400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:07 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xfffffffffffff000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 498.342726] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 498.350006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 498.357283] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000b [ 498.364580] CPU: 0 PID: 26151 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 498.371614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 498.380979] Call Trace: [ 498.383581] dump_stack+0x1c9/0x2b4 [ 498.387241] ? dump_stack_print_info.cold.2+0x52/0x52 02:39:07 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x5, 0xffffffffffffffff, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0xc0000, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) clock_nanosleep(0x5, 0x1, &(0x7f0000000480)={r2, r3+10000000}, &(0x7f0000000500)) getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000300)={@multicast2, @dev}, &(0x7f0000000340)=0xc) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x80100) write$P9_RVERSION(r4, &(0x7f0000000380)=ANY=[@ANYBLOB="0f000000004b3950323030302e4c000000000000000025549b9e6b68f30b1432c2ee43406a8bf1f92cb0abec8d19734fe4c2ec23b32fdc5f6f660d829cd12d9783e19a90b89ac80d147e841799c4ce2ae944d179c50afa386724edc8a2507ed620b498679b2c13718c6d9ca5720069a40d40e3576544d21b386c4d148588fe8e86b4ca5d5e521110a528fbff30297555721169833783e7bad23e7b551bf3e405205dc99fe008cc355ba74d90ded997b80ccca6b4ee4498cdc86802761042a95534964a7331d2d6861c1fa50b314b3589f2ff6908db4d7c36ec1475f6bcb2998583fa49a49f90d1bc09ec14c4c60e8cb6f999898548f99d5444"], 0x15) read(r0, &(0x7f0000000100)=""/200, 0xc8) r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r5, &(0x7f0000000040), 0x0) [ 498.392446] ? __kernel_text_address+0xd/0x40 [ 498.396958] ? unwind_get_return_address+0x61/0xa0 [ 498.401912] should_fail.cold.4+0xa/0x11 [ 498.405995] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 498.411122] ? save_stack+0x43/0xd0 [ 498.414761] ? kasan_kmalloc+0xc4/0xe0 [ 498.418662] ? __kmalloc_track_caller+0x14a/0x720 [ 498.423510] ? kstrdup+0x39/0x70 [ 498.426886] ? v9fs_session_init+0xdd/0x1a80 [ 498.431301] ? v9fs_mount+0x7c/0x900 [ 498.435025] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 498.439791] ? do_mount+0x581/0x30e0 02:39:07 executing program 4 (fault-call:6 fault-nth:12): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 498.443516] ? ksys_mount+0x12d/0x140 [ 498.447325] ? __x64_sys_mount+0xbe/0x150 [ 498.451485] ? do_syscall_64+0x1b9/0x820 [ 498.455560] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.460940] ? find_held_lock+0x36/0x1c0 [ 498.465030] ? check_same_owner+0x340/0x340 [ 498.469368] ? trace_hardirqs_on+0xbd/0x2c0 [ 498.473708] ? rcu_note_context_switch+0x680/0x680 [ 498.478660] __should_failslab+0x124/0x180 [ 498.482910] should_failslab+0x9/0x14 [ 498.486720] __kmalloc_track_caller+0x2ae/0x720 [ 498.491403] ? save_stack+0xa9/0xd0 02:39:07 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400, 0x0) mmap$xdp(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x200000f, 0x52, r0, 0x80000000) write$P9_RSTATFS(r0, &(0x7f0000000400)={0x43, 0x9, 0x2, {0x563, 0x9, 0x13, 0x6, 0x7, 0x3, 0xa28, 0x1000, 0x5}}, 0x43) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f00000003c0)=[{&(0x7f00000000c0)=""/253, 0xfd}, {&(0x7f0000000300)=""/180, 0x1ed}, {&(0x7f00000001c0)=""/15, 0x23d}], 0x10000000000001ad) ioctl$UI_END_FF_UPLOAD(r0, 0x406855c9, &(0x7f0000000040)={0x1, 0x6, {0x54, 0x8, 0x800, {0x3, 0x4d}, {0x64b562e6, 0xffffffff}, @cond=[{0x6, 0x2, 0x3, 0x7, 0x7, 0x9}, {0x100000000, 0xb2, 0x9, 0x10e2, 0x7fff, 0xfffffffffffff7b1}]}, {0x57, 0x9, 0x7, {0x9, 0x1f8}, {0x1, 0x3}, @rumble={0x0, 0xff}}}) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x9b, 0x4) [ 498.495038] ? save_stack+0x43/0xd0 [ 498.498672] ? kasan_kmalloc+0xc4/0xe0 [ 498.502574] ? kmem_cache_alloc_trace+0x152/0x730 [ 498.507433] ? v9fs_session_init+0x115/0x1a80 [ 498.511942] kstrdup+0x39/0x70 [ 498.515152] v9fs_session_init+0x115/0x1a80 [ 498.519496] ? find_held_lock+0x36/0x1c0 [ 498.523585] ? v9fs_show_options+0x7e0/0x7e0 [ 498.528007] ? kmem_cache_alloc_trace+0x275/0x730 [ 498.532868] ? kasan_check_read+0x11/0x20 [ 498.537029] ? rcu_is_watching+0x8c/0x150 [ 498.541187] ? trace_hardirqs_on+0xbd/0x2c0 [ 498.545543] ? rcu_pm_notify+0xc0/0xc0 [ 498.549454] ? v9fs_mount+0x61/0x900 [ 498.553182] ? rcu_read_lock_sched_held+0x108/0x120 [ 498.554898] FAULT_INJECTION: forcing a failure. [ 498.554898] name failslab, interval 1, probability 0, space 0, times 0 [ 498.558242] ? kmem_cache_alloc_trace+0x324/0x730 [ 498.558267] v9fs_mount+0x7c/0x900 [ 498.558284] ? alloc_pages_current+0x114/0x210 [ 498.558305] mount_fs+0xae/0x328 [ 498.558327] vfs_kern_mount.part.33+0xdc/0x4e0 [ 498.558349] ? may_umount+0xb0/0xb0 [ 498.558366] ? _raw_read_unlock+0x22/0x30 [ 498.558393] ? __get_fs_type+0x97/0xc0 [ 498.602557] do_mount+0x581/0x30e0 [ 498.606107] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 498.611570] ? copy_mount_string+0x40/0x40 [ 498.615817] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 498.620589] ? retint_kernel+0x10/0x10 [ 498.624489] ? copy_mount_options+0x213/0x380 [ 498.628990] ? copy_mount_options+0x213/0x380 [ 498.634119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 498.639661] ? copy_mount_options+0x285/0x380 [ 498.644168] ksys_mount+0x12d/0x140 [ 498.647814] __x64_sys_mount+0xbe/0x150 [ 498.651800] do_syscall_64+0x1b9/0x820 [ 498.655696] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 498.661472] ? syscall_return_slowpath+0x5e0/0x5e0 [ 498.666406] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 498.671427] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 498.676451] ? recalc_sigpending_tsk+0x180/0x180 [ 498.681232] ? kasan_check_write+0x14/0x20 [ 498.685490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 498.690349] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.695541] RIP: 0033:0x457089 [ 498.698745] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 498.717659] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 498.725382] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 498.732655] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 498.739927] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 498.747230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 498.754505] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000008 [ 498.761797] CPU: 1 PID: 26164 Comm: syz-executor4 Not tainted 4.18.0+ #206 [ 498.768836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 498.778214] Call Trace: [ 498.780812] dump_stack+0x1c9/0x2b4 [ 498.784443] ? dump_stack_print_info.cold.2+0x52/0x52 [ 498.789637] ? __kernel_text_address+0xd/0x40 [ 498.794137] ? unwind_get_return_address+0x61/0xa0 [ 498.799073] should_fail.cold.4+0xa/0x11 [ 498.803139] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 498.808270] ? save_stack+0x43/0xd0 [ 498.811907] ? kasan_kmalloc+0xc4/0xe0 [ 498.815792] ? __kmalloc_track_caller+0x14a/0x720 [ 498.820633] ? kstrdup+0x39/0x70 [ 498.824011] ? p9_client_create+0x49b/0x159b [ 498.828425] ? v9fs_session_init+0x21a/0x1a80 [ 498.832923] ? mount_fs+0xae/0x328 [ 498.836459] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 498.841220] ? do_mount+0x581/0x30e0 [ 498.844932] ? ksys_mount+0x12d/0x140 [ 498.848738] ? __x64_sys_mount+0xbe/0x150 [ 498.852888] ? do_syscall_64+0x1b9/0x820 [ 498.856952] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.862360] ? find_held_lock+0x36/0x1c0 [ 498.866448] ? check_same_owner+0x340/0x340 [ 498.870772] ? trace_hardirqs_on+0xbd/0x2c0 [ 498.875096] ? rcu_note_context_switch+0x680/0x680 [ 498.880048] __should_failslab+0x124/0x180 [ 498.884295] should_failslab+0x9/0x14 [ 498.888089] __kmalloc+0x2b2/0x720 [ 498.891632] ? match_wildcard+0x3c0/0x3c0 [ 498.895793] ? match_strdup+0x5e/0xa0 [ 498.899607] match_strdup+0x5e/0xa0 [ 498.903239] p9_client_create+0x6f9/0x159b [ 498.907571] ? p9_client_read+0xbf0/0xbf0 [ 498.911735] ? __kmalloc_track_caller+0x26e/0x720 [ 498.916579] ? __lockdep_init_map+0x105/0x590 [ 498.921078] ? lockdep_init_map+0x9/0x10 [ 498.925139] ? kasan_check_write+0x14/0x20 [ 498.929376] ? __init_rwsem+0x1cc/0x2a0 [ 498.933351] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 498.938374] ? rcu_read_lock_sched_held+0x108/0x120 [ 498.943392] ? __kmalloc_track_caller+0x590/0x720 [ 498.948233] ? save_stack+0xa9/0xd0 [ 498.951864] ? save_stack+0x43/0xd0 [ 498.955492] ? kasan_kmalloc+0xc4/0xe0 [ 498.959376] ? kmem_cache_alloc_trace+0x152/0x730 [ 498.964228] ? memcpy+0x45/0x50 [ 498.967514] v9fs_session_init+0x21a/0x1a80 [ 498.971853] ? find_held_lock+0x36/0x1c0 [ 498.975925] ? v9fs_show_options+0x7e0/0x7e0 [ 498.980335] ? kmem_cache_alloc_trace+0x275/0x730 [ 498.985178] ? kasan_check_read+0x11/0x20 [ 498.989336] ? rcu_is_watching+0x8c/0x150 [ 498.993482] ? trace_hardirqs_on+0xbd/0x2c0 [ 498.997805] ? rcu_pm_notify+0xc0/0xc0 [ 499.001701] ? v9fs_mount+0x61/0x900 [ 499.005425] ? rcu_read_lock_sched_held+0x108/0x120 [ 499.010441] ? kmem_cache_alloc_trace+0x324/0x730 [ 499.015296] v9fs_mount+0x7c/0x900 [ 499.018838] ? alloc_pages_current+0x114/0x210 [ 499.023430] mount_fs+0xae/0x328 [ 499.026801] vfs_kern_mount.part.33+0xdc/0x4e0 [ 499.031395] ? may_umount+0xb0/0xb0 [ 499.035027] ? _raw_read_unlock+0x22/0x30 [ 499.039180] ? __get_fs_type+0x97/0xc0 [ 499.043080] do_mount+0x581/0x30e0 [ 499.046627] ? kmem_cache_alloc_trace+0x275/0x730 [ 499.051474] ? copy_mount_string+0x40/0x40 [ 499.055716] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 499.060491] ? retint_kernel+0x10/0x10 [ 499.064394] ? __sanitizer_cov_trace_const_cmp4+0x5/0x20 [ 499.069852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.075394] ? copy_mount_options+0x285/0x380 [ 499.079896] ksys_mount+0x12d/0x140 [ 499.083525] __x64_sys_mount+0xbe/0x150 [ 499.087505] ? do_syscall_64+0xca/0x820 [ 499.091479] do_syscall_64+0x1b9/0x820 [ 499.095372] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 499.100745] ? syscall_return_slowpath+0x5e0/0x5e0 [ 499.105681] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 499.110699] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 499.115738] ? recalc_sigpending_tsk+0x180/0x180 [ 499.120495] ? kasan_check_write+0x14/0x20 [ 499.124743] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 499.129594] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 499.134796] RIP: 0033:0x457089 [ 499.137990] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 499.156894] RSP: 002b:00007f7dfa69cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 499.164601] RAX: ffffffffffffffda RBX: 00007f7dfa69d6d4 RCX: 0000000000457089 [ 499.171881] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 499.179145] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 499.186411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 499.193680] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000c 02:39:08 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x200000004, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000040)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/190, 0xfffffffffffffe51}], 0x100000000000023f) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000240)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000300)={{0x6, 0x7, 0x3, 0x80e2, 'syz0\x00', 0x319c}, 0x6, 0x31, 0xff, r1, 0x2, 0x31, 'syz0\x00', &(0x7f0000000280)=['&]W^md5sumcpusetselfppp0}lo&selinux-GPL\'!self*\\vboxnet0nodev++/\x00', ':#em0\x00'], 0x46, [], [0x6, 0xd, 0x1000, 0xfff]}) 02:39:08 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x608, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:08 executing program 6 (fault-call:6 fault-nth:9): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:08 executing program 4 (fault-call:6 fault-nth:13): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:08 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0xcc200000}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) [ 499.292972] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 499.327749] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 499.481520] FAULT_INJECTION: forcing a failure. [ 499.481520] name failslab, interval 1, probability 0, space 0, times 0 [ 499.492849] CPU: 0 PID: 26195 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 499.499871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 499.509254] Call Trace: [ 499.511866] dump_stack+0x1c9/0x2b4 [ 499.515525] ? dump_stack_print_info.cold.2+0x52/0x52 [ 499.520739] ? __lock_acquire+0x7fc/0x5020 [ 499.521238] FAULT_INJECTION: forcing a failure. [ 499.521238] name failslab, interval 1, probability 0, space 0, times 0 [ 499.525001] should_fail.cold.4+0xa/0x11 [ 499.525027] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 499.525055] ? find_held_lock+0x36/0x1c0 [ 499.549449] ? lock_downgrade+0x8f0/0x8f0 [ 499.553612] ? find_held_lock+0x36/0x1c0 [ 499.557697] ? check_same_owner+0x340/0x340 [ 499.562029] ? __save_stack_trace+0x8d/0xf0 [ 499.566360] ? rcu_note_context_switch+0x680/0x680 [ 499.571302] __should_failslab+0x124/0x180 [ 499.575542] should_failslab+0x9/0x14 [ 499.579346] kmem_cache_alloc_trace+0x2b5/0x730 [ 499.584018] ? save_stack+0x43/0xd0 [ 499.587649] ? kasan_kmalloc+0xc4/0xe0 [ 499.592031] ? __kmalloc_track_caller+0x14a/0x720 [ 499.596879] ? kstrdup+0x39/0x70 [ 499.600258] ? v9fs_session_init+0x115/0x1a80 [ 499.604751] ? v9fs_mount+0x7c/0x900 [ 499.608469] ? mount_fs+0xae/0x328 [ 499.612019] p9_client_create+0x106/0x159b [ 499.616269] ? find_held_lock+0x36/0x1c0 [ 499.620341] ? p9_client_read+0xbf0/0xbf0 [ 499.624502] ? __kmalloc_track_caller+0x26e/0x720 [ 499.629350] ? __lockdep_init_map+0x105/0x590 [ 499.633849] ? lockdep_init_map+0x9/0x10 [ 499.637918] ? kasan_check_write+0x14/0x20 [ 499.642154] ? __init_rwsem+0x1cc/0x2a0 [ 499.646138] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 499.651168] ? rcu_read_lock_sched_held+0x108/0x120 [ 499.656210] ? __kmalloc_track_caller+0x590/0x720 [ 499.661067] ? save_stack+0xa9/0xd0 [ 499.664698] ? save_stack+0x43/0xd0 [ 499.668328] ? kasan_kmalloc+0xc4/0xe0 [ 499.672234] ? kmem_cache_alloc_trace+0x152/0x730 [ 499.677085] ? memcpy+0x45/0x50 [ 499.680379] v9fs_session_init+0x21a/0x1a80 [ 499.684705] ? find_held_lock+0x36/0x1c0 [ 499.688785] ? v9fs_show_options+0x7e0/0x7e0 [ 499.693209] ? kmem_cache_alloc_trace+0x275/0x730 [ 499.698239] ? kasan_check_read+0x11/0x20 [ 499.702400] ? rcu_is_watching+0x8c/0x150 [ 499.706635] ? trace_hardirqs_on+0xbd/0x2c0 [ 499.710961] ? rcu_pm_notify+0xc0/0xc0 [ 499.714862] ? v9fs_mount+0x61/0x900 [ 499.718584] ? rcu_read_lock_sched_held+0x108/0x120 [ 499.723601] ? kmem_cache_alloc_trace+0x324/0x730 [ 499.728468] v9fs_mount+0x7c/0x900 [ 499.732008] ? alloc_pages_current+0x114/0x210 [ 499.736600] mount_fs+0xae/0x328 [ 499.739979] vfs_kern_mount.part.33+0xdc/0x4e0 [ 499.744569] ? may_umount+0xb0/0xb0 [ 499.748210] ? _raw_read_unlock+0x22/0x30 [ 499.752371] ? __get_fs_type+0x97/0xc0 [ 499.756266] do_mount+0x581/0x30e0 [ 499.759813] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 499.765272] ? copy_mount_string+0x40/0x40 [ 499.769520] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 499.774288] ? retint_kernel+0x10/0x10 [ 499.778189] ? copy_mount_options+0x20e/0x380 [ 499.782705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.788253] ? copy_mount_options+0x285/0x380 [ 499.792765] ksys_mount+0x12d/0x140 [ 499.796411] __x64_sys_mount+0xbe/0x150 [ 499.800410] do_syscall_64+0x1b9/0x820 [ 499.804308] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 499.809673] ? syscall_return_slowpath+0x5e0/0x5e0 [ 499.814609] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 499.819633] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 499.824654] ? recalc_sigpending_tsk+0x180/0x180 [ 499.829412] ? kasan_check_write+0x14/0x20 [ 499.833658] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 499.838514] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 499.843704] RIP: 0033:0x457089 [ 499.846905] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 499.865807] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 499.873536] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 499.880820] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 499.888091] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 499.895361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 499.902632] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000009 [ 499.909923] CPU: 1 PID: 26201 Comm: syz-executor4 Not tainted 4.18.0+ #206 [ 499.916950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 499.926306] Call Trace: [ 499.928919] dump_stack+0x1c9/0x2b4 [ 499.932562] ? dump_stack_print_info.cold.2+0x52/0x52 [ 499.937766] ? radix_tree_clear_tags+0xc0/0xc0 [ 499.942368] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.947928] should_fail.cold.4+0xa/0x11 [ 499.952009] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 499.957132] ? save_stack+0xa9/0xd0 [ 499.960773] ? save_stack+0x43/0xd0 [ 499.964410] ? __radix_tree_replace+0x1fc/0x360 [ 499.969094] ? find_held_lock+0x36/0x1c0 [ 499.973185] ? check_same_owner+0x340/0x340 [ 499.977537] ? rcu_note_context_switch+0x680/0x680 [ 499.982481] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 499.987603] __should_failslab+0x124/0x180 [ 499.991853] should_failslab+0x9/0x14 [ 499.995666] __kmalloc_track_caller+0x2ae/0x720 [ 500.000352] ? idr_alloc_u32+0x3f0/0x3f0 [ 500.004432] ? do_raw_spin_lock+0xc1/0x200 [ 500.008683] ? p9_client_create+0x49b/0x159b [ 500.013110] kstrdup+0x39/0x70 [ 500.016330] p9_client_create+0x49b/0x159b [ 500.020585] ? find_held_lock+0x36/0x1c0 [ 500.024666] ? p9_client_read+0xbf0/0xbf0 [ 500.028835] ? __kmalloc_track_caller+0x26e/0x720 [ 500.033679] ? __lockdep_init_map+0x105/0x590 [ 500.038165] ? lockdep_init_map+0x9/0x10 [ 500.042252] ? kasan_check_write+0x14/0x20 [ 500.046490] ? __init_rwsem+0x1cc/0x2a0 [ 500.050453] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 500.055480] ? rcu_read_lock_sched_held+0x108/0x120 [ 500.060515] ? __kmalloc_track_caller+0x590/0x720 [ 500.065362] ? save_stack+0xa9/0xd0 [ 500.068975] ? save_stack+0x43/0xd0 [ 500.072592] ? kasan_kmalloc+0xc4/0xe0 [ 500.076465] ? kmem_cache_alloc_trace+0x152/0x730 [ 500.081297] ? memcpy+0x45/0x50 [ 500.084657] v9fs_session_init+0x21a/0x1a80 [ 500.088987] ? find_held_lock+0x36/0x1c0 [ 500.093071] ? v9fs_show_options+0x7e0/0x7e0 [ 500.097477] ? kmem_cache_alloc_trace+0x275/0x730 [ 500.102307] ? kasan_check_read+0x11/0x20 [ 500.106443] ? rcu_is_watching+0x8c/0x150 [ 500.110575] ? trace_hardirqs_on+0xbd/0x2c0 [ 500.114881] ? rcu_pm_notify+0xc0/0xc0 [ 500.118771] ? v9fs_mount+0x61/0x900 [ 500.122475] ? rcu_read_lock_sched_held+0x108/0x120 [ 500.127480] ? kmem_cache_alloc_trace+0x324/0x730 [ 500.132318] v9fs_mount+0x7c/0x900 [ 500.135847] ? alloc_pages_current+0x114/0x210 [ 500.140419] mount_fs+0xae/0x328 [ 500.143773] vfs_kern_mount.part.33+0xdc/0x4e0 [ 500.148358] ? may_umount+0xb0/0xb0 [ 500.151974] ? _raw_read_unlock+0x22/0x30 [ 500.156114] ? __get_fs_type+0x97/0xc0 [ 500.159995] do_mount+0x581/0x30e0 [ 500.163535] ? kmem_cache_alloc_trace+0x275/0x730 [ 500.168365] ? copy_mount_string+0x40/0x40 [ 500.172601] ? retint_kernel+0x10/0x10 [ 500.176493] ? copy_mount_options+0x1e3/0x380 [ 500.180982] ? write_comp_data+0x6d/0x70 [ 500.185058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.190594] ? copy_mount_options+0x285/0x380 [ 500.195078] ksys_mount+0x12d/0x140 [ 500.198707] __x64_sys_mount+0xbe/0x150 [ 500.202694] do_syscall_64+0x1b9/0x820 [ 