ? dump_stack_print_info.cold.1+0x20/0x20 [ 336.194236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 336.199786] ? check_preemption_disabled+0x48/0x280 [ 336.204993] should_fail.cold.4+0xa/0x17 [ 336.209076] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 336.214195] ? rcu_read_lock_sched_held+0x14f/0x180 [ 336.219228] ? __lockdep_init_map+0x105/0x590 [ 336.223732] ? zap_class+0x640/0x640 [ 336.227456] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 336.233003] ? d_set_d_op+0x31d/0x410 [ 336.236825] ? find_held_lock+0x36/0x1c0 [ 336.240907] ? __lock_is_held+0xb5/0x140 [ 336.245039] ? st_read+0x2508/0x3a60 [ 336.248782] ? perf_trace_sched_process_exec+0x860/0x860 [ 336.254238] ? do_raw_spin_trylock+0x270/0x270 [ 336.258837] __should_failslab+0x124/0x180 [ 336.263086] should_failslab+0x9/0x14 [ 336.266898] kmem_cache_alloc+0x2be/0x730 [ 336.271065] ? __d_alloc+0xb90/0xb90 [ 336.274789] alloc_inode+0xb2/0x190 [ 336.278422] new_inode_pseudo+0x71/0x1a0 [ 336.282493] ? prune_icache_sb+0x1c0/0x1c0 [ 336.286743] ? d_alloc+0x380/0x380 [ 336.290285] ? timespec64_trunc+0x180/0x180 [ 336.294622] new_inode+0x1c/0x40 [ 336.297996] simple_fill_super+0x29d/0x600 [ 336.302255] nfsd_fill_super+0x4f/0x60 [ 336.306152] mount_ns+0x12e/0x1d0 [ 336.309623] nfsd_mount+0xa4/0xd0 [ 336.313080] ? nfsd_mount+0xd0/0xd0 [ 336.316712] ? nfsd_umount+0x80/0x80 [ 336.320438] legacy_get_tree+0x12f/0x260 [ 336.324507] ? security_fs_context_validate+0x80/0xa0 [ 336.329713] vfs_get_tree+0x1cb/0x5c0 [ 336.333524] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 336.338291] do_mount+0x82a/0x1ff0 [ 336.341846] ? copy_mount_string+0x40/0x40 [ 336.346101] ? retint_kernel+0x2d/0x2d [ 336.350039] ? copy_mount_options+0x239/0x430 [ 336.354561] ? copy_mount_options+0x23f/0x430 [ 336.359073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 336.364620] ? copy_mount_options+0x315/0x430 [ 336.369131] ksys_mount+0x12d/0x140 [ 336.372775] __x64_sys_mount+0xbe/0x150 [ 336.376762] do_syscall_64+0x1b9/0x820 [ 336.380655] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 336.386041] ? syscall_return_slowpath+0x5e0/0x5e0 [ 336.391067] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.395923] ? trace_hardirqs_on_caller+0x310/0x310 [ 336.400948] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 336.405972] ? prepare_exit_to_usermode+0x291/0x3b0 [ 336.411001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.415866] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.421067] RIP: 0033:0x457569 [ 336.424272] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 336.443180] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 336.450906] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 336.458184] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 336.465467] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 336.472741] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 336.480020] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 336.487346] CPU: 0 PID: 11132 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 22:09:31 executing program 5: creat(&(0x7f0000000040)='./file0\x00', 0x11) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) rmdir(&(0x7f0000000100)='./file0\x00') 22:09:31 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x7, 0x18000) ioctl(r0, 0x2, &(0x7f0000001100)="b5f82c55f3ab63cd93f318addc4117d805e7cdecac543ce9289122a21603981f0d2c7d352b7d211a84744db6e94a690b3a2e1407843f7dffb7b7661ed66393a319768b79e8e006afbf7400adaaae0618f8a92d6c8850a9d079cf1b9af0d73e63b73f1398b326a28b8bed71ab50fca51efd6f62cef4f5e892f481bcd6d088e4b64de5997c01ce148d11acbefb9f1ace6f28dcd16290c3128b8cd60a1b2c47dd8cc15bf378e02a7deb0d71baad6d6ea7edaffac4feb686543762f4e9d77b58b62c5e11ff7f48241c15de619c0a9246f4d3bdbc6f599000051003fb3cebb20991dde1c97efa245d92dcd90a908af04a81b19f771971b31af875a44874bd2935bccfcecf4793880a4b7b2cf26245ba1151e3343545bfee9d5c77ebf3d083d10d3fff3685155ddd42ba0ae97ea1e2c94e166362c575007eecc5350e64125aec71164d7ec20b88f13ee8d05cb04c53408bb8bd2ff3b2ca2852b3d3c03b2b08bf740671208c853a00d15e9f668a5c886e5d1448cb827522010b0ef000735a87be49062ac8a1082262784ad984d4aa153843315f3e6d7093a6ca10955fab7bef742a38f4ae7b6d0478229822027a121b4289c34f5fae7401d0de717e37718c95718fde2a99928a27671192798c3149cc0f628af7e0bd988bd7f3a386e19a3b3d4cd87b4d559456093fef34d4fd90ff3ed4f62dc232045a71f08e734ce9b3448f80dd2686d124e94846bba04ddf567651c550642d4fca405296d2f4dc38111351f4495b4dcae2ed49edcd86ebeab329c360e176b3313ae45c95d734b22e26f1d0462b1fcd27ece2cb80ee248d47e95968d21b96a694205f968b4fc6ba016cef7ba0a55a6eb65c49a6768c2047c7d8e90849d74d0b58ed79328f3cba8630882d728c077c217449b7a1a0222593654d2944d128554159dca88c61df770291ebf38178cce64ad6cae65873ac79cf0a5f58259d7b43319edce8f65522f211f11e1503f381ed7a8e73462827736afc6ba81cdd9117aedc9afc617e1c50a486fa49071955f419d7dc79399959eb80b4339f96db571b48a42926f7e7cd517bc1aa07ac2c86b183ee1d267c3b9b6d7a81bea460b1fe28cbd6809622a0cf9bf20241c82df2a97c7dc23e4f4a8976b3e8d23dd41ba597e81d18093a3b7d4af3de8ae7269fdbcdf1bf587cb03408b928b30ebdbfb0e11ac7ddbe44405e96e57863c8d5bba7839d8fea6476dcb3e8a1d7cbf2ad64b2a98df2898fa3fb1b3743d2040c3b975cba1589d683916e4b57744946a305d26bf6c1a36adee7ea49358d655833f877a716b5e875d304646499ca4aafd4b2de3f330d318a163e89950fab27803a0b3567189aa3ec63bd2317e8c7b3c1599c4ea6836007c9b8fc0395473336646a70c630da269841767da21ec3f6662a295aa55e405d865457444d0cdf646a81df5fae8e0a058f10f71f972b6f0a65737d3bbd23efb54900e39c92274d1a0decb2f24a39d241dd5365680bbd8ab161147f338b953d5433745d7fd7da217c1a39c96d7912687e123672ad60437a6d7ec8dc1ae66474d2fab3f25cd72125972d749dc1014f31be414daee22d89a55185c5431e4c0c6dd301bc3a2fb62e4abb95b30404c0b5a6f3e83f537191450905cabeeec0645bbc9c8c3c08bd75cae02ea9fc75caf6a2b121e07091cbcab5c924b2f39f1d51df7a314c8f09f364fbf0e99105b140a159dfd968a04072872f0b9ccb6f4712f53eb1efe7af45513756a624813af2e2c9c1338bdc293e01b4a5356a59c9c9b89a0b02027bda9b53262f80a36e68bb144d26d70c44d12a222ba5808cde3a8b3eb7d42c8548c0aed3078d8191fc77659b51c01670a2c38f56e3ba4fc1840a585b0e27cbeaefb9ee61ca8ad9db56e70fc83aa5eb316e0b51d6b871330cfcce6d6903546983c6b75f99a44711cce83f72e4c713ea2656e9d118d913bd9212af324222b34d5a8a17ce4505cd58404488070c4c3fb6e950c4fb897940a5fda368f1d91f664d8f1101498dad0e8ffde455a5155f4029ad5ce4b9b8f27e8409e2b7b9347bd7bd78fe9eb4d22a609b42887ac95bc4d57d0a1cb005e5a74d9cc7b584b215f34be6d262f7433c8dbf73dea1d8abdf6fb0543ac56a40b39c8ecaef6b2540c54dbf82d6f6bb10284bea329bc28dc14160b0c1ea784fdeffb8c0f9cb53421b9a53813409965a0fb3b73b50a70c1846c1a6d06ecf71ab7ed2eaef5435535513b442d5201d3a5bbf92ec2aee8525ef7b1e8be84e642b653690808e8040057f41b4267b027185c6509ee298d59e8edc2e1cf80d59f994bdd6f7c514527740657b3007b6c9342739866340262dca7ec4a17d7bf4f42baeef80d902907fb954c3bc92a28a94ea5ead43d2639abcbf376dd56aeb88e460c583aeaad1287b0dc5c06f8c7ad31323614e4191d91715b27d8078bb83ad96ffc6ad81e25ccfb12107cb99156832a87fc756e0bc13f108327bb98873cb993fcf12b669d48197c43e9c9098103b2b4ce177cd28b57e7dbc73ece1ef3667ffe062468886dade150ee48e62aa1221dbe20d79824243faa8a98bd10583bdf3335a9ca9d7cc97e3c2d81c17542b3b0058bf557eb7fcb5289114d66f4538dc757560fc46785d74372295474eefa8152a8debca3ec6b85dbf0131efa9c1948fdbfe874642afe87c446224b3d8191be6f02493a1ba4291dd8446a54eeea601ccf01d266bf7b68f691e8fe8b1d5d620b0a447dee4e49c504a63dc6bd6a1638bf7378dbb02f5af84fc4497a7b98da5d6d8be540cab17251c53f2e2f4644d38a5369f65f9690c32671aa497aa2761b0c29a6ed108201694f287b0b40ff5a90fd8e6541e1bf943c2e059fcb9efab9b6d92a8d9182950d05c4316e31194a89341a6f75064d9a9c531861a3402869f2ba5166b0e2578df01fb5ab03a7957975f57be6fe89ee5ffbe7e68ea9097705f0f831a7609da05bd93ec135a5656a17af5c2349aeb549384bfbf6a9944f28180fcaf0a859cf74c56b857a1a95e6abd58d50f3008c6eb7764191dc6701db9cd8532c45be7100f071ea151639fb8940a31cc1edbc1b65ef4054d38147ccdd97cf9a4015a44a1103b60c7b7497b940d140da050f5ab99f2ab0a491b2dd1d9e41c7156e218b2723afe40c8464d669419363595bbc1cfe6184ea069ed1de267445a34c9c868adec689920a29396a741d16129ec022d3e8f63fcb60f976df517306e64b866a17a70e80879a7879543f4b978271870d77e31bd79efd47f06153e5f1e596903ce20ca63883af806c25f324ab4041fa3609918a4243e8d83deb67fec9b5f63f96d26a1901dac559e3a7cdc98caeb1898f6e61048aa1773fdc195f11b953d0b8dd26fc638350a52e774e81701666d61ece672847c5a92de3e3180be6d4f4cbb7f2251e4a8f9f0e65c60c119c7459e8ab5824f1a6bacb0f56de9476290b12185f75adb1a75b373bc4aee3c0de1b0eb3edcdecfba020d81d9252b819d295562fd48651f3984