500.206574] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 500.211941] ? syscall_return_slowpath+0x5e0/0x5e0 [ 500.216867] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 500.221876] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 500.226887] ? recalc_sigpending_tsk+0x180/0x180 [ 500.231655] ? kasan_check_write+0x14/0x20 [ 500.235907] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 500.240757] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.245932] RIP: 0033:0x457089 [ 500.249112] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 500.268034] RSP: 002b:00007f7dfa69cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 500.275742] RAX: ffffffffffffffda RBX: 00007f7dfa69d6d4 RCX: 0000000000457089 02:39:09 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:09 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) ioctl$RTC_PIE_ON(r0, 0x7005) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:09 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000080)={{0x4, 0xf71}, 'port0\x00', 0x2, 0x18, 0x0, 0x4, 0x58b, 0x3f, 0x7, 0x0, 0x2, 0x1}) 02:39:09 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:09 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x4788, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:09 executing program 6 (fault-call:6 fault-nth:10): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 500.283006] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 500.290287] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 500.297553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 500.304807] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000d 02:39:09 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 500.377089] FAULT_INJECTION: forcing a failure. [ 500.377089] name failslab, interval 1, probability 0, space 0, times 0 [ 500.388477] CPU: 1 PID: 26216 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 500.395513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 500.404879] Call Trace: [ 500.407496] dump_stack+0x1c9/0x2b4 [ 500.411149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 500.411553] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 500.416370] ? radix_tree_clear_tags+0xc0/0xc0 [ 500.416402] should_fail.cold.4+0xa/0x11 [ 500.416428] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 500.416452] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 500.416476] ? save_stack+0xa9/0xd0 [ 500.446480] ? __radix_tree_replace+0x1fc/0x360 [ 500.451168] ? find_held_lock+0x36/0x1c0 [ 500.455281] ? check_same_owner+0x340/0x340 [ 500.459620] ? rcu_note_context_switch+0x680/0x680 [ 500.464560] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 500.469681] __should_failslab+0x124/0x180 [ 500.473936] should_failslab+0x9/0x14 [ 500.477760] __kmalloc_track_caller+0x2ae/0x720 [ 500.482470] ? idr_alloc_u32+0x3f0/0x3f0 [ 500.486552] ? do_raw_spin_lock+0xc1/0x200 [ 500.490805] ? p9_client_create+0x49b/0x159b [ 500.495239] kstrdup+0x39/0x70 [ 500.498445] p9_client_create+0x49b/0x159b [ 500.502692] ? find_held_lock+0x36/0x1c0 [ 500.506775] ? p9_client_read+0xbf0/0xbf0 [ 500.510942] ? __kmalloc_track_caller+0x26e/0x720 [ 500.515794] ? __lockdep_init_map+0x105/0x590 [ 500.520300] ? lockdep_init_map+0x9/0x10 [ 500.524375] ? kasan_check_write+0x14/0x20 [ 500.528625] ? __init_rwsem+0x1cc/0x2a0 [ 500.532613] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 500.537643] ? rcu_read_lock_sched_held+0x108/0x120 [ 500.542668] ? __kmalloc_track_caller+0x590/0x720 [ 500.547527] ? save_stack+0xa9/0xd0 [ 500.551166] ? save_stack+0x43/0xd0 [ 500.554810] ? kasan_kmalloc+0xc4/0xe0 [ 500.558705] ? kmem_cache_alloc_trace+0x152/0x730 [ 500.563579] ? memcpy+0x45/0x50 [ 500.566883] v9fs_session_init+0x21a/0x1a80 [ 500.571225] ? find_held_lock+0x36/0x1c0 [ 500.575327] ? v9fs_show_options+0x7e0/0x7e0 [ 500.579750] ? kmem_cache_alloc_trace+0x275/0x730 [ 500.584606] ? kasan_check_read+0x11/0x20 [ 500.589136] ? rcu_is_watching+0x8c/0x150 [ 500.593283] ? trace_hardirqs_on+0xbd/0x2c0 [ 500.597621] ? rcu_pm_notify+0xc0/0xc0 [ 500.601532] ? v9fs_mount+0x61/0x900 [ 500.605257] ? rcu_read_lock_sched_held+0x108/0x120 [ 500.610281] ? kmem_cache_alloc_trace+0x324/0x730 [ 500.615153] v9fs_mount+0x7c/0x900 [ 500.618704] ? alloc_pages_current+0x114/0x210 [ 500.623307] mount_fs+0xae/0x328 [ 500.626688] vfs_kern_mount.part.33+0xdc/0x4e0 [ 500.631291] ? may_umount+0xb0/0xb0 [ 500.634935] ? _raw_read_unlock+0x22/0x30 [ 500.639092] ? __get_fs_type+0x97/0xc0 [ 500.642993] do_mount+0x581/0x30e0 [ 500.646547] ? kmem_cache_alloc_trace+0x275/0x730 [ 500.651411] ? copy_mount_string+0x40/0x40 [ 500.655667] ? copy_mount_options+0x5f/0x380 [ 500.660085] ? rcu_read_lock_sched_held+0x108/0x120 [ 500.665111] ? kmem_cache_alloc_trace+0x324/0x730 [ 500.669973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 500.675518] ? _copy_from_user+0xdf/0x150 [ 500.679684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.685238] ? copy_mount_options+0x285/0x380 [ 500.689754] ksys_mount+0x12d/0x140 [ 500.693392] __x64_sys_mount+0xbe/0x150 [ 500.697383] do_syscall_64+0x1b9/0x820 [ 500.701280] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 500.706652] ? syscall_return_slowpath+0x5e0/0x5e0 [ 500.711591] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 500.716618] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 500.721656] ? recalc_sigpending_tsk+0x180/0x180 [ 500.726424] ? kasan_check_write+0x14/0x20 [ 500.730677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 500.735539] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.740739] RIP: 0033:0x457089 [ 500.743945] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 500.762851] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 500.770573] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 02:39:09 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x86ddffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:09 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:09 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0x88020000}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) [ 500.777878] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 500.785161] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 500.792456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 500.799743] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000a 02:39:09 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x3a00000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 500.897074] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:09 executing program 6 (fault-call:6 fault-nth:11): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:09 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:09 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000feffff0700", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:09 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xd000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:09 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 501.088671] FAULT_INJECTION: forcing a failure. [ 501.088671] name failslab, interval 1, probability 0, space 0, times 0 [ 501.100229] CPU: 0 PID: 26260 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 501.107264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.116630] Call Trace: [ 501.119253] dump_stack+0x1c9/0x2b4 [ 501.122908] ? dump_stack_print_info.cold.2+0x52/0x52 [ 501.128115] ? kernel_text_address+0x79/0xf0 [ 501.132554] should_fail.cold.4+0xa/0x11 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8035, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 501.136644] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 501.141781] ? save_stack+0xa9/0xd0 [ 501.145427] ? save_stack+0x43/0xd0 [ 501.149071] ? kasan_kmalloc+0xc4/0xe0 [ 501.152975] ? kmem_cache_alloc_trace+0x152/0x730 [ 501.157840] ? v9fs_session_init+0x21a/0x1a80 [ 501.162350] ? v9fs_mount+0x7c/0x900 [ 501.166080] ? mount_fs+0xae/0x328 [ 501.169634] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 501.174402] ? do_mount+0x581/0x30e0 [ 501.178130] ? ksys_mount+0x12d/0x140 [ 501.181993] ? __x64_sys_mount+0xbe/0x150 02:39:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000200)=""/236, 0xec}], 0x209) ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000080)={0x5, 0x40}) readv(r0, &(0x7f0000000080), 0x10000000000000a7) socket$can_bcm(0x1d, 0x2, 0x2) [ 501.186166] ? find_held_lock+0x36/0x1c0 [ 501.190290] ? check_same_owner+0x340/0x340 [ 501.194625] ? kasan_check_read+0x11/0x20 [ 501.198792] ? rcu_is_watching+0x8c/0x150 [ 501.202959] ? rcu_note_context_switch+0x680/0x680 [ 501.207903] ? rcu_pm_notify+0xc0/0xc0 [ 501.211821] __should_failslab+0x124/0x180 [ 501.216080] should_failslab+0x9/0x14 [ 501.219900] kmem_cache_alloc_trace+0x2b5/0x730 [ 501.224581] ? kmem_cache_alloc_trace+0x324/0x730 [ 501.229445] ? __lockdep_init_map+0x105/0x590 [ 501.233958] ? kasan_kmalloc+0xc4/0xe0 [ 501.237877] p9_idpool_create+0x42/0x190 [ 501.241959] p9_client_create+0x2e0/0x159b [ 501.246238] ? find_held_lock+0x36/0x1c0 [ 501.250323] ? p9_client_read+0xbf0/0xbf0 [ 501.254505] ? __kmalloc_track_caller+0x26e/0x720 [ 501.259367] ? __lockdep_init_map+0x105/0x590 [ 501.263885] ? lockdep_init_map+0x9/0x10 [ 501.267968] ? kasan_check_write+0x14/0x20 [ 501.272244] ? __init_rwsem+0x1cc/0x2a0 [ 501.276246] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 501.281285] ? rcu_read_lock_sched_held+0x108/0x120 [ 501.286316] ? __kmalloc_track_caller+0x590/0x720 [ 501.291172] ? save_stack+0xa9/0xd0 [ 501.294832] ? save_stack+0x43/0xd0 [ 501.298467] ? kasan_kmalloc+0xc4/0xe0 [ 501.302366] ? kmem_cache_alloc_trace+0x152/0x730 [ 501.307243] ? memcpy+0x45/0x50 [ 501.310546] v9fs_session_init+0x21a/0x1a80 [ 501.314887] ? find_held_lock+0x36/0x1c0 [ 501.318981] ? v9fs_show_options+0x7e0/0x7e0 [ 501.323414] ? kmem_cache_alloc_trace+0x275/0x730 [ 501.328279] ? kasan_check_read+0x11/0x20 [ 501.332443] ? rcu_is_watching+0x8c/0x150 [ 501.336611] ? trace_hardirqs_on+0xbd/0x2c0 [ 501.340948] ? rcu_pm_notify+0xc0/0xc0 [ 501.344869] ? v9fs_mount+0x61/0x900 [ 501.348617] ? rcu_read_lock_sched_held+0x108/0x120 [ 501.353649] ? kmem_cache_alloc_trace+0x324/0x730 [ 501.358525] v9fs_mount+0x7c/0x900 [ 501.362086] ? alloc_pages_current+0x114/0x210 [ 501.366689] mount_fs+0xae/0x328 [ 501.370084] vfs_kern_mount.part.33+0xdc/0x4e0 [ 501.374688] ? may_umount+0xb0/0xb0 [ 501.378339] ? _raw_read_unlock+0x22/0x30 [ 501.382504] ? __get_fs_type+0x97/0xc0 [ 501.386415] do_mount+0x581/0x30e0 [ 501.389980] ? kmem_cache_alloc_trace+0x275/0x730 [ 501.394856] ? copy_mount_string+0x40/0x40 [ 501.399117] ? copy_mount_options+0x5f/0x380 [ 501.403543] ? rcu_read_lock_sched_held+0x108/0x120 [ 501.408573] ? kmem_cache_alloc_trace+0x324/0x730 [ 501.413440] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 501.418994] ? _copy_from_user+0xdf/0x150 [ 501.423166] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 501.425778] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:10 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x81) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000080)=0x97c) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000000c0), 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='veno\x00', 0x5) readv(r1, &(0x7f0000000080), 0x10000000000000a7) 02:39:10 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xba40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x806, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0xffffffffffffff21, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x4000, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 501.428739] ? copy_mount_options+0x285/0x380 [ 501.428761] ksys_mount+0x12d/0x140 [ 501.428781] __x64_sys_mount+0xbe/0x150 [ 501.428804] do_syscall_64+0x1b9/0x820 [ 501.428823] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 501.428845] ? syscall_return_slowpath+0x5e0/0x5e0 [ 501.436948] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 501.441145] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.441163] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 501.441181] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 501.441210] ? prepare_exit_to_usermode+0x291/0x3b0 [ 501.441240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.441266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.500664] RIP: 0033:0x457089 [ 501.503872] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 501.522819] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 501.530559] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 02:39:10 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000ef0600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 501.537878] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 501.545172] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 501.552476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 501.559757] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000b 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x800e, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10) [ 501.631242] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:10 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000000)=0x120, 0x4) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x100010, r0, 0x0) 02:39:10 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0x4}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:10 executing program 6 (fault-call:6 fault-nth:12): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:10 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:10 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf5ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8906, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:10 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 501.855770] FAULT_INJECTION: forcing a failure. [ 501.855770] name failslab, interval 1, probability 0, space 0, times 0 [ 501.867134] CPU: 0 PID: 26328 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 501.874168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.883560] Call Trace: [ 501.886173] dump_stack+0x1c9/0x2b4 [ 501.889846] ? dump_stack_print_info.cold.2+0x52/0x52 [ 501.895062] ? kernel_text_address+0x79/0xf0 [ 501.899506] should_fail.cold.4+0xa/0x11 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xe80, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 501.903598] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 501.908743] ? save_stack+0xa9/0xd0 [ 501.912400] ? save_stack+0x43/0xd0 [ 501.916041] ? kasan_kmalloc+0xc4/0xe0 [ 501.919950] ? kmem_cache_alloc_trace+0x152/0x730 [ 501.924811] ? v9fs_session_init+0x21a/0x1a80 [ 501.929326] ? v9fs_mount+0x7c/0x900 [ 501.933144] ? mount_fs+0xae/0x328 [ 501.936706] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 501.941481] ? do_mount+0x581/0x30e0 [ 501.945237] ? ksys_mount+0x12d/0x140 [ 501.949060] ? __x64_sys_mount+0xbe/0x150 02:39:10 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f00000003c0), 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000180)={0x2, 0x0, [{0x3000, 0xd0, &(0x7f0000000080)=""/208}, {0x1, 0x3c, &(0x7f0000000000)=""/60}]}) [ 501.953251] ? find_held_lock+0x36/0x1c0 [ 501.957368] ? check_same_owner+0x340/0x340 [ 501.961721] ? kasan_check_read+0x11/0x20 [ 501.965904] ? rcu_is_watching+0x8c/0x150 [ 501.970076] ? rcu_note_context_switch+0x680/0x680 [ 501.975027] ? rcu_pm_notify+0xc0/0xc0 [ 501.978944] __should_failslab+0x124/0x180 [ 501.983229] should_failslab+0x9/0x14 [ 501.987052] kmem_cache_alloc_trace+0x2b5/0x730 [ 501.991749] ? kmem_cache_alloc_trace+0x324/0x730 [ 501.996617] ? __lockdep_init_map+0x105/0x590 [ 502.001136] ? kasan_kmalloc+0xc4/0xe0 [ 502.005058] p9_idpool_create+0x42/0x190 [ 502.009143] p9_client_create+0x2e0/0x159b [ 502.013406] ? find_held_lock+0x36/0x1c0 [ 502.017502] ? p9_client_read+0xbf0/0xbf0 [ 502.021694] ? __kmalloc_track_caller+0x26e/0x720 [ 502.026573] ? __lockdep_init_map+0x105/0x590 [ 502.031107] ? lockdep_init_map+0x9/0x10 [ 502.035228] ? kasan_check_write+0x14/0x20 [ 502.039502] ? __init_rwsem+0x1cc/0x2a0 [ 502.043505] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 502.048557] ? rcu_read_lock_sched_held+0x108/0x120 02:39:10 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8100000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:11 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000200)=""/236, 0x1ee}], 0x1) getsockopt$inet6_buf(r0, 0x29, 0x15, &(0x7f0000000080)=""/46, &(0x7f00000000c0)=0x2e) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000000100)) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 502.053605] ? __kmalloc_track_caller+0x590/0x720 [ 502.058483] ? save_stack+0xa9/0xd0 [ 502.061551] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 502.062136] ? save_stack+0x43/0xd0 [ 502.062152] ? kasan_kmalloc+0xc4/0xe0 [ 502.062167] ? kmem_cache_alloc_trace+0x152/0x730 [ 502.062183] ? memcpy+0x45/0x50 [ 502.062227] v9fs_session_init+0x21a/0x1a80 [ 502.089987] ? find_held_lock+0x36/0x1c0 [ 502.094089] ? v9fs_show_options+0x7e0/0x7e0 [ 502.098531] ? kmem_cache_alloc_trace+0x275/0x730 [ 502.103405] ? kasan_check_read+0x11/0x20 [ 502.107834] ? rcu_is_watching+0x8c/0x150 [ 502.111997] ? trace_hardirqs_on+0xbd/0x2c0 [ 502.116344] ? rcu_pm_notify+0xc0/0xc0 [ 502.120269] ? v9fs_mount+0x61/0x900 [ 502.124007] ? rcu_read_lock_sched_held+0x108/0x120 [ 502.129046] ? kmem_cache_alloc_trace+0x324/0x730 [ 502.133923] v9fs_mount+0x7c/0x900 [ 502.137482] ? alloc_pages_current+0x114/0x210 [ 502.142094] mount_fs+0xae/0x328 [ 502.145485] vfs_kern_mount.part.33+0xdc/0x4e0 [ 502.150095] ? may_umount+0xb0/0xb0 [ 502.153750] ? _raw_read_unlock+0x22/0x30 [ 502.157924] ? __get_fs_type+0x97/0xc0 [ 502.161844] do_mount+0x581/0x30e0 [ 502.165410] ? kmem_cache_alloc_trace+0x275/0x730 [ 502.170278] ? copy_mount_string+0x40/0x40 [ 502.174538] ? copy_mount_options+0x5f/0x380 [ 502.178969] ? rcu_read_lock_sched_held+0x108/0x120 [ 502.184097] ? kmem_cache_alloc_trace+0x324/0x730 [ 502.188961] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 502.194523] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 502.200084] ? copy_mount_options+0x285/0x380 02:39:11 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x600000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:11 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) close(r0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 502.204606] ksys_mount+0x12d/0x140 [ 502.208259] __x64_sys_mount+0xbe/0x150 [ 502.212266] do_syscall_64+0x1b9/0x820 [ 502.216174] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 502.221585] ? syscall_return_slowpath+0x5e0/0x5e0 [ 502.226541] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 502.231586] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 502.236626] ? recalc_sigpending_tsk+0x180/0x180 [ 502.241407] ? kasan_check_write+0x14/0x20 [ 502.245669] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 502.250546] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.255747] RIP: 0033:0x457089 [ 502.258950] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 502.277871] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 502.285611] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 502.292906] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 502.300210] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 02:39:11 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000000), 0x0) 02:39:11 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x81000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 502.307514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 502.314805] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000c [ 502.334122] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 502.434676] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:11 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) process_vm_writev(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/158, 0x9e}, {&(0x7f0000000140)=""/92, 0x5c}], 0x2, &(0x7f0000000680)=[{&(0x7f0000000300)=""/139, 0x8b}, {&(0x7f00000003c0)=""/85, 0x55}, {&(0x7f0000000500)=""/199, 0xc7}, {&(0x7f0000000440)=""/23, 0x17}, {&(0x7f0000000600)=""/65, 0x41}], 0x5, 0x0) 02:39:11 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:11 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb540010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:11 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0x4000000000000000}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:11 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x3a000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:11 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:11 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0), 0x0) readv(r0, &(0x7f0000000080), 0x99eb7bfd8e478ca) 02:39:11 executing program 6 (fault-call:6 fault-nth:13): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 502.792279] FAULT_INJECTION: forcing a failure. [ 502.792279] name failslab, interval 1, probability 0, space 0, times 0 [ 502.803650] CPU: 0 PID: 26407 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 502.810676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 502.820042] Call Trace: [ 502.822671] dump_stack+0x1c9/0x2b4 [ 502.826345] ? dump_stack_print_info.cold.2+0x52/0x52 [ 502.827642] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:11 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1a, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 502.831552] ? __kernel_text_address+0xd/0x40 [ 502.831584] should_fail.cold.4+0xa/0x11 [ 502.831610] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 502.831637] ? save_stack+0x43/0xd0 [ 502.831653] ? kasan_kmalloc+0xc4/0xe0 [ 502.831677] ? __kmalloc_track_caller+0x14a/0x720 [ 502.865439] ? kstrdup+0x39/0x70 [ 502.868824] ? p9_client_create+0x49b/0x159b [ 502.873254] ? v9fs_session_init+0x21a/0x1a80 [ 502.877766] ? mount_fs+0xae/0x328 [ 502.881317] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 502.886081] ? do_mount+0x581/0x30e0 [ 502.889801] ? ksys_mount+0x12d/0x140 [ 502.893617] ? __x64_sys_mount+0xbe/0x150 [ 502.897777] ? do_syscall_64+0x1b9/0x820 [ 502.901854] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.907253] ? find_held_lock+0x36/0x1c0 [ 502.911353] ? check_same_owner+0x340/0x340 [ 502.915689] ? trace_hardirqs_on+0xbd/0x2c0 [ 502.920027] ? rcu_note_context_switch+0x680/0x680 [ 502.924985] __should_failslab+0x124/0x180 [ 502.929250] should_failslab+0x9/0x14 [ 502.933067] __kmalloc+0x2b2/0x720 [ 502.936629] ? match_wildcard+0x3c0/0x3c0 02:39:11 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x97ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 502.940784] ? match_strdup+0x5e/0xa0 [ 502.944600] match_strdup+0x5e/0xa0 [ 502.948252] p9_client_create+0x6f9/0x159b [ 502.952514] ? p9_client_read+0xbf0/0xbf0 [ 502.956685] ? __kmalloc_track_caller+0x26e/0x720 [ 502.961551] ? __lockdep_init_map+0x105/0x590 [ 502.966066] ? lockdep_init_map+0x9/0x10 [ 502.970143] ? kasan_check_write+0x14/0x20 [ 502.974389] ? __init_rwsem+0x1cc/0x2a0 [ 502.978381] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 502.983410] ? rcu_read_lock_sched_held+0x108/0x120 [ 502.988441] ? __kmalloc_track_caller+0x590/0x720 02:39:11 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x400000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 502.993299] ? save_stack+0xa9/0xd0 [ 502.996946] ? save_stack+0x43/0xd0 [ 503.000583] ? kasan_kmalloc+0xc4/0xe0 [ 503.004482] ? kmem_cache_alloc_trace+0x152/0x730 [ 503.009334] ? memcpy+0x45/0x50 [ 503.012637] v9fs_session_init+0x21a/0x1a80 [ 503.016975] ? find_held_lock+0x36/0x1c0 [ 503.021065] ? v9fs_show_options+0x7e0/0x7e0 [ 503.025489] ? kmem_cache_alloc_trace+0x275/0x730 [ 503.030446] ? kasan_check_read+0x11/0x20 [ 503.034613] ? rcu_is_watching+0x8c/0x150 [ 503.038772] ? trace_hardirqs_on+0xbd/0x2c0 02:39:11 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x2712, 0x105402) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, r0, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r1, &(0x7f0000000080), 0x10000000000000a7) 02:39:11 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8906000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 503.043104] ? rcu_pm_notify+0xc0/0xc0 [ 503.047019] ? v9fs_mount+0x61/0x900 [ 503.050753] ? rcu_read_lock_sched_held+0x108/0x120 [ 503.055784] ? kmem_cache_alloc_trace+0x324/0x730 [ 503.060651] v9fs_mount+0x7c/0x900 [ 503.064226] ? alloc_pages_current+0x114/0x210 [ 503.068826] mount_fs+0xae/0x328 [ 503.072231] vfs_kern_mount.part.33+0xdc/0x4e0 [ 503.076839] ? may_umount+0xb0/0xb0 [ 503.080482] ? _raw_read_unlock+0x22/0x30 [ 503.084644] ? __get_fs_type+0x97/0xc0 [ 503.088549] do_mount+0x581/0x30e0 [ 503.092099] ? kmem_cache_alloc_trace+0x275/0x730 [ 503.096957] ? copy_mount_string+0x40/0x40 [ 503.101230] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 503.106011] ? retint_kernel+0x10/0x10 [ 503.109921] ? copy_mount_options+0x1f0/0x380 [ 503.114435] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 503.119307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 503.124858] ? copy_mount_options+0x285/0x380 [ 503.129372] ksys_mount+0x12d/0x140 [ 503.133013] __x64_sys_mount+0xbe/0x150 [ 503.137007] do_syscall_64+0x1b9/0x820 [ 503.140916] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 503.146301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 503.151247] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 503.156273] ? prepare_exit_to_usermode+0x3b0/0x3b0 02:39:12 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 503.161321] ? recalc_sigpending_tsk+0x180/0x180 02:39:12 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000f00600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:12 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x43050000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 503.161340] ? kasan_check_write+0x14/0x20 [ 503.161363] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 503.161391] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 503.161405] RIP: 0033:0x457089 [ 503.161421] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 503.161431] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 503.161449] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 503.161459] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 503.161469] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 503.161479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 02:39:12 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/243}, {&(0x7f0000000500)=""/135}], 0x22) 02:39:12 executing program 6 (fault-call:6 fault-nth:14): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb440010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 503.161488] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000d [ 503.382595] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 503.416842] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 503.492250] FAULT_INJECTION: forcing a failure. [ 503.492250] name failslab, interval 1, probability 0, space 0, times 0 [ 503.503620] CPU: 1 PID: 26468 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 503.510662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.520030] Call Trace: [ 503.522646] dump_stack+0x1c9/0x2b4 [ 503.526301] ? dump_stack_print_info.cold.2+0x52/0x52 [ 503.531514] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 503.536225] should_fail.cold.4+0xa/0x11 [ 503.540312] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 503.545426] ? __kernel_text_address+0xd/0x40 [ 503.549940] ? unwind_get_return_address+0x61/0xa0 [ 503.554908] ? find_held_lock+0x36/0x1c0 [ 503.559015] ? check_same_owner+0x340/0x340 [ 503.563361] ? rcu_note_context_switch+0x680/0x680 [ 503.568315] __should_failslab+0x124/0x180 [ 503.572578] should_failslab+0x9/0x14 [ 503.576392] __kmalloc+0x2b2/0x720 [ 503.579946] ? rcu_pm_notify+0xc0/0xc0 [ 503.583852] ? match_number.isra.0+0xbf/0x280 [ 503.588369] match_number.isra.0+0xbf/0x280 [ 503.592731] ? match_strdup+0xa0/0xa0 [ 503.596552] ? match_wildcard+0x3c0/0x3c0 [ 503.600733] match_int+0x23/0x30 [ 503.604119] parse_opts+0x32c/0x500 [ 503.607798] ? p9_fd_poll+0x2b0/0x2b0 [ 503.611626] ? kasan_check_write+0x14/0x20 [ 503.615892] ? trace_hardirqs_off+0xb8/0x2b0 [ 503.620326] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 503.625448] ? kfree+0x111/0x210 [ 503.628834] ? kfree+0x111/0x210 [ 503.632230] ? lockdep_hardirqs_on+0x421/0x5c0 [ 503.636828] p9_fd_create+0x8b/0x3f0 [ 503.640552] ? p9_fd_show_options+0x1c0/0x1c0 [ 503.645069] ? p9_client_create+0x7e5/0x159b [ 503.649489] p9_client_create+0x889/0x159b [ 503.653740] ? p9_client_read+0xbf0/0xbf0 [ 503.657893] ? __kmalloc_track_caller+0x26e/0x720 [ 503.662732] ? __lockdep_init_map+0x105/0x590 [ 503.667231] ? lockdep_init_map+0x9/0x10 [ 503.671295] ? kasan_check_write+0x14/0x20 [ 503.675532] ? __init_rwsem+0x1cc/0x2a0 [ 503.679513] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 503.684549] ? rcu_read_lock_sched_held+0x108/0x120 [ 503.689575] ? __kmalloc_track_caller+0x590/0x720 [ 503.694413] ? save_stack+0xa9/0xd0 [ 503.698038] ? save_stack+0x43/0xd0 [ 503.701665] ? kasan_kmalloc+0xc4/0xe0 [ 503.705543] ? kmem_cache_alloc_trace+0x152/0x730 [ 503.710404] ? memcpy+0x45/0x50 [ 503.713677] v9fs_session_init+0x21a/0x1a80 [ 503.717985] ? find_held_lock+0x36/0x1c0 [ 503.722063] ? v9fs_show_options+0x7e0/0x7e0 [ 503.726485] ? kmem_cache_alloc_trace+0x275/0x730 [ 