bcead10278edd30ad3c633ea72f4b0f98040f0b0c291c8b9cd0e4fb1a1b1f37aba08e2facba1280d9348dacb9558cb13d491d631fcb536298337000cb2d1856e47e15360e2d1d183060fc8445dd9072bebfe292b84d9db9b7205ccef4996d33d699015f1d2f8f832c36c910f3a6e86c3cc946d5f2166f6dc7215b4e13ecf6b21c53ad3800a8e6b8fe1446f3bdfc244bd8a616f35f83735cb446558ab40d0ff3a997a74b713a5a686c4287fb18523d49fe2fb3bd802a9eb9da091127757f497fc5c5b8e39ef6cfa1604afa479ef0af0caa8b76f4f46f05889265421a52c8b2a2028409d09c8409e030ba6e4b991462fadf9723227e4322f8f62ac9b49627ac60659c5d87bce8aeb5b812a722e512b0bb1e8d607977395a7a08f058a8fd18203b8172292544f7b26d3ea992d2a73570fe87f0841f777997ba506374a3410376906749c481fad91c34b372487f5b84bc4317991fc8031bbb5eef55df2e1f6cf13056cb344779218f311d108c18dbe30ae21ddd27e32d3393c52678d34f9bc26d61fe46e280407623858055e18e120ce3268d8d4d2407522bfdaf49aab11b550ab4d3732e80579ecf0adf35dd63029718e78296df97acc5205c5df2d2c4ed24f865cdada02fe3835f3a0a2bf3573117099bb3be9df6cf06e58957668a9119f919b0e77fd55aacb228923753fec188b3cd3d4389c3d5f9eba5b33411634b729587f65b84c5aa710fb3396fcc39882bce7f7209938040afb8df83ba83caa948036d404a2cf3268588c5dec3e1abb0cdfecedaf690d8f7c9cb10bd8f46f9187058dccc25c3c522f33857b2c9045142904ca3976884dc174a04bbb18ad346ded15f1d0811c4a93756e05c688b4294764d5a7c994465d6407085bd1c02020b9623eb2aa692ac0cd49d4fc47d09a4259ca52883aabb0baa024ba3e8bbb8f066bcbb3a63c7a492b35b51247a6c5eabcde08eabc7c964b605e6cde558862b3bf4c20c7fdaff7093e5ecb73c585c831713d66bc581353f1473923642e1165b556a173427d915ff60e6aeafa5cfe3ad9e5a388d4e44f266fe6334ee100eecd89ceea2de88a766c4fac54500545401f5cc0c7b9dafdf76160f3245d50fb99d4270f3bf07753e4547c2771f377f5a3fcea4cb6999f70007cbb111e7859b116834060bfe797090d16f0071658bc3ab5177fd92923ce343ac6358e6336626214ddd82c8e77a3cad1923c61c98ffe8ca63c422062be1921a2b95724e2070a15a5568e3fb819e7d860e0b6d8b2b4822f2ebb5a4d4a2cba4e9b2a716bb744e24fa14d08e5766901bb8eae47f9da4db67d89c2e017fc231778d7b50b45ac6770c7369b23dc9dd5d7fec2e84a90d7f185d267596b744d0b50761e8dc987703105b017ec56666afa8d9277f8c2194c41859d8717c4ce38c14274e56a33c94fdf0cb936f2d484f659d97f31865957ebad3ad2aee12a5fff149f7603a0da482621a30a0b1f4d880e9909615ad13b62f15c92439c3b935d824d61110f1f3e5c946262d08a1a65945e552a3b7e777a11bbea9be2d48bc22d784a246bde45b22d66b512176ef62db490537b4d9af2129036743296f811a071af4a5e9beb6bca416cc51cf6c74e79ecb4e2f5ee254489898c3b936801e370494c9705d588c9ee46544e658e08232bebd550ba8711f766c39bebca5e7c32921c0e7b343b3217fc086d7a99719537f74d051114e7f9f4009fba1b6c3750eac46a41727da1930846ae98e04c5792877a25d78bbefbdf494d96d1442d4d80b22eaf31bd82c73e28b2633e067f1159171d2f99ec677eee2e95687e6127b37f21afb38de11655157de7b8c4ca03c23561a1777fc6124e6d0cde38149ae628d33c908aefcaf11db44b197586568ba4a9529235d1c4caf370062da8468fbe600a64ff081c323a7961ee5dae5f9dea8ab05d5aad5b61d59ad82df2067e6bfa5237cab7f56d6a5172aefae636ed8670cc6a2020dc62279e42ef68933c34e3bac0f3b29a2f865453f56be156a702e5ecaaeb42442f30e4a113eb78d0049e11881ba587fc550ea485f54d4685cafafd4edf3b555e2194b24506cd6f78c6986c063faed8575a0c1e33b7a15118e2a6c530118ddf2a7d83294bdd8149e1f8621b107a13edd5c55291da592550b405dbb494ce9a8897a5193278107685218cb1f48309d3392f1952b0653f34fa7342cfef285d4fa2fe4d8965dfd83e5f0ebfa9499c6a1ca0d5ee83d03c31db37934f6a1a4afd1429a3fb847c5d6915776565b60cf312bb6d20cbf71338af5da4cf7c875349") ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r0, 0x4010ae74, &(0x7f0000000100)={0x8, 0x200000000, 0x1}) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="ea5dd8937fca0c07fe7ea229c338ad622ec5279e96b345da5946f885b18fd26ce6f312919ec8c135ae70bc7955507f589ea637b9b028f611"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa, &(0x7f0000000100)) 22:09:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3, &(0x7f0000000100)) [ 336.495780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.505141] Call Trace: [ 336.507747] dump_stack+0x244/0x39d [ 336.511397] ? dump_stack_print_info.cold.1+0x20/0x20 [ 336.516599] ? get_pid_task+0xd6/0x1a0 [ 336.520506] should_fail.cold.4+0xa/0x17 [ 336.524586] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 336.529717] ? __f_unlock_pos+0x19/0x20 [ 336.533708] ? lock_downgrade+0x900/0x900 [ 336.537873] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 336.543431] ? proc_fail_nth_write+0x9e/0x210 [ 336.547925] ? proc_cwd_link+0x1d0/0x1d0 [ 336.551981] ? find_held_lock+0x36/0x1c0 [ 336.556049] ? perf_trace_sched_process_exec+0x860/0x860 [ 336.561497] ? __lock_is_held+0xb5/0x140 [ 336.565553] __should_failslab+0x124/0x180 [ 336.569779] should_failslab+0x9/0x14 [ 336.573571] __kmalloc_track_caller+0x2d1/0x760 [ 336.578231] ? strncpy_from_user+0x5a0/0x5a0 [ 336.582629] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 336.588154] ? strndup_user+0x77/0xd0 [ 336.591950] memdup_user+0x2c/0xa0 [ 336.595493] strndup_user+0x77/0xd0 [ 336.599109] ksys_mount+0x3c/0x140 [ 336.602637] __x64_sys_mount+0xbe/0x150 [ 336.606602] do_syscall_64+0x1b9/0x820 [ 336.610477] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 336.615827] ? syscall_return_slowpath+0x5e0/0x5e0 [ 336.620741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.625575] ? trace_hardirqs_on_caller+0x310/0x310 [ 336.630579] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 336.635587] ? prepare_exit_to_usermode+0x291/0x3b0 [ 336.640593] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 336.645429] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 336.650961] RIP: 0033:0x457569 [ 336.654142] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 336.673066] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 336.680766] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 336.688021] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 22:09:32 executing program 0 (fault-call:1 fault-nth:76): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 336.695286] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 336.702539] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 [ 336.709794] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 336.767108] FAULT_INJECTION: forcing a failure. [ 336.767108] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 336.778970] CPU: 0 PID: 11141 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 336.787212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 336.796574] Call Trace: [ 336.799180] dump_stack+0x244/0x39d [ 336.802832] ? dump_stack_print_info.cold.1+0x20/0x20 [ 336.808044] ? zap_class+0x640/0x640 [ 336.811779] should_fail.cold.4+0xa/0x17 [ 336.815853] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 336.820969] ? find_held_lock+0x36/0x1c0 [ 336.825065] ? get_mem_cgroup_from_mm.part.62+0x204/0x880 [ 336.830614] ? lock_downgrade+0x900/0x900 [ 336.834793] ? check_preemption_disabled+0x48/0x280 [ 336.839829] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 336.844770] ? kasan_check_read+0x11/0x20 [ 336.848930] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 336.854221] ? zap_class+0x640/0x640 [ 336.857943] ? rcu_softirq_qs+0x20/0x20 [ 336.861957] ? rcu_read_unlock+0x16/0x60 22:09:32 executing program 2 (fault-call:2 fault-nth:1): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x100000000000000, &(0x7f0000000100)) [ 336.866051] __alloc_pages_nodemask+0x34b/0xdd0 [ 336.871174] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 336.876121] ? kasan_check_read+0x11/0x20 [ 336.880289] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 336.885317] ? __lock_is_held+0xb5/0x140 [ 336.889515] ? trace_hardirqs_off+0xb8/0x310 [ 336.893946] cache_grow_begin+0xa5/0x8c0 [ 336.898021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 336.903587] ? check_preemption_disabled+0x48/0x280 [ 336.908632] kmem_cache_alloc+0x66b/0x730 [ 336.912799] alloc_inode+0xb2/0x190 [ 336.916436] new_inode_pseudo+0x71/0x1a0 [ 336.920513] ? prune_icache_sb+0x1c0/0x1c0 [ 336.924763] ? d_alloc+0x380/0x380 [ 336.928311] ? timespec64_trunc+0x180/0x180 [ 336.932652] new_inode+0x1c/0x40 [ 336.936046] simple_fill_super+0x29d/0x600 [ 336.940302] nfsd_fill_super+0x4f/0x60 [ 336.944203] mount_ns+0x12e/0x1d0 [ 336.947677] nfsd_mount+0xa4/0xd0 [ 336.951139] ? nfsd_mount+0xd0/0xd0 [ 336.954777] ? nfsd_umount+0x80/0x80 [ 336.958503] legacy_get_tree+0x12f/0x260 [ 336.962579] ? security_fs_context_validate+0x80/0xa0 22:09:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x1100000000000000, &(0x7f0000000100)) [ 