503.731834] ? kasan_check_read+0x11/0x20 [ 503.735992] ? rcu_is_watching+0x8c/0x150 [ 503.740145] ? trace_hardirqs_on+0xbd/0x2c0 [ 503.744476] ? rcu_pm_notify+0xc0/0xc0 [ 503.748384] ? v9fs_mount+0x61/0x900 [ 503.752111] ? rcu_read_lock_sched_held+0x108/0x120 [ 503.757135] ? kmem_cache_alloc_trace+0x324/0x730 [ 503.761998] v9fs_mount+0x7c/0x900 [ 503.765553] ? alloc_pages_current+0x114/0x210 [ 503.770153] mount_fs+0xae/0x328 [ 503.773551] vfs_kern_mount.part.33+0xdc/0x4e0 [ 503.778150] ? may_umount+0xb0/0xb0 [ 503.781789] ? _raw_read_unlock+0x22/0x30 [ 503.785956] ? __get_fs_type+0x97/0xc0 [ 503.789863] do_mount+0x581/0x30e0 [ 503.793416] ? kmem_cache_alloc_trace+0x275/0x730 [ 503.798277] ? copy_mount_string+0x40/0x40 [ 503.802532] ? copy_mount_options+0x5f/0x380 [ 503.807115] ? rcu_read_lock_sched_held+0x108/0x120 [ 503.812170] ? kmem_cache_alloc_trace+0x324/0x730 [ 503.817039] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 503.822590] ? _copy_from_user+0xdf/0x150 [ 503.826761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 503.832309] ? copy_mount_options+0x285/0x380 [ 503.836904] ksys_mount+0x12d/0x140 [ 503.840549] __x64_sys_mount+0xbe/0x150 [ 503.844546] do_syscall_64+0x1b9/0x820 [ 503.848447] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 503.853829] ? syscall_return_slowpath+0x5e0/0x5e0 [ 503.858772] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 503.863829] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 503.868855] ? recalc_sigpending_tsk+0x180/0x180 [ 503.873626] ? kasan_check_write+0x14/0x20 [ 503.877878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 503.882776] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 503.887975] RIP: 0033:0x457089 [ 503.891177] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 503.910102] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 503.917827] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 503.925129] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 503.932522] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 02:39:12 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0xc00e000000000000}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:12 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xfffff000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:12 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:12 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000008800", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:12 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000100), 0x2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x35, "a934e7758c3d5936940c9f73b8d92dd9e6b52d81d45aa18a9f63893e306b21fd289867656a5af5d604411f62831145e90cda998c7e"}, &(0x7f0000000080)=0x3d) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r1, 0xd2d2}, 0x8) 02:39:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:12 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x0) r1 = geteuid() lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ENTRY(r0, &(0x7f0000000100)={0x90, 0x0, 0x5, {0x3, 0x2, 0x2, 0x9, 0xffffffffffffffc0, 0xd95, {0x3, 0x7, 0x2, 0x2000000000000, 0x7f, 0x6, 0x2, 0x200, 0x1, 0x1f, 0x65125d70, r1, r2, 0x0, 0xc9}}}, 0x90) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb3400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 503.939798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 503.947070] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000e [ 503.997246] 9pnet: Insufficient options for proto=fd 02:39:12 executing program 1: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000001740)='/dev/qat_adf_ctl\x00', 0x840, 0x0) connect$inet6(r0, &(0x7f0000001780)={0xa, 0x4e23, 0x101, @mcast1, 0x2}, 0x1c) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x6, 0x101041) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000080)={0x0, 0x1, {0x0, 0x1, 0x7, 0x1, 0x3ff}}) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) syz_mount_image$jfs(&(0x7f0000000100)='jfs\x00', &(0x7f0000000140)='./file0\x00', 0xfffffffffffeffff, 0x5, &(0x7f0000001580)=[{&(0x7f0000000180)="553836e341d44b43072b0f8c8e1054ba3138363d6158", 0x16, 0x3}, {&(0x7f0000000500)="ca7753f30f737ece72248fabce35f4bf95004375edbe0dd31c9d21b6b5358b2ed885117df7a083422ab3ce0c80a8f199f3d1d1d0e46ed697174fa2e6208d56c1ad39c3008cca7acc20f16fed4ef324119836ef510fc90d30323a7e57ebcd3ef06614a690e1cd93c1fc6de0555f03fc34487ee942e41237f141dcf8abfcfc33b9514a3e6c6e1b710ad14067156800d0d7cf5908d82618261f39916e0add5bccedfc0d35ebdd7b78e1503d7f7948ba0089fc7e1c5f1e941963cfd28d6ea8dd747f764bd2f02f2d442c174845aedb6daeb0bedd983fd06281d473dac9d3071464b905bb50156f8228198e0f5cc9245c8ef4301ac1c44716da70b269f20fd2396ce76eb2bafdefd0103ac0fa650a8184526c5da0acfc28f7e90a0ccc5b23b86ea8ad98c3da2a2b1b40e22ebd28c0193f74bc9afa8339165f06ed9d1f89d34ea00b75aa39bbdeaa7dfa55089ec72fde2a25d68b2eb9be631285a7ca91fcf215fba206de7835dec40789ae9f8dd8f0cc8a2dca6d4390323212e436750d84bdf1ba25653b3f131ae392a48180fd5f6e6c3ed626aafb117c60948576d5247c87f1b9e86735112277089157d2efdacb60105430d0b0ee786e54bc97b0e20c1a9bc9a39650fa711bcebf5b9d6f607c06ba574fe2d9a9add2d1df2bf0383ea64c9355ac74e6316b12a787375331b6a28fd91a8e11c17079583906714142b3c37f342b76fdf587031900f7e31c952edf5883f4a40ae8cfc96d61383a0acb1d65e2d2322ed786f75aa9c58e71de01f4bb0825cfb105a7145889c1047a2f38fcc8f154e0664010a98910d8724c4347c2e86391fe5e2c9985fff3ec17e1ba5cad99d043bb65e8f04dde22c932e1e1f7cc593dcb2809bb380622ed239dd1dba54cc0438e2657b9064f7ec188d2b6550ee944190565e35319360d0ff888ba2abbd023e37ffcc2ff835f6efc9e47da60a6674512cb7a15ca819d2563324015c2890c6d31b72e4f4497e5577f5a3ce87d941dc3627a9fc5d7decfe3b300e0f74dde4c592703b68b093423e71941ed5136c179a6bcb5932584443f3a4438c0ae578dc324ad6d34e67b0ecfa56435b57e52927f323dc8ee2cfff973a36338941146eb68bb4e006068248034a2b99c8f7d6622136213be3fe1de96638f997a28104651dcbd8e0f3a346a0b63656df9432c93bd48599116b16f5a702b6a4d57ef4cbdf5b1b4f736cb6a459a4c40fce3bd271b7b5613a351c70dd24690fadb4bc01beceec3277df539d0b654fbe14c193eddb3096375815ccd9a145300d2b8d7e7d9a3f22e731768a57058fe52f1ebba76830f325a9852c1a921998ab2192c60b0cc822a37643827c71c1ba9f9d303273acac46216e45efe415b19b1db7589b16d211ff2a1a1805434c52a131de3fe97938479cddcabc794418db1b32f356479d573c70ce6f62dad6f7c8dba5562b14cca178046688f85bdc165b72bfd4814b9f14d2f359f9acd066b847cf96b8f7123933181a7676e76a6504341ce2d067498c880b6a5c960f6686bb4c70f02753621b27b42fcf46c96a99d4cf6db84bb9e736a856f4680c78dbc8dae64e174446a443a0be2ecd50938ebdbd5531563b9a2351dc8f338e138e5d6809f94c9a03abf6abd9e1de0a9cc4d4da63f77cbac85a350936d16b0d155c961c30eaabddc10ab2a242a2066da920515c6d20adefd45de029b31dfbdcb2bdb0e279212e769d4e25e4191c44e84752f6030825422cbe7f6a1f9156f112359738456fa6169309cfe5c68c22f0937bba6e63787de61202ddb8652bd4049f0c02ac457411111222cd3ac5435192e51f8c2a7c33afd2bdfb895f2628ca18db49a46b30c06fd9c837ca251a26ee14cf801146ccb43634bdd1e90511ae110cd008f712d31597765b6464761e9ff422f4b8515898eeff8074a46adf6cf0a090621a1d9cb8f195ac581e8f054f2bd17ef78bd907be98da8d885d77dff5681f64aa8230a9854ff5587b71d5532b384eb069bf5f625b75e36f75939b5e87b03f0f99d37db8781114ada31197ee67d262b5e09636b7bd11d7fd6282a689b77e120d21bd2c9d0800c6c561efa299c2ab7ac35d06f7da31cfad8a3e14420a27a2e7f8876016a6830e7d750041801357eac1fd386a4b6401e6a4e613ce874e5350cb45e7c4e234c578f8630520ce8510962f09be14382d4e6f0ccc32a4f8c8379d6605192891f89c4dfe3f7fee3e0cfbc27eeb7721298880f26b8d8120c2e0f72c16183ee79554832f556802fdbb623d693aeed78c823b3bae30da79a1bc01dd4b00b2826793384061ba94d69fb93780e50507295a65f9b304745570e96a2e2a121f3b68945c3fb0065861367f6fb1131d7285eb81ec95adc96ce838e2bb51eb36a29b467915e61d97f6e386d8f5a6864bd00e56534e079d477ecce95d08de96ced6cab259620f92a35fff31b926ea3a65acdf5db53bea4a5d321d010c13046641def8e6db645fd42b0c379dea1aedd41970e2954c44e10a8a8b383d5a76995a3945cf12850067a4fc9272b72e813981056728ff08264e91e616e8375300f8382e81fbbc6bd51a967f8d735980daecd153d25e4c6c2e94f0c1801aedff584d9e52c381111e596ee837190e875116996d1a2ca983e945f8cd0105677ae0a6209e116dd9fada38c7af5cbf42fd36dc71452eddf5c20e821f7be04468906ffedf504afdd040cdb5a6ca22ee4c8d4b0e74450836decb89eb28f3f63b16432f84815f241a428ed2a4bfbb354fc84cad68c9f1df59a75397c1bec51d186b87e1b862a726dc421873fff70922e3d6db6862480a784dce569b6120986d20d84cb9892c4249da47618e5ec13a4fb5bd8ed66f3e3cb4f248b8364dbfd5c78a81cb2938929e13191ac60304ccf22f283e49d538ee6bbcef3665494ccd797cea04f55db838a7a30298d62b952e4f58ab88c7d9fcd3a3b2f1ef02b43606da3409bb97ab9b028fb95c69ce6302a1937e36806c7e12a038504ffbfb6c826b558d1d3cdd0e9f79fa2860047e661e0b61c5640a984965b6b6bd1b1bfe23078726bc18f1f7f5ff140eab33f72e53f72e5d6a2fc456ce6cea91cf3665017a5646a935a07f6d502c05905b1065b650de6e48596e4e03fe91b1ea9a12f1df011de06dec0fb969f8af36050281ec0ef6d012208fb1ff0b41293947ac3df59c8e6db30b7d7864b035968c6a19a3a662b2db1126f0ce5757ac6a9c39c4cfb5c94e23fc8aa727fe903a384a74df5048c1de1c6b57dcab115ac0dfbede7e116f6e041a920470ec019b42b3dfad3287a18fc748df60d96c2bbe2c37e2ae4482504e1205ef8b8165bc84eade631582abd8ca67141a21e67b9795b2896f1c00abe1a603441d2c2ea663dad3076cd98e2f5280fbc42757f80fc46b6e38207f61516f1ca4a4afe188adab6da931ade548b8d787c34dae06b43f7282d2d2d067e10970534cf8f7efed850dc3af1c0b3d655057835ad93e7db24427c073f9991fcd04a44f0c59ab7f4db0d93eba1f2fd358641ddc17d8cd3d2d3f0cf04669f464e30853ea81064c0264f8426f0a107984358c7ec3522537d5f9ba05afbeb9db94a0f87f305ddbcf1762070186dc3dc9c054075e987e0ddf31da6f649c09042a29ce76b3d0939cd17860483303032376e5bab039d36e0b23c4f847c779fd9abe47eb00de3ce0f7e13c81a1a8e547488a2c789be3eeacd3402f414ef482f4291b1817db640f1826f9d1bc6846c0de452782351b61f4aac0463c545cf04913c16319b8b4949bcdb94da441fd051213a6efc381fa378aa1c2f4089d0175855a7ce550d737cb8bbdca17e2006fc71e1dd56299b44ac7d365fe9c66266de17bd64f446b7d514bc405b63ecb9aff11266ffde3c18fc1830a6d17bb60d3585922a460d5dcee745240d3aeff79462f36f2ff5a78af98ea26b7e1bf53a622294f10dbe4b248baaa8de91998ce6d76692765dbb45a36b506bec00ebc241875a01b00189e2853d345e66fa65e6bcb