336.967788] vfs_get_tree+0x1cb/0x5c0 [ 336.971606] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 336.976380] do_mount+0x82a/0x1ff0 [ 336.979937] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 336.985490] ? copy_mount_string+0x40/0x40 [ 336.989744] ? copy_mount_options+0x5f/0x430 [ 336.994171] ? kmem_cache_alloc_trace+0x353/0x750 [ 336.999047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.004600] ? copy_mount_options+0x315/0x430 [ 337.009114] ksys_mount+0x12d/0x140 [ 337.012758] __x64_sys_mount+0xbe/0x150 22:09:32 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="3c8ae6c47503d95a15714870f1c8b132402cfd4b4d9b8fa5c9b90f329db0cb011e54b1b47e51219bd93041f47eec2eee200fed7e50f1fe83525c5eec"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 337.016753] do_syscall_64+0x1b9/0x820 [ 337.020654] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 337.026039] ? syscall_return_slowpath+0x5e0/0x5e0 [ 337.030976] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.035829] ? trace_hardirqs_on_caller+0x310/0x310 [ 337.040860] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 337.045890] ? prepare_exit_to_usermode+0x291/0x3b0 [ 337.050925] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.055786] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.060981] RIP: 0033:0x457569 22:09:32 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000040)='./file0\x00', r0}, 0x10) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:32 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000005c0)={{{@in6=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f00000006c0)=0xe8) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x400, 0x6, &(0x7f0000000500)=[{&(0x7f0000000140)="f34cc53664e0bc11a40c3ea391891c601d38ddc136f74e335ebcc3b9a0640f5983f73874c8bb601810c15ce48915971e1936cdf958518eafc29b720e47f238faee0d90568d6c8a4b3293f432bdcf1b7b20992e0c57a32bab", 0x58, 0xffffffff}, {&(0x7f00000001c0)="d977c86872ef66e3a40ddbfbf80b4fefc8e1f22fef1dca064bac8f757c176594e4a3efc499a334b512031a7569247def57042f84e28b200fdc6c6ab37cf4b0bdc8b9ea8ae16daf3ea69fc2f63cb45e02510da540ef91e3d4b539db5fe43d49d3c3604b0561118ee151431c636735b97371a80ee7a8b075dda0d5acd29e3827058143196741cfd90d2ce94eba6849b6b2d93745747e0134934dd807a1778af994f53bfbe4dbd5f188b2ccc20c971cbecca077cf37", 0xb4, 0x6}, {&(0x7f0000000280)="93891bc80305f89cab9ad88912be9b91c62cbaa498e4b622dfecf038634f694d10ce64fb3674e8a0eaaaf86f26f0203642549585899901f3b7f85ee319f62de9dc4ef4c82afeff4c3addb90339af6d7bf90063e7a14e1c335e3374872b236de7a52c858b9ad95222c9a6a1febd753b4be4c3a79cf511cae420d5b632665b99700a054198bfafed7bbe9d", 0x8a, 0xfffffffffffffffe}, {&(0x7f0000000340)="15780f3acf923d7a8fc82e6f3f1289f1b1d31a9eface322f9b712db09a42d82de825de1464e84f01e5609debf639f65188c8ca", 0x33, 0x5}, {&(0x7f0000000380)="6705eceabba1f79261223f6955f228944e100644632cb1baa77b8a6985a07b4c822edc7ed05a87bc9645c13c19388c896fdad3689c3dd8113cedb0644e88e013cf212ac8766f50bdbc74475e89d989b9ea10e834a24e706a823207c6185648b6554b58a49ab7cafe5789f91196c21732b4b4a6993fefac88d14fd065d4730902ef589abf72f8ae110007bf3643881118bffc680ddf0859e7ded9c2e5eebe4c84488707f7fd3d4b9f", 0xa8, 0x1000}, {&(0x7f0000000440)="2f84833e1cbd96a986675851ab20e8c55b8d573f26806232eebc451eea48a19791d808f22712ca51860238052ce0726c3c4a3a0a9440a19cfc902abe4ffaa1bdd94010beef927d0a81042881f2359a72a0066ba21acf7720cfc2a9a04acc8384d36f9f67b052b45b1a0cca4bc2a2663aeed3fc81178ab30bb520cb5916834f02bc0a3c620ea45a80f790c69e2ac66edab3f737cfd1f64c82e5", 0x99, 0x5}], 0x100000, &(0x7f0000000700)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xfffffffffffffffd}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@fowner_eq={'fowner', 0x3d, r0}}, {@fsname={'fsname', 0x3d, 'nfsd\x00'}}, {@subj_role={'subj_role', 0x3d, 'nfsd\x00'}}, {@smackfsfloor={'smackfsfloor', 0x3d, "53766d6e6574312d76626f786e657431a46e6f646576406d643573756d706f7369785f61636c5f616363657373"}}, {@seclabel='seclabel'}, {@fsmagic={'fsmagic', 0x3d, 0x8}}]}) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) accept$packet(r1, &(0x7f0000000880), &(0x7f00000008c0)=0x14) [ 337.064183] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.083096] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 337.090817] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 337.098111] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 337.105394] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 337.112676] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 337.119954] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 337.155438] FAULT_INJECTION: forcing a failure. [ 337.155438] name failslab, interval 1, probability 0, space 0, times 0 [ 337.166979] CPU: 0 PID: 11159 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 [ 337.175233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.184589] Call Trace: [ 337.187195] dump_stack+0x244/0x39d [ 337.190848] ? dump_stack_print_info.cold.1+0x20/0x20 [ 337.196065] ? __kernel_text_address+0xd/0x40 [ 337.200575] ? unwind_get_return_address+0x61/0xa0 [ 337.205517] should_fail.cold.4+0xa/0x17 [ 337.205539] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 337.205566] ? save_stack+0x43/0xd0 [ 337.205586] ? kasan_kmalloc+0xc7/0xe0 [ 337.218362] ? __kmalloc_track_caller+0x157/0x760 [ 337.218380] ? memdup_user+0x2c/0xa0 [ 337.218408] ? do_syscall_64+0x1b9/0x820 [ 337.218425] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.218442] ? proc_fail_nth_write+0x9e/0x210 [ 337.218457] ? proc_cwd_link+0x1d0/0x1d0 [ 337.218479] ? find_held_lock+0x36/0x1c0 [ 337.230978] ? xen_swiotlb_map_page+0x388/0xcc0 [ 337.231009] ? perf_trace_sched_process_exec+0x860/0x860 [ 337.248973] ? lock_release+0xa10/0xa10 [ 337.248991] ? perf_trace_sched_process_exec+0x860/0x860 [ 337.249014] __should_failslab+0x124/0x180 [ 337.249046] should_failslab+0x9/0x14 [ 337.249063] __kmalloc_track_caller+0x2d1/0x760 [ 337.249083] ? strncpy_from_user+0x5a0/0x5a0 [ 337.249105] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.267242] ? strndup_user+0x77/0xd0 [ 337.267264] memdup_user+0x2c/0xa0 [ 337.267283] strndup_user+0x77/0xd0 [ 337.267303] ksys_mount+0x73/0x140 [ 337.267323] __x64_sys_mount+0xbe/0x150 [ 337.267343] do_syscall_64+0x1b9/0x820 22:09:32 executing program 0 (fault-call:1 fault-nth:77): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:32 executing program 4: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 337.267357] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 337.267371] ? syscall_return_slowpath+0x5e0/0x5e0 [ 337.267382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.267405] ? trace_hardirqs_on_caller+0x310/0x310 [ 337.267419] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 337.267433] ? prepare_exit_to_usermode+0x291/0x3b0 [ 337.267449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.267467] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.267477] RIP: 0033:0x457569 [ 337.267491] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.267498] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 337.267510] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 337.267517] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 337.267526] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 337.267535] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 22:09:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xffffffff00000000, &(0x7f0000000100)) [ 337.267543] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f000000, &(0x7f0000000100)) 22:09:32 executing program 2 (fault-call:2 fault-nth:2): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:32 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000980)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000900)='./file0\x00', &(0x7f0000000940)='nfsd\x00', 0x0, &(0x7f0000000100)) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000540)='/dev/snd/midiC#D#\x00', 0x87d, 0x0) r2 = syz_open_dev$sndctrl(&(0x7f0000000580)='/dev/snd/controlC#\x00', 0x0, 0x0) r3 = epoll_create(0x67e) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = accept$packet(0xffffffffffffff9c, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000640)=0x14) r7 = socket$can_raw(0x1d, 0x3, 0x1) r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000680)='/dev/audio\x00', 0x0, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x501000, 