3183c96d4b3f192cabaa85aab0a5bd613a6f53742c3c7b1313b05cb8412116a14d5cf80d0089f4c7fb91739108021ed20ae909555fe3824efc3e553202a96de7573fdf2ebb3e9dfa68509d321b737ec68cddb307a09d23a5a3a489761f4cc4b72855e832fce36ea5a15a446be4ad1a17006dbb2159f6452455e2384990815e856e49966063bd92680caff2229fd7fbfe5da80579978ce16335a5f0db27832abb1c9a48c4833328c29adfe237983d1e36cb6f5a8f5e906d4512eede27bf0d09441e8eb5f26442461e95b5fc258e71a5b3a8b8a209c5cfb269a9193d73a0e99f313b3fecee2cd72217a9122de8c2581680b1ae39ab5f64d4173b5955bb19ba3b71d95eeec51f386180c7f1120e38738b98fa3e840fd73fa40c350f9516a0fcb812597cce5d94a5b0a0af9273aeed78f7006b430cb6b6dc1e95c06ac1c16cc71970d91c6fd59319a3d6565ad6d33fe1db3846cbdbe832e5586c711c3120cefcfbef1ecfd0b63b1772ee55dd87e7813301cd0effdfe5cdab3b59b68f973553d5e9abc8b942f279e422cdb039c0e51cd0b0afc452dc8a897ec5ba4360bf0a5989a9b866a478d3cecf0f168ea79aab9b7dcf7f080cd36c85e65ce1772f7baff0d5d15033c0717e263e63ef3f4a698ffab30596559404107f49a32d465141b9efa653b6237fc6cfdf286976a470fca3723d5fc5af1cbbc33d61429f78e4e6339f0113a18fc2c49999332653e8ce63b2d2d52b1eca22718335e5155ff52a31e5ad37ecd1b83131735a4fdf3ce65bb786c604a2da4b988daa3246fe7b5b2d8b9d47bbe67d6992a8d87b0112c3ac7f3ad08d90df9f20f41c7873bb7d871c4cba8d21abbd1ccc102917174c120406f6b6e1d67c5e264e62340cf2a63a869ea295c90897d44f2a06fcd06fc26326fb3a109f3762a7e484c21ea2d5fc332f0c156bd38e8ab807dfa38197c917793e0ad0a2da7dc850268619ac1970f264a2cb082da9e86034f7d4f04fc05ff49c0e4bbb8b605d1afce1cdeef1db646b62b9d17793fa11493873effbf467de01b1afdd4883d181dba4b15e28f96e4cc09baf2c954c24369ce86c5ff7e13ef65623dd6f5b2c7e70bd37df00ea42133a06884942b6e622cfdc29399d8024d5c58c03ab15f14fb06752eb959a6a3af7431ca9885623df58606535de0a3886aa71546e979d89065de55e4c981b934e084d5f284e1d023a548ac902a8ee1fb93ba0d53c45783e4af2f0bd34b75b401ff046cb484703ac0d67ee8e9eb7a31ccfd8a2a356da29125173420fa84f9226cdb3bc7e682381bd0b8d5650e380f0e497a1cc89d29979d2f89bc559b30ec3ab8bc48d2173ea5a4bf161c779b76ee666dfe720e3d0ba8042ffaeecfa2d33e7a4d61d6b8b4e528dd2e0df3636b6b59b10e17bcf973922e3925cb0dac1f8fcd6cc868de6a3bbf5108c42dd5b3b940b55c70cc82d5be71a46b730e791f61bf079235467254337ab0ceb0b2d44421d6baf825878519df5c793ac46e0d5c5727edd91a0941f68a959fc57ab3f56bb090f15612a0a2fac935df952c74185b02ae4fac5fbb41bb3f3d78c73cca55ef8ffcc6ae03cd74b63b3011c70c50d29a5d7dcdb5f92ef20b635316faa23f83aed9efce88cc37a4026082ea2bb32c36c8168da5020b6f22fa12ea207a4bf992f388d01d24b0f38c4cf4214a2cc9d991e35e014751d5d0b6d4a00fed634502a4772768f1efcc2a3009f358ad1113dd7ee25a005c12a63c28d6b7a7f6d161bf836c139474ad47535efdea2498cae622841de1b3b77b9b3b", 0x1000, 0x100000001}, {&(0x7f0000000300)="b3b92d9c89068545f955fd1c6c5b356c0a5ab521a1501d07dca920ea21274612947c6ede0f0c8e3a46bb1517366884b58384123db5aa16dccd3c447c74f27a6583a1e49526ac2097ea5d11876a280293d1b0b6c67380edf66dacb5bbff34", 0x5e, 0x1}, {&(0x7f0000000380)="adcdbf4f20a4f916332a8e23d6296d800a6bcf366edd3bcf5c802a384e952ef656cf025586b34515b22bf6a8b4b2673395713740686f9ae5e5272139328a26f7312d6db38568e38cc3b1df294e76bd098a510434c97ed1d6f16dd11185220eede243e58fde0a98f892d212740e77c29c1cf2eed096e58e64936ee791c567ced431281030675e4459391ce895e07df00cb7e089831b448023406982bc889356f1c101f6b70414a8c300830fb3b44ee91ad741c2ce171194a3c12c7252e4a5d0a4870e4e901619b5", 0xc7, 0x7fffffff}, {&(0x7f0000001500)="ac595c6d64f2fba13df464767719eeef6ceec3c1d2d541ce72b69abd8712a230b102ef14ff01261c62902e55d8468af06c23e44c70cc2b1d59267242d18f40a7ea59e21431a4531ea9e4e3dc6367f700", 0x50, 0x5}], 0x41, &(0x7f00000017c0)=ANY=[@ANYBLOB="71756f746106000000736b3d3078303030303030303030303030376666662c696f636861727365743d63703933362c6572726f72733d72656d6f756e742d726f2c6e6f696e746567726974792c00322a7a4965d484157b89684e0d3168d415cf0f65ca4f094214a0e7959e4397d2ad8ba42396264685b32bdbb7da09a36cf3d80b6a42b4d409f0353ea52db72d4b7767cdc1ac994f10a4a1f4ccc45aa1b0cb61dd1f3908db87fb95fba2a7e78aff385101a422f7adf87040403fbab787340e55ff4389bec59b6033fcab92bc41eb2819ec153f816d85d74dfd1fb6f6e71d5aedb96b5412699960e87a34b5d28f0cc09194caada6848671d8793ae3c8f108c3a15e98b30dddc0af9ccb2bb6d9779e7f86f0eda3aed2817b22"]) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000001600)={0x0}) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000001980)) r4 = mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000005, 0x10, r1, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000001a00)={0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000001c00)={0xfc, 0x0, &(0x7f0000001ac0)=[@acquire_done={0x40106309, r3, 0x2}, @transaction_sg={0x40486311, {{0x4, 0x0, 0x1, 0x0, 0x11, 0x0, 0x0, 0x40, 0x38, &(0x7f0000001900)=[@ptr={0x70742a85, 0x0, &(0x7f0000001640), 0x1, 0x3, 0x1a}, @flat={0x0, 0x1, r4, 0x2}], &(0x7f0000001940)=[0x40, 0x60, 0x28, 0x38, 0x30, 0x78, 0x68]}, 0x2}}, @enter_looper, @register_looper, @register_looper, @reply_sg={0x40486312, {{0x4, 0x0, 0x1, 0x0, 0x11, 0x0, 0x0, 0x0, 0x40, &(0x7f0000001980), &(0x7f00000019c0)=[0x20, 0x30, 0x20, 0x48, 0x28, 0x30, 0x48, 0x58]}, 0x4}}, @transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x18, 0x10, &(0x7f0000001a40)=[@flat={0x73682a85, 0xa, r5, 0x2}], &(0x7f0000001a80)=[0x28, 0x78]}}], 0x15, 0x0, &(0x7f0000001bc0)="db8fdbde2c51ffcab1f6f5aa6684e97e0ad3c6313d"}) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) r6 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x80000, 0x0) readv(r2, &(0x7f0000000080), 0x10000000000000a7) clock_gettime(0x0, &(0x7f0000001680)={0x0, 0x0}) ppoll(&(0x7f0000000480)=[{r1, 0x4000}, {r6}], 0x2, &(0x7f00000016c0)={r7, r8+10000000}, &(0x7f0000001700)={0x7f}, 0x8) 02:39:12 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbb400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 504.032407] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88640000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:13 executing program 6 (fault-call:6 fault-nth:15): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:13 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 504.097640] jfs: Unrecognized mount option "quota" or missing value [ 504.125444] QAT: Invalid ioctl [ 504.130154] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 504.134917] QAT: Invalid ioctl 02:39:13 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb7400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 504.223411] QAT: Invalid ioctl [ 504.235654] FAULT_INJECTION: forcing a failure. [ 504.235654] name failslab, interval 1, probability 0, space 0, times 0 [ 504.247097] CPU: 1 PID: 26538 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 504.254136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.263498] Call Trace: [ 504.266104] dump_stack+0x1c9/0x2b4 02:39:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xd00, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 504.269761] ? dump_stack_print_info.cold.2+0x52/0x52 [ 504.274988] should_fail.cold.4+0xa/0x11 [ 504.279260] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 504.284603] ? __save_stack_trace+0x8d/0xf0 [ 504.289155] ? save_stack+0xa9/0xd0 [ 504.292814] ? save_stack+0x43/0xd0 [ 504.296468] ? find_held_lock+0x36/0x1c0 [ 504.300568] ? check_same_owner+0x340/0x340 [ 504.304910] ? rcu_note_context_switch+0x680/0x680 [ 504.309871] __should_failslab+0x124/0x180 [ 504.314134] should_failslab+0x9/0x14 [ 504.317950] __kmalloc+0x2b2/0x720 [ 504.321511] ? match_number.isra.0+0xbf/0x280 [ 504.326035] match_number.isra.0+0xbf/0x280 [ 504.330382] ? match_strdup+0xa0/0xa0 [ 504.334227] ? match_wildcard+0x3c0/0x3c0 [ 504.338402] match_int+0x23/0x30 [ 504.341794] parse_opts+0x32c/0x500 [ 504.345446] ? p9_fd_poll+0x2b0/0x2b0 [ 504.349279] ? kasan_check_write+0x14/0x20 [ 504.353540] ? trace_hardirqs_off+0xb8/0x2b0 [ 504.357978] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 504.363112] ? kfree+0x111/0x210 [ 504.366492] ? kfree+0x111/0x210 [ 504.369889] ? lockdep_hardirqs_on+0x421/0x5c0 [ 504.374501] p9_fd_create+0x8b/0x3f0 [ 504.378245] ? p9_fd_show_options+0x1c0/0x1c0 [ 504.382769] ? p9_client_create+0x7e5/0x159b [ 504.387223] p9_client_create+0x889/0x159b [ 504.391494] ? p9_client_read+0xbf0/0xbf0 [ 504.395674] ? __kmalloc_track_caller+0x26e/0x720 [ 504.400541] ? __lockdep_init_map+0x105/0x590 [ 504.405062] ? lockdep_init_map+0x9/0x10 [ 504.409148] ? kasan_check_write+0x14/0x20 [ 504.413414] ? __init_rwsem+0x1cc/0x2a0 [ 504.417408] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 504.422481] ? rcu_read_lock_sched_held+0x108/0x120 [ 504.427521] ? __kmalloc_track_caller+0x590/0x720 [ 504.432375] ? save_stack+0xa9/0xd0 [ 504.436010] ? save_stack+0x43/0xd0 [ 504.439647] ? kasan_kmalloc+0xc4/0xe0 [ 504.443544] ? kmem_cache_alloc_trace+0x152/0x730 [ 504.448398] ? memcpy+0x45/0x50 [ 504.451704] v9fs_session_init+0x21a/0x1a80 [ 504.456050] ? find_held_lock+0x36/0x1c0 [ 504.460139] ? v9fs_show_options+0x7e0/0x7e0 [ 504.464570] ? kmem_cache_alloc_trace+0x275/0x730 [ 504.469430] ? kasan_check_read+0x11/0x20 [ 504.473591] ? rcu_is_watching+0x8c/0x150 [ 504.477779] ? trace_hardirqs_on+0xbd/0x2c0 [ 504.482118] ? rcu_pm_notify+0xc0/0xc0 [ 504.486021] ? v9fs_mount+0x61/0x900 [ 504.489761] ? rcu_read_lock_sched_held+0x108/0x120 [ 504.494791] ? kmem_cache_alloc_trace+0x324/0x730 [ 504.499659] v9fs_mount+0x7c/0x900 [ 504.503228] ? alloc_pages_current+0x114/0x210 [ 504.507835] mount_fs+0xae/0x328 [ 504.511233] vfs_kern_mount.part.33+0xdc/0x4e0 [ 504.515836] ? may_umount+0xb0/0xb0 [ 504.519473] ? _raw_read_unlock+0x22/0x30 [ 504.523628] ? __get_fs_type+0x97/0xc0 [ 504.527532] do_mount+0x581/0x30e0 [ 504.531077] ? kmem_cache_alloc_trace+0x275/0x730 [ 504.535939] ? copy_mount_string+0x40/0x40 [ 504.540214] ? retint_kernel+0x10/0x10 [ 504.544133] ? copy_mount_options+0x1e3/0x380 [ 504.548646] ? audit_kill_trees+0x450/0x450 [ 504.552983] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 504.558530] ? copy_mount_options+0x285/0x380 [ 504.563041] ksys_mount+0x12d/0x140 [ 