0x0) ioctl$VIDIOC_EXPBUF(0xffffffffffffff9c, 0xc0405610, &(0x7f00000006c0)={0x4, 0x618, 0x8, 0x84000, 0xffffffffffffff9c}) r10 = gettid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000700)={0x0, 0x0}, &(0x7f0000000740)=0xc) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000780)={0x0, 0x0, 0x0}, &(0x7f00000007c0)=0xc) sendmsg$unix(r0, &(0x7f0000000880)={0xffffffffffffffff, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000100)="8151040dd208560eb3186db9606c79b40b96da24f0678f20da7bee1f5ad0604db817f82524d3668b888ed46624fd38259cf60c101070e4b38f270d4a814669ab4424dde975d27d2861ee2bad4944da8bd0d679005ced32eaa551068452faf588b1009cfee3694b34836fe4e0dfc8848b6359d0eced89579ac1dfa7a2ba447fa664c2a08f899e5e42f7787e68e4a1c8ed02a7ec19c2cf4ea6ad9ecf24fc1cc0660d0be0ac2454a3e147a4b4d09e1779f5237ab7e913f1096deb67daad6d9033fd8efafb22599c984b7d275e572d445ad5fc34be8f307eaa043024d35c15f81b954cfb2d576fcf905f900a0dbc9f", 0xed}, {&(0x7f0000000200)="7c30fc52a6b7845d739700104e925ab17d9279b2b8625446eeb21f687e8034f0ad7db911ecdb623ded8ddb53a81fb8fefc929dd2222db22fe2424f9993b225c5e7e89b7c634190fc340ff52db7cf1e21ebf883645036f146e57ee452696b8f0b42d6fde5dc9ce54779e7f063b276244df80c21b40bf02ed386a2e23142a1f597458a40adbdd2fcc93f04730d61d2fe1ffe04603c8f0858cfba90a2504205", 0x9e}, {&(0x7f00000002c0)="383140f739f0129d118548b3a6432f27f07ae89ad95901b263bf9a7d139f0f69c9161d0e33f9fe623e357b", 0x2b}, {&(0x7f0000000300)="e7cfd671eeb8e4e856efd06272b96b8df1b133c8f8890932ee8a7cb50ef787f7f1bad093612c1d84cd49ea9b4fa02f83f7997a4e2773947ff053238feba90b330c83fda7b0830165fe87bcb6086338523382d774a6fa4623075de8578a399a9258c7080ce94b87895409828a7d25871668d3af67b597836633428d4b0dee0079a11aa04e635438e3d82cdf89147d665e5700de3ded0a84259ca717b9dc754259115c47e4d0ee32ab9960e7a051d02b2b2fe3d231111b9b10094f75c13c01a2efadae3eb06580235e8557146b970b9af89b150a1471ad73bbe8f6c8db2397", 0xde}, {&(0x7f0000000400)="280922a71275615100c8bece8c8e321405a1f0d6d6cdc4ff53b9e81195729b501006c7f9865a677c6d461f1544f2544141a0c35f77107ea93596731db73912f2b352c35197e74b2a6608e599afbf74fa98a6e95531", 0x55}, {&(0x7f0000000480)="6c190e976c619590027a26737c1775c69508f32d02220057873ae6baa18d6f5065616924989735e12d7ef9ce439392a02e", 0x31}], 0x6, &(0x7f0000000800)=ANY=[@ANYBLOB="38010000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r12, @ANYBLOB='\x00\x00\x00\x00'], 0x58, 0x4000000}, 0x20040010) [ 337.545675] FAULT_INJECTION: forcing a failure. [ 337.545675] name failslab, interval 1, probability 0, space 0, times 0 [ 337.581236] CPU: 0 PID: 11185 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 22:09:32 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) connect(r0, &(0x7f0000000100)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80) [ 337.589516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 337.598879] Call Trace: [ 337.601487] dump_stack+0x244/0x39d [ 337.605147] ? dump_stack_print_info.cold.1+0x20/0x20 [ 337.610367] should_fail.cold.4+0xa/0x17 [ 337.614443] ? find_held_lock+0x36/0x1c0 [ 337.618520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 337.623645] ? lock_downgrade+0x900/0x900 [ 337.627806] ? check_preemption_disabled+0x48/0x280 [ 337.632840] ? zap_class+0x640/0x640 [ 337.636575] ? find_held_lock+0x36/0x1c0 [ 337.640654] ? __lock_is_held+0xb5/0x140 22:09:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f00, &(0x7f0000000100)) [ 337.644735] ? perf_trace_sched_process_exec+0x860/0x860 [ 337.650194] ? zap_class+0x640/0x640 [ 337.653918] __should_failslab+0x124/0x180 [ 337.658143] should_failslab+0x9/0x14 [ 337.661932] kmem_cache_alloc+0x2be/0x730 [ 337.666078] ? find_held_lock+0x36/0x1c0 [ 337.670142] __d_alloc+0xc8/0xb90 [ 337.673580] ? d_add+0x5f9/0xa10 [ 337.676969] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 337.681985] ? kasan_check_read+0x11/0x20 [ 337.686125] ? do_raw_spin_unlock+0xa7/0x330 [ 337.690526] ? do_raw_spin_trylock+0x270/0x270 [ 337.695094] ? d_delete+0x220/0x220 [ 337.698713] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 337.703893] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 337.709081] ? _raw_spin_unlock+0x2c/0x50 [ 337.713228] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 337.718764] ? hashlen_string+0x1f2/0x300 [ 337.722911] d_alloc+0x96/0x380 [ 337.726186] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 337.731371] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.736909] ? __d_alloc+0xb90/0xb90 [ 337.740624] d_alloc_name+0xbb/0x120 [ 337.744328] ? current_time+0x10b/0x1b0 [ 337.748316] ? d_alloc+0x380/0x380 [ 337.751848] ? timespec64_trunc+0x180/0x180 [ 337.756181] simple_fill_super+0x463/0x600 [ 337.760445] nfsd_fill_super+0x4f/0x60 [ 337.764336] mount_ns+0x12e/0x1d0 [ 337.767789] nfsd_mount+0xa4/0xd0 [ 337.771235] ? nfsd_mount+0xd0/0xd0 [ 337.774853] ? nfsd_umount+0x80/0x80 [ 337.778560] legacy_get_tree+0x12f/0x260 [ 337.782616] ? security_fs_context_validate+0x80/0xa0 [ 337.787819] vfs_get_tree+0x1cb/0x5c0 [ 337.791617] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 337.796370] do_mount+0x82a/0x1ff0 [ 337.799915] ? copy_mount_string+0x40/0x40 [ 337.804147] ? retint_kernel+0x2d/0x2d [ 337.808039] ? copy_mount_options+0x25c/0x430 [ 337.812530] ? write_comp_data+0x1b/0x70 [ 337.816587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 337.822132] ? copy_mount_options+0x315/0x430 [ 337.826624] ksys_mount+0x12d/0x140 [ 337.830246] __x64_sys_mount+0xbe/0x150 [ 337.834214] do_syscall_64+0x1b9/0x820 [ 337.838092] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 337.843450] ? syscall_return_slowpath+0x5e0/0x5e0 [ 337.848374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.853215] ? trace_hardirqs_on_caller+0x310/0x310 [ 337.858241] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 337.863255] ? prepare_exit_to_usermode+0x291/0x3b0 [ 337.868267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 337.873110] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 337.878293] RIP: 0033:0x457569 22:09:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf9fdffff, &(0x7f0000000100)) [ 337.881477] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 337.900372] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 337.908077] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 337.915338] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 337.922602] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 337.929866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 337.937130] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:33 executing program 0 (fault-call:1 fault-nth:78): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 338.074548] FAULT_INJECTION: forcing a failure. [ 338.074548] name failslab, interval 1, probability 0, space 0, times 0 22:09:33 executing program 4: mount$9p_tcp(&(0x7f0000001340)='127.0.0.1\x00', &(0x7f0000001380)='./file0\x00', &(0x7f00000013c0)='9p\x00', 0x1000000, &(0x7f0000001400)={'trans=tcp,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@aname={'aname', 0x3d, 'dots'}}, {@version_L='version=9p2000.L'}], [{@obj_type={'obj_type', 0x3d, '#self\\vmnet1eth0lo]trustedppp0'}}]}}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0xfff, 0x0, &(0x7f0000001280), 0x1200000, &(0x7f0000002580)) mount(&(0x7f0000001480)=ANY=[@ANYBLOB="5bdd7facb800173ccb64261d0500c20b0d23081bce6b6a9cd901b66efc1534945aa2d4fcd57b66710587da7cf883e65f1eb3aed33cd8d226aa5db6ccb5add0566b9d9cdea35c2414378bcc298568d27f8c17132f3982e542edefb9bab27596fc3e56826594fc53901453a32668648fdb15a7bc3782b08569bf6ac501fe4e5d46e68d329738116776a54ba94c2a5de2df59d3528a5de69c2a7e309176161f608751d9e90620f6395d"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) exit(0x401) [ 338.136403] CPU: 0 PID: 11206 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 [ 338.144691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.154060] Call Trace: [ 338.156680] dump_stack+0x244/0x39d [ 338.160325] ? dump_stack_print_info.cold.1+0x20/0x20 [ 338.165535] should_fail.cold.4+0xa/0x17 [ 338.169624] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 338.174741] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 338.179698] ? kasan_check_read+0x11/0x20 22:09:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x300000000000000, &(0x7f0000000100)) [ 338.183863] ? mark_held_locks+0x130/0x130 [ 338.188125] ? find_held_lock+0x36/0x1c0 [ 338.192203] ? cn_esc_printf+0x3f8/0x500 [ 338.196376] ? perf_trace_sched_process_exec+0x860/0x860 [ 338.201847] ? save_stack+0x43/0xd0 [ 338.205480] ? kasan_kmalloc+0xc7/0xe0 [ 338.208266] FAULT_INJECTION: forcing a failure. [ 338.208266] name failslab, interval 1, probability 0, space 0, times 0 [ 338.209384] __should_failslab+0x124/0x180 [ 338.209414] should_failslab+0x9/0x14 [ 338.209440] kmem_cache_alloc+0x2be/0x730 [ 338.232798] ? find_held_lock+0x36/0x1c0 [ 338.236881] getname_flags+0xd0/0x590 [ 338.240705] user_path_at_empty+0x2d/0x50 [ 338.244871] do_mount+0x180/0x1ff0 [ 338.248432] ? lock_release+0xa10/0xa10 [ 338.252422] ? perf_trace_sched_process_exec+0x860/0x860 [ 338.257896] ? copy_mount_string+0x40/0x40 [ 338.262164] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.267714] ? _copy_from_user+0xdf/0x150 [ 338.271879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.277434] ? copy_mount_options+0x315/0x430 22:09:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000, &(0x7f0000000100)) [ 338.281942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.287500] ksys_mount+0x12d/0x140 [ 338.291145] __x64_sys_mount+0xbe/0x150 [ 338.295143] do_syscall_64+0x1b9/0x820 [ 338.299053] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 338.304438] ? syscall_return_slowpath+0x5e0/0x5e0 [ 338.309379] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.314240] ? trace_hardirqs_on_caller+0x310/0x310 [ 338.319271] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 338.324305] ? prepare_exit_to_usermode+0x291/0x3b0 [ 338.329342] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:09:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa000000, &(0x7f0000000100)) [ 338.334210] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.339411] RIP: 0033:0x457569 [ 338.342611] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 338.361524] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 338.369243] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 338.376520] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 338.383795] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 338.391074] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 [ 338.398351] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 338.405656] CPU: 1 PID: 11216 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 338.413903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.413915] Call Trace: [ 338.425884] dump_stack+0x244/0x39d [ 338.429546] ? dump_stack_print_info.cold.1+0x20/0x20 [ 338.434758] should_fail.cold.4+0xa/0x17 [ 338.438826] ? find_held_lock+0x36/0x1c0 [ 338.438845] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 338.438869] ? lock_downgrade+0x900/0x900 [ 338.438894] ? check_preemption_disabled+0x48/0x280 [ 338.448090] ? zap_class+0x640/0x640 [ 338.448115] ? find_held_lock+0x36/0x1c0 [ 338.448135] ? __lock_is_held+0xb5/0x140 [ 338.469099] ? xfs_btree_init_block_int+0x2e8/0x660 [ 338.474163] ? perf_trace_sched_process_exec+0x860/0x860 [ 338.479654] ? zap_class+0x640/0x640 [ 338.483394] __should_failslab+0x124/0x180 [ 338.487648] should_failslab+0x9/0x14 [ 338.491493] kmem_cache_alloc+0x2be/0x730 [ 338.495659] ? find_held_lock+0x36/0x1c0 [ 338.499747] __d_alloc+0xc8/0xb90 [ 338.503208] ? d_add+0x5f9/0xa10 [ 338.506594] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 338.511632] ? kasan_check_read+0x11/0x20 [ 338.515791] ? do_raw_spin_unlock+0xa7/0x330 [ 338.520212] ? do_raw_spin_trylock+0x270/0x270 [ 338.524814] ? d_delete+0x220/0x220 [ 338.528452] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 338.533657] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 338.538880] ? _raw_spin_unlock+0x2c/0x50 [ 338.543063] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.548620] ? hashlen_string+0x1f2/0x300 [ 338.552789] d_alloc+0x96/0x380 [ 338.556083] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 338.561288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.566843] ? __d_alloc+0xb90/0xb90 [ 338.570583] d_alloc_name+0xbb/0x120 [ 338.574314] ? current_time+0x10b/0x1b0 [ 338.578306] ? d_alloc+0x380/0x380 [ 338.581857] ? timespec64_trunc+0x180/0x180 22:09:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4, &(0x7f0000000100)) 22:09:33 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r0, 0x40206417, &(0x7f0000000100)={0x7e48, 0xfffffffffffffff8, 0x3, 0x89aa, 0x0, 0xd7}) [ 338.586209] simple_fill_super+0x463/0x600 [ 338.590465] nfsd_fill_super+0x4f/0x60 [ 338.594370] mount_ns+0x12e/0x1d0 [ 338.597840] nfsd_mount+0xa4/0xd0 [ 338.601307] ? nfsd_mount+0xd0/0xd0 [ 338.604949] ? nfsd_umount+0x80/0x80 [ 338.608681] legacy_get_tree+0x12f/0x260 [ 338.612751] ? security_fs_context_validate+0x80/0xa0 [ 338.617935] vfs_get_tree+0x1cb/0x5c0 [ 338.621743] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 338.626504] do_mount+0x82a/0x1ff0 [ 338.630039] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 338.635566] ? copy_mount_string+0x40/0x40 [ 338.639795] ? copy_mount_options+0x5f/0x430 [ 338.644192] ? kmem_cache_alloc_trace+0x353/0x750 [ 338.649031] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 338.654562] ? _copy_from_user+0xdf/0x150 [ 338.658699] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.664575] ? copy_mount_options+0x315/0x430 [ 338.669061] ksys_mount+0x12d/0x140 [ 338.672675] __x64_sys_mount+0xbe/0x150 [ 338.676637] do_syscall_64+0x1b9/0x820 [ 338.680566] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 338.685919] ? syscall_return_slowpath+0x5e0/0x5e0 [ 338.690834] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.695724] ? trace_hardirqs_on_caller+0x310/0x310 [ 338.700733] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 338.705740] ? prepare_exit_to_usermode+0x291/0x3b0 [ 338.710748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 338.715586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.720760] RIP: 0033:0x457569 22:09:34 executing program 2 (fault-call:2 fault-nth:3): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x2010000000000000, &(0x7f0000000100)) [ 338.723939] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 338.742832] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 338.750531] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 338.757791] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 338.765052] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 338.772311] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 338.779568] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 22:09:34 executing program 0 (fault-call:1 fault-nth:79): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 338.861595] FAULT_INJECTION: forcing a failure. [ 338.861595] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 338.873455] CPU: 1 PID: 11235 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 [ 338.881695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.891066] Call Trace: [ 338.893681] dump_stack+0x244/0x39d [ 338.897334] ? dump_stack_print_info.cold.1+0x20/0x20 [ 338.902549] ? mark_held_locks+0x130/0x130 [ 338.906810] should_fail.cold.4+0xa/0x17 [ 338.910927] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 338.916065] ? mark_held_locks+0x130/0x130 [ 338.920329] ? mark_held_locks+0x130/0x130 [ 338.924586] ? print_usage_bug+0xc0/0xc0 [ 338.928677] ? find_held_lock+0x36/0x1c0 [ 338.932764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.938316] ? should_fail+0x22d/0xd01 [ 338.942216] ? lock_downgrade+0x900/0x900 [ 338.946376] ? check_preemption_disabled+0x48/0x280 [ 338.951405] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 338.956522] ? rcu_read_unlock_special+0x1c0/0x1c0 22:09:34 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) unlink(&(0x7f0000000040)='./file0\x00') mount(&(0x7f0000000100)=ANY=[@ANYBLOB="142d7fcff937b7ddb228796b0418371ace3bf4f6c26722f279c677f67fcb1c122634530ffa0b9bb35e208b3b728827fca551b9d2eea3b102b3ffa45835a67a1bb1b860d087f1fdd72a8197ab000000000000"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf6ffffff, &(0x7f0000000100)) [ 338.961475] __alloc_pages_nodemask+0x34b/0xdd0 [ 338.966165] ? __alloc_pages_slowpath+0x2e30/0x2e30 [ 338.969272] FAULT_INJECTION: forcing a failure. [ 338.969272] name failslab, interval 1, probability 0, space 0, times 0 [ 338.971202] ? find_held_lock+0x36/0x1c0 [ 338.971250] ? trace_hardirqs_off+0xb8/0x310 [ 338.990913] cache_grow_begin+0xa5/0x8c0 [ 338.994990] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.000550] ? check_preemption_disabled+0x48/0x280 [ 339.005597] kmem_cache_alloc+0x66b/0x730 [ 339.009755] ? find_held_lock+0x36/0x1c0 [ 339.013836] getname_flags+0xd0/0x590 [ 339.017656] user_path_at_empty+0x2d/0x50 [ 339.021821] do_mount+0x180/0x1ff0 [ 339.025380] ? lock_release+0xa10/0xa10 [ 339.029372] ? perf_trace_sched_process_exec+0x860/0x860 [ 339.034841] ? copy_mount_string+0x40/0x40 [ 339.039109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.044664] ? _copy_from_user+0xdf/0x150 [ 339.048832] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.054389] ? copy_mount_options+0x315/0x430 [ 339.058905] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.064465] ksys_mount+0x12d/0x140 [ 339.068113] __x64_sys_mount+0xbe/0x150 [ 339.072106] do_syscall_64+0x1b9/0x820 [ 339.076005] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 339.081390] ? syscall_return_slowpath+0x5e0/0x5e0 [ 339.086335] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.091196] ? trace_hardirqs_on_caller+0x310/0x310 [ 339.096227] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 339.101261] ? prepare_exit_to_usermode+0x291/0x3b0 [ 339.106296] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:09:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xa00, &(0x7f0000000100)) [ 339.111158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.116353] RIP: 0033:0x457569 [ 339.119558] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.138476] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 339.146207] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 339.153489] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 339.160769] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 339.168061] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 [ 339.175342] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 339.182646] CPU: 0 PID: 11243 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 339.190894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 339.190900] Call Trace: [ 339.190925] dump_stack+0x244/0x39d [ 339.190947] ? dump_stack_print_info.cold.1+0x20/0x20 [ 339.190972] should_fail.cold.4+0xa/0x17 [ 339.190988] ? find_held_lock+0x36/0x1c0 [ 339.191008] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 339.215829] ? lock_downgrade+0x900/0x900 [ 339.215846] ? check_preemption_disabled+0x48/0x280 [ 339.215870] ? zap_class+0x640/0x640 [ 339.237931] ? find_held_lock+0x36/0x1c0 [ 339.242012] ? __lock_is_held+0xb5/0x140 [ 339.246103] ? perf_trace_sched_process_exec+0x860/0x860 [ 339.251571] ? zap_class+0x640/0x640 [ 339.255307] __should_failslab+0x124/0x180 [ 339.259562] should_failslab+0x9/0x14 [ 339.263377] kmem_cache_alloc+0x2be/0x730 [ 339.267548] ? find_held_lock+0x36/0x1c0 [ 339.271632] __d_alloc+0xc8/0xb90 [ 339.275096] ? d_add+0x5f9/0xa10 [ 339.278482] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 339.283522] ? kasan_check_read+0x11/0x20 [ 339.287684] ? do_raw_spin_unlock+0xa7/0x330 [ 339.292106] ? do_raw_spin_trylock+0x270/0x270 [ 339.296699] ? d_delete+0x220/0x220 [ 339.296718] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 339.296734] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 339.296757] ? _raw_spin_unlock+0x2c/0x50 [ 339.296773] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.296790] ? hashlen_string+0x1f2/0x300 [ 339.296814] d_alloc+0x96/0x380 [ 339.296829] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 339.296850] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.305660] ? __d_alloc+0xb90/0xb90 [ 339.305688] d_alloc_name+0xbb/0x120 [ 339.305702] ? current_time+0x10b/0x1b0 [ 339.305720] ? d_alloc+0x380/0x380 [ 339.305733] ? timespec64_trunc+0x180/0x180 [ 339.305759] simple_fill_super+0x463/0x600 [ 339.323991] FAT-fs (loop4): bogus number of reserved sectors [ 339.324750] nfsd_fill_super+0x4f/0x60 [ 339.324767] mount_ns+0x12e/0x1d0 [ 339.324787] nfsd_mount+0xa4/0xd0 [ 339.324808] ? nfsd_mount+0xd0/0xd0 [ 339.366470] FAT-fs (loop4): Can't find a valid FAT filesystem [ 339.368136] ? nfsd_umount+0x80/0x80 [ 339.368157] legacy_get_tree+0x12f/0x260 [ 339.368178] ? security_fs_context_validate+0x80/0xa0 [ 339.368199] vfs_get_tree+0x1cb/0x5c0 [ 339.368220] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 339.409963] do_mount+0x82a/0x1ff0 [ 339.413514] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 339.419076] ? copy_mount_string+0x40/0x40 [ 339.423334] ? copy_mount_options+0x5f/0x430 [ 339.427762] ? kmem_cache_alloc_trace+0x353/0x750 [ 339.432619] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 339.438173] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 339.443730] ? copy_mount_options+0x315/0x430 [ 339.448230] ksys_mount+0x12d/0x140 [ 339.451847] __x64_sys_mount+0xbe/0x150 [ 339.455830] do_syscall_64+0x1b9/0x820 [ 339.459705] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 339.465072] ? syscall_return_slowpath+0x5e0/0x5e0 [ 339.470004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.474844] ? trace_hardirqs_on_caller+0x310/0x310 [ 339.479850] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 339.484854] ? prepare_exit_to_usermode+0x291/0x3b0 [ 339.489866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 339.494708] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 339.499883] RIP: 0033:0x457569 [ 339.503074] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 339.522017] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 339.529776] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 339.537047] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 339.544315] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 339.551585] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 339.558848] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 339.568039] EXT4-fs (sda1): re-mounted. Opts: (null) [ 340.007007] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 340.025602] 9pnet: p9_fd_create_tcp (11251): problem connecting socket to 127.0.0.1 [ 340.040444] FAT-fs (loop4): bogus number of reserved sectors [ 340.046523] FAT-fs (loop4): Can't find a valid FAT filesystem 22:09:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x8000, 0x0) getsockopt$inet_mreqsrc(r0, 0x0, 0x2e, &(0x7f0000000140)={@rand_addr, @loopback, @remote}, &(0x7f0000000180)=0xc) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in6, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}}}, &(0x7f0000000380)=0xe8) r2 = getuid() mount$9p_virtio(&(0x7f0000000040)='/dev/rfkill\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='9p\x00', 0x2000c9, &(0x7f00000003c0)={'trans=virtio,', {[{@debug={'debug', 0x3d, 0x8}}, {@version_9p2000='version=9p2000'}], [{@fowner_lt={'fowner<', r1}}, {@uid_gt={'uid>', r2}}, {@hash='hash'}]}}) openat$nullb(0xffffffffffffff9c, &(0x7f0000000200)='/dev/nullb0\x00', 0x101000, 0x0) 22:09:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x4000000000000, &(0x7f0000000100)) 22:09:35 executing program 0 (fault-call:1 fault-nth:80): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:35 executing program 2 (fault-call:2 fault-nth:4): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f0000002600)='./file0\x00', &(0x7f00000002c0)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) mount(&(0x7f0000000040)=@sr0='/dev/sr0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='bpf\x00', 0x20, 0x0) 22:09:35 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = memfd_create(&(0x7f0000000040)='\x00', 0x4) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000180)={0xa1, 0x6, 0x51, 0x8}, 0x6) connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) mount(&(0x7f0000000200)=ANY=[@ANYBLOB="666f58027b412f0200014494920a0b3019635ffb177be9b36f36dfccbec8a86f860240eda6d0a57b03cf0400000000000000f62115e7d1f1ba38641a9ede325d862153db4cf22c139729d4ff8366c4055a71e8751196ce5fe303325c061764da747a7a23240315fe54bd66"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:35 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000180)={0xffffffffffffffff}) accept4(r0, &(0x7f00000001c0)=@can, &(0x7f0000000240)=0x80, 0x800) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) r1 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x1c) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000140)) [ 340.158955] FAULT_INJECTION: forcing a failure. [ 340.158955] name failslab, interval 1, probability 0, space 0, times 0 [ 340.171540] CPU: 0 PID: 11277 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 [ 340.172793] FAULT_INJECTION: forcing a failure. [ 340.172793] name failslab, interval 1, probability 0, space 0, times 0 [ 340.179790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.179798] Call Trace: [ 340.179826] dump_stack+0x244/0x39d [ 340.179852] ? dump_stack_print_info.cold.1+0x20/0x20 [ 340.179868] ? filename_lookup+0x39a/0x520 [ 340.179884] ? user_path_at_empty+0x40/0x50 [ 340.179924] ? do_mount+0x180/0x1ff0 [ 340.193109] 9pnet_virtio: no channels available for device /dev/rfkill [ 340.200464] ? ksys_mount+0x12d/0x140 [ 340.200483] ? do_syscall_64+0x1b9/0x820 [ 340.200502] should_fail.cold.4+0xa/0x17 [ 340.200520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 340.200535] ? mntput+0x74/0xa0 [ 340.200559] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.256615] ? check_preemption_disabled+0x48/0x280 [ 340.261659] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 340.266666] 9pnet_virtio: no channels available for device /dev/rfkill [ 340.267219] ? find_held_lock+0x36/0x1c0 [ 340.267251] ? ovl_is_metacopy_dentry+0x28/0x330 [ 340.282741] ? filename_lookup+0x39f/0x520 [ 340.286989] ? perf_trace_sched_process_exec+0x860/0x860 [ 340.292469] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 340.298039] __should_failslab+0x124/0x180 [ 340.302288] should_failslab+0x9/0x14 [ 340.306094] kmem_cache_alloc_trace+0x2d7/0x750 [ 340.306116] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.306138] vfs_new_fs_context+0x5e/0x77c [ 340.306153] ? ns_capable_common+0x13f/0x170 [ 340.306176] do_mount+0xbfc/0x1ff0 [ 340.306197] ? lock_release+0xa10/0xa10 [ 340.332543] ? copy_mount_string+0x40/0x40 [ 340.336812] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.342365] ? _copy_from_user+0xdf/0x150 [ 340.346531] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.352075] ? copy_mount_options+0x315/0x430 22:09:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0xf0ffffff00000000, &(0x7f0000000100)) 22:09:35 executing program 3: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x8080, 0x0) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000100)={{0x6f, @multicast1, 0x4e23, 0x0, 'rr\x00', 0x1c, 0x0, 0x78}, {@broadcast, 0x4e20, 0x3, 0x200, 0x1000, 0x9}}, 0x44) perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={0x0, r0, 0x5, 0x1}, 0x14) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f00000002c0)={0x38f, 0x5, 0x9, 0x5}, 0x6) mount(&(0x7f0000000180)=ANY=[@ANYBLOB="e0558b9f39d616c41ebb3fd7c0db51e1735859c7d411de4a653a9ce30b53f49b8c1bdefd4a2a399e9e5c67940bf610bb0d03b5e976aedf999c1188c7f329776097ad8681a291ab40e458154e120f83c1a74d51ecde9bd8e77e35f9ed0e1b43b27dd05b1367d465f06d3786f930dbee94b132cda6874b119c10104ba226e915a124f9eba2fa156d10f40d9c76a74b81502a0485542d14647d9af90b12c037664d68a20ef228a75e4ecb61d54155689d366e132587156dcd23f61e564a7ddd40efdd7c802a5c1392c1782469c736d666f80db19d6a59389452b89a31288f892bdbfaff47c60d888a4d6e3dbc48334d7a62d02e35b19931b364387871649a4ef3e6a2ac4789f8b5d47ce41d1fcd23efee669d82586a94667aa9eb391608ce0d556b85"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 340.356586] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.362144] ksys_mount+0x12d/0x140 [ 340.365784] __x64_sys_mount+0xbe/0x150 [ 340.369776] do_syscall_64+0x1b9/0x820 [ 340.373680] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 340.379072] ? syscall_return_slowpath+0x5e0/0x5e0 [ 340.384017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.388885] ? trace_hardirqs_on_caller+0x310/0x310 [ 340.393910] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 340.398939] ? prepare_exit_to_usermode+0x291/0x3b0 [ 340.404010] ? trace_hardirqs_off_thunk+0x1a/0x1c 22:09:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x3f000000, &(0x7f0000000100)) [ 340.408882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.414083] RIP: 0033:0x457569 [ 340.417289] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.436206] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 340.443930] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 340.451208] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 22:09:35 executing program 5: mkdir(&(0x7f0000000040)='./file0\x00', 0x2) mkdir(&(0x7f0000000000)='./file0\x00', 0x400000000) r0 = accept4$unix(0xffffffffffffff9c, &(0x7f00000001c0)=@abs, &(0x7f0000000240)=0x6e, 0x80000) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x10, r0, 0x0) r1 = dup(r0) getsockopt$bt_sco_SCO_OPTIONS(r1, 0x11, 0x1, &(0x7f0000000280)=""/162, &(0x7f0000000340)=0xa2) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="c623b9d70016fa7e62d41d65474c8da430ecdafab1fabadd277207f43ddaea6551f28ad02f7d3d49fe465c810521121e900ef2821e24dfc8544b224b70f058a1af1d3319f594e58b5ca3183c38d9470f6a22a0e825027c7af780c01ed14974183e1d1d2feeb3ac99e0658a3a310425a591e1cbad3f0efc3e17f619ef5dd833670465d03b7d7b4acdeb44dc381aad2d64"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 340.458486] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 340.465769] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 [ 340.473059] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 340.500411] kasan: CONFIG_KASAN_INLINE enabled [ 340.514539] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 340.535284] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 340.541565] CPU: 0 PID: 11277 Comm: syz-executor2 Not tainted 4.19.0-next-20181029+ #100 [ 340.549798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.556588] CPU: 1 PID: 11282 Comm: syz-executor0 Not tainted 4.19.0-next-20181029+ #100 [ 340.559174] RIP: 0010:put_fs_context+0x31/0x5a0 [ 340.567390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 340.572146] Code: 56 41 55 41 54 53 48 89 fb 4c 8d ab 98 00 00 00 48 83 ec 18 e8 10 25 9f ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 03 05 00 00 4c 8b a3 98 00 00 00 4d 85 e4 74 66 [ 340.581485] Call Trace: [ 340.600395] RSP: 0018:ffff880180dbfbd8 EFLAGS: 00010207 [ 340.602979] dump_stack+0x244/0x39d [ 340.608322] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffc90006589000 [ 340.611945] ? dump_stack_print_info.cold.1+0x20/0x20 [ 340.619196] RDX: 0000000000000011 RSI: ffffffff81e04360 RDI: fffffffffffffff4 [ 340.624385] should_fail.cold.4+0xa/0x17 [ 340.631643] RBP: ffff880180dbfc18 R08: ffff8801829023c0 R09: ffffed003b5c5b67 [ 340.635698] ? find_held_lock+0x36/0x1c0 [ 340.642949] R10: ffffed003b5c5b67 R11: ffff8801dae2db3b R12: ffff8801ba968a30 [ 340.647005] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 340.654737] R13: 000000000000008c R14: ffff8801c926e4c0 R15: 0000000000000000 [ 340.659842] ? lock_downgrade+0x900/0x900 [ 340.667103] FS: 00007fee5b2b2700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 340.671246] ? check_preemption_disabled+0x48/0x280 [ 340.679556] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 340.684574] ? zap_class+0x640/0x640 [ 340.690438] CR2: 00007ffc670afc8c CR3: 00000001c247e000 CR4: 00000000001406f0 [ 340.694149] ? find_held_lock+0x36/0x1c0 [ 340.701399] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 340.705453] ? __lock_is_held+0xb5/0x140 [ 340.712699] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 340.716760] ? perf_trace_sched_process_exec+0x860/0x860 [ 340.724002] Call Trace: [ 340.729457] ? zap_class+0x640/0x640 [ 340.732032] ? ns_capable_common+0x13f/0x170 [ 340.735732] __should_failslab+0x124/0x180 [ 340.740147] do_mount+0xda4/0x1ff0 [ 340.744386] should_failslab+0x9/0x14 [ 340.747924] ? lock_release+0xa10/0xa10 [ 340.751708] kmem_cache_alloc+0x2be/0x730 [ 340.755667] ? copy_mount_string+0x40/0x40 [ 340.759797] ? find_held_lock+0x36/0x1c0 [ 340.764022] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.768074] __d_alloc+0xc8/0xb90 [ 340.773609] ? _copy_from_user+0xdf/0x150 [ 340.777053] ? d_add+0x5f9/0xa10 [ 340.781186] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.784540] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 340.790073] ? copy_mount_options+0x315/0x430 [ 340.795072] ? kasan_check_read+0x11/0x20 [ 340.799553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.803685] ? do_raw_spin_unlock+0xa7/0x330 [ 340.809211] ksys_mount+0x12d/0x140 [ 340.813602] ? do_raw_spin_trylock+0x270/0x270 [ 340.817215] __x64_sys_mount+0xbe/0x150 [ 340.821781] ? d_delete+0x220/0x220 [ 340.825763] do_syscall_64+0x1b9/0x820 [ 340.829373] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 340.833243] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 340.838422] ? ktime_get_coarse_real_ts64+0x273/0x370 [ 340.843772] ? syscall_return_slowpath+0x5e0/0x5e0 [ 340.848948] ? _raw_spin_unlock+0x2c/0x50 [ 340.853866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.857997] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 340.862823] ? trace_hardirqs_on_caller+0x310/0x310 [ 340.868346] ? hashlen_string+0x1f2/0x300 [ 340.873349] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 340.877481] d_alloc+0x96/0x380 [ 340.882492] ? prepare_exit_to_usermode+0x291/0x3b0 [ 340.885757] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 340.890758] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 340.895935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 340.900767] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 340.906291] ? __d_alloc+0xb90/0xb90 [ 340.911462] RIP: 0033:0x457569 [ 340.915929] d_alloc_name+0xbb/0x120 [ 340.919097] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 340.922796] ? current_time+0x10b/0x1b0 [ 340.941693] RSP: 002b:00007fee5b2b1c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 340.945668] ? d_alloc+0x380/0x380 [ 340.953351] RAX: ffffffffffffffda RBX: 00007fee5b2b1c90 RCX: 0000000000457569 [ 340.956883] ? timespec64_trunc+0x180/0x180 [ 340.964135] RDX: 0000000020000180 RSI: 0000000020000080 RDI: 0000000020000040 [ 340.968453] simple_fill_super+0x463/0x600 [ 340.975701] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 340.979939] nfsd_fill_super+0x4f/0x60 [ 340.987192] R10: 0000000000000020 R11: 0000000000000246 R12: 00007fee5b2b26d4 [ 340.991075] mount_ns+0x12e/0x1d0 [ 340.998326] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 341.001774] nfsd_mount+0xa4/0xd0 [ 341.009035] Modules linked in: [ 341.012489] ? nfsd_mount+0xd0/0xd0 [ 341.016364] kobject: 'loop3' (0000000081f57c9c): kobject_uevent_env [ 341.019272] ? nfsd_umount+0x80/0x80 [ 341.025688] kobject: 'loop3' (0000000081f57c9c): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 341.029366] legacy_get_tree+0x12f/0x260 [ 341.029383] ? security_fs_context_validate+0x80/0xa0 [ 341.029401] vfs_get_tree+0x1cb/0x5c0 [ 341.029420] ? legacy_fs_context_dup+0x1d0/0x1d0 [ 341.056643] do_mount+0x82a/0x1ff0 [ 341.060201] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 341.065758] ? copy_mount_string+0x40/0x40 [ 341.065982] kobject: 'loop5' (00000000a0e41d37): kobject_uevent_env [ 341.070004] ? copy_mount_options+0x5f/0x430 [ 341.070021] ? kmem_cache_alloc_trace+0x353/0x750 [ 341.070050] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 341.070070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.086590] kobject: 'loop5' (00000000a0e41d37): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 341.091269] ? copy_mount_options+0x315/0x430 [ 341.091289] ksys_mount+0x12d/0x140 [ 341.091307] __x64_sys_mount+0xbe/0x150 [ 341.091328] do_syscall_64+0x1b9/0x820 [ 341.122230] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 341.127620] ? syscall_return_slowpath+0x5e0/0x5e0 [ 341.132574] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.137430] ? trace_hardirqs_on_caller+0x310/0x310 [ 341.142462] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 341.147486] ? prepare_exit_to_usermode+0x291/0x3b0 22:09:36 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x10) r0 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0xfff, 0x220000) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000140), 0x4) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000100)={0xa, {0x6, 0xfc2, 0x7f, 0x3f, 0x5, 0x4}}) mount(&(0x7f0000000200)=ANY=[@ANYBLOB="88ed9f8253f5ced475497c3320db0483b17488efac06464da96be77ee1d57aa0ae9e8c9032bcfec61a5666d1c16d7ae739644856d6b29d045e87c11588ab0d5c69d7a92b2117f5d67fac7bd5db"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 341.152513] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 341.157408] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.161596] ---[ end trace 8e7b884adcd1ec3e ]--- [ 341.162597] RIP: 0033:0x457569 [ 341.162615] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 341.162622] RSP: 002b:00007f7bc7b95c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 22:09:36 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 341.162641] RAX: ffffffffffffffda RBX: 00007f7bc7b95c90 RCX: 0000000000457569 [ 341.167551] RIP: 0010:put_fs_context+0x31/0x5a0 [ 341.170583] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000020000040 [ 341.170591] RBP: 000000000072bf00 R08: 0000000020000100 R09: 0000000000000000 [ 341.170600] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7bc7b966d4 [ 341.170609] R13: 00000000004c2af2 R14: 00000000004d4148 R15: 0000000000000003 [ 341.212488] kobject: 'loop0' (0000000039a53548): kobject_uevent_env 22:09:36 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000400)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, &(0x7f0000000340)}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620c, &(0x7f0000000040)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) 22:09:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x6002000000000000, &(0x7f0000000100)) 22:09:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x3fa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x2000, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000100)={0x0, 0x4c334b8b, 0x7fffffff, 0x200}) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="c727b5b6a70e3ba451a58e9b1832bfbb19c31a403460e4be"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='nfsd\x00', 0x0, &(0x7f0000000100)) [ 341.220104] Code: 56 41 55 41 54 53 48 89 fb 4c 8d ab 98 00 00 00 48 83 ec 18 e8 10 25 9f ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 03 05 00 00 4c 8b a3 98 00 00 00 4d 85 e4 74 66 [ 341.231347] kobject: 'loop0' (0000000039a53548): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 341.274011] RSP: 0018:ffff880180dbfbd8 EFLAGS: 00010207 [ 341.293383] kobject: 'loop4' (00000000148e2204): kobject_uevent_env [ 341.296544] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffc90006589000 [ 341.306777] kobject: 'loop4' (00000000148e2204): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 341.323761] RDX: 0000000000000011 RSI: ffffffff81e04360 RDI: fffffffffffffff4 [ 341.342342] RBP: ffff880180dbfc18 R08: ffff8801829023c0 R09: ffffed003b5c5b67 [ 341.348671] kobject: 'loop5' (00000000a0e41d37): kobject_uevent_env [ 341.363154] kobject: 'loop5' (00000000a0e41d37): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 341.377300] binder: BINDER_SET_CONTEXT_MGR already set [ 341.383135] kobject: 'loop1' (0000000025c74455): kobject_uevent_env [ 341.389812] R10: ffffed003b5c5b67 R11: ffff8801dae2db3b R12: ffff8801ba968a30 [ 341.397366] kobject: 'loop1' (0000000025c74455): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 341.397610] binder: 11316:11319 ioctl 40046207 0 returned -16 [ 341.407168] R13: 000000000000008c R14: ffff8801c926e4c0 R15: 0000000000000000 [ 341.425702] kobject: 'loop3' (0000000081f57c9c): kobject_uevent_env [ 341.433090] FS: 00007fee5b2b2700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 341.450992] kobject: 'loop3' (0000000081f57c9c): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 341.460733] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 341.467676] CR2: 00007fa748285518 CR3: 00000001c247e000 CR4: 00000000001406f0 [ 341.470324] kobject: 'loop0' (0000000039a53548): kobject_uevent_env [ 341.475054] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 341.482078] kobject: 'loop0' (0000000039a53548): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 341.488830] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 341.499054] kobject: 'loop4' (00000000148e2204): kobject_uevent_env [ 341.505586] Kernel panic - not syncing: Fatal exception [ 341.514213] kobject: 'loop4' (00000000148e2204): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 341.518259] Kernel Offset: disabled [ 341.531303] Rebooting in 86400 seconds..