504.566690] __x64_sys_mount+0xbe/0x150 [ 504.570684] do_syscall_64+0x1b9/0x820 [ 504.574587] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 504.579962] ? syscall_return_slowpath+0x5e0/0x5e0 [ 504.584900] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 504.590206] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 504.595234] ? recalc_sigpending_tsk+0x180/0x180 [ 504.600032] ? kasan_check_write+0x14/0x20 [ 504.604291] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 504.609153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 504.614346] RIP: 0033:0x457089 [ 504.617575] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 504.636543] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 504.644264] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 504.651538] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 504.658833] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 504.666108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 504.673379] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000f [ 504.680802] 9pnet: Insufficient options for proto=fd 02:39:13 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140bc, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:13 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000300", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:13 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0x4000000}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:13 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xd, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:13 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:13 executing program 6 (fault-call:6 fault-nth:16): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 504.773908] FAULT_INJECTION: forcing a failure. [ 504.773908] name failslab, interval 1, probability 0, space 0, times 0 [ 504.785471] CPU: 1 PID: 26559 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 504.792504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.801862] Call Trace: [ 504.804468] dump_stack+0x1c9/0x2b4 [ 504.808142] ? dump_stack_print_info.cold.2+0x52/0x52 [ 504.813354] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 504.818047] should_fail.cold.4+0xa/0x11 [ 504.822128] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 504.827238] ? __kernel_text_address+0xd/0x40 [ 504.831751] ? unwind_get_return_address+0x61/0xa0 [ 504.836724] ? find_held_lock+0x36/0x1c0 [ 504.840832] ? check_same_owner+0x340/0x340 [ 504.845172] ? rcu_note_context_switch+0x680/0x680 [ 504.850133] __should_failslab+0x124/0x180 [ 504.854384] should_failslab+0x9/0x14 [ 504.858209] __kmalloc+0x2b2/0x720 [ 504.861773] ? rcu_pm_notify+0xc0/0xc0 [ 504.865681] ? match_number.isra.0+0xbf/0x280 [ 504.870209] match_number.isra.0+0xbf/0x280 [ 504.874543] ? match_strdup+0xa0/0xa0 [ 504.878360] ? match_wildcard+0x3c0/0x3c0 [ 504.882528] match_int+0x23/0x30 [ 504.885909] parse_opts+0x32c/0x500 [ 504.889565] ? p9_fd_poll+0x2b0/0x2b0 [ 504.893378] ? kasan_check_write+0x14/0x20 [ 504.897628] ? trace_hardirqs_off+0xb8/0x2b0 [ 504.902051] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 504.907164] ? kfree+0x111/0x210 [ 504.910544] ? kfree+0x111/0x210 [ 504.913921] ? lockdep_hardirqs_on+0x421/0x5c0 [ 504.918523] p9_fd_create+0x8b/0x3f0 [ 504.922247] ? p9_fd_show_options+0x1c0/0x1c0 [ 504.926764] ? p9_client_create+0x7e5/0x159b [ 504.931186] p9_client_create+0x889/0x159b [ 504.935458] ? p9_client_read+0xbf0/0xbf0 [ 504.939626] ? __kmalloc_track_caller+0x26e/0x720 [ 504.944479] ? __lockdep_init_map+0x105/0x590 [ 504.948988] ? lockdep_init_map+0x9/0x10 [ 504.953068] ? kasan_check_write+0x14/0x20 [ 504.957316] ? __init_rwsem+0x1cc/0x2a0 [ 504.961329] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 504.966357] ? rcu_read_lock_sched_held+0x108/0x120 [ 504.971380] ? __kmalloc_track_caller+0x590/0x720 [ 504.976229] ? save_stack+0xa9/0xd0 [ 504.979864] ? save_stack+0x43/0xd0 [ 504.983495] ? kasan_kmalloc+0xc4/0xe0 [ 504.987395] ? kmem_cache_alloc_trace+0x152/0x730 [ 504.992247] ? memcpy+0x45/0x50 [ 504.995540] v9fs_session_init+0x21a/0x1a80 [ 504.999868] ? find_held_lock+0x36/0x1c0 [ 505.003950] ? v9fs_show_options+0x7e0/0x7e0 [ 505.008365] ? kmem_cache_alloc_trace+0x275/0x730 [ 505.013222] ? kasan_check_read+0x11/0x20 [ 505.017399] ? rcu_is_watching+0x8c/0x150 [ 505.021555] ? trace_hardirqs_on+0xbd/0x2c0 [ 505.025887] ? rcu_pm_notify+0xc0/0xc0 [ 505.029798] ? v9fs_mount+0x61/0x900 [ 505.033521] ? rcu_read_lock_sched_held+0x108/0x120 [ 505.038566] ? kmem_cache_alloc_trace+0x324/0x730 [ 505.043429] v9fs_mount+0x7c/0x900 [ 505.046975] ? alloc_pages_current+0x114/0x210 [ 505.051580] mount_fs+0xae/0x328 [ 505.054960] vfs_kern_mount.part.33+0xdc/0x4e0 [ 505.059651] ? may_umount+0xb0/0xb0 [ 505.063289] ? _raw_read_unlock+0x22/0x30 [ 505.067446] ? __get_fs_type+0x97/0xc0 [ 505.071348] do_mount+0x581/0x30e0 [ 505.074894] ? kmem_cache_alloc_trace+0x275/0x730 [ 505.079754] ? copy_mount_string+0x40/0x40 [ 505.084010] ? copy_mount_options+0x5f/0x380 [ 505.088431] ? rcu_read_lock_sched_held+0x108/0x120 [ 505.093456] ? kmem_cache_alloc_trace+0x324/0x730 [ 505.098312] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.103865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 505.109409] ? copy_mount_options+0x285/0x380 [ 505.113918] ksys_mount+0x12d/0x140 [ 505.117560] __x64_sys_mount+0xbe/0x150 [ 505.121546] do_syscall_64+0x1b9/0x820 [ 505.125444] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 505.130815] ? syscall_return_slowpath+0x5e0/0x5e0 [ 505.135757] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 505.140782] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 505.145801] ? recalc_sigpending_tsk+0x180/0x180 [ 505.150561] ? kasan_check_write+0x14/0x20 [ 505.154816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 505.159687] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 505.164887] RIP: 0033:0x457089 [ 505.168088] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 505.186999] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 505.194741] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 505.202044] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 505.209327] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 505.216607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 505.223884] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000010 [ 505.233120] 9pnet: Insufficient options for proto=fd [ 505.238956] QAT: Invalid ioctl [ 505.247541] QAT: Invalid ioctl [ 505.256289] jfs: Unrecognized mount option "quota" or missing value [ 505.275351] QAT: Invalid ioctl 02:39:14 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xffffff8d, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:14 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x8c, r1, 0x0, 0x70bd28, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xff}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7f}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x4}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x19}}, @IPVS_DEST_ATTR_ADDR={0x14}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'rr\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3f}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x40) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 505.304502] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:14 executing program 1: pipe2(&(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) write$P9_RXATTRWALK(r0, &(0x7f0000000880)={0xf, 0x1f, 0x1, 0x1}, 0xf) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) r2 = gettid() ioprio_set$pid(0x1, r2, 0x4) fcntl$getflags(r1, 0x1) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) sendmsg$nfc_llcp(r1, &(0x7f0000000800)={&(0x7f0000000080)={0x27, 0x1, 0x1, 0x0, 0xa12c, 0x0, "bdf88b47f841df00444abac1ab4d77e914effa892c1e10fb7fddfd6e5a719f33ec79f9f4db76ac5168e69f38f6248a30fb7b8bcda86f90ebeb2cba8d887605", 0x2e}, 0x60, &(0x7f0000000680)=[{&(0x7f0000000100)="204dbdab315860ec8239cf047a4e53a147435bdb620519c330aeed74c8ff3b408476adf17fcead78cbb3e3a683ff2e40d44dd853c3e2c406eb45092c467fee7dc3e902e41ef38f864f0156c0e3cb819bc8f20fda80593de6b2823dc7c6242a57c32e047e148266b9a36ea9a53d8262b2c3d844ecdabe9b6f478bdda386d30ffd6771bd5641bc1d4194bc55b24a972ae1b80e8ffdc83ad9989246c9c01bf03c2ee3474fa1e2bab22c0c04af764fe74c8a02fea184cc341c864d8aa34b25ac78", 0xbf}, {&(0x7f00000001c0)="1768978d81f8e68b8db5d48f80b1c51763427e74182e060d9597332b27af2e41efb5cd4afe6889168e95c2cde47283aed6e7ca9d6c59222c42f14526f924a6", 0x3f}, {&(0x7f0000000300)="7b004ad25c2e6a4694c789dbf3408f7951d0828820bf9f57e5f6ff43d0399269d55d6007e93e8f4090efd46c8ad34f13629a5628acef7c17aea84b290690ed94773369bf5c1b520c2eac31fcaf07fcc9eda317bffe618892d00bc4736d2402d890b95394bd8af7071134277fad0b091205eba18e16c89ba5ceb02685e66e4ad7e16e29ac9b8b7931499ecc6836c503a0fef5a5dce305ac3f609fc66089cef274d8f15391916e1cefb7db82d95382b82da7ff788f9d8f42e7948b547b384c55b4f5972e33b90504575e6a7d62654dbb6aa24c3c31962e4b50339e2cefbe9ddc184539f52ca2", 0xe5}, {&(0x7f0000000900)="f2d7028c36b998f684537ff7b17d1712b9d11a4622da374b59ac7141f1c059e52058c4d51173f4843c77f99c07cbe875638874c7ce25ad013bc7c8ba97771a48cc76f5f27f20cea7edda75904c80e3336bb73c403d52290c4638eccb51a338bd24873e943656", 0x66}, {&(0x7f00000008c0)="760b7c972328ca49aa975a030abcd055ba741ffc78ac809a58964b5918", 0x1d}, {&(0x7f0000000500)="675db3f2bf6d58ed38e47cda3362c03181b70485ba4f06e17b7f4b51af55c6bbbc232aa551eeb387d1835e901dbbe5faae06851ce93462320703ff436a48fc52c0014f594b907843f159b77effac3017b0bdabbb81df4940feeb8dd10db62dfb2499a0cf55c9a20091e2fbe53d8c60ccbe79c0e4095a722aeba0037d3556d077ab6b160d73cfc5346830b2f3f2c9649de04625353aaade891bc12f210192acdd36ecdd78a65d770de4896b7e714edbb20becd304", 0xb4}, {&(0x7f00000005c0)="ee56752b3817f578933d1144ba3be1e99d85b0e0ffa11da1ae62bd5cba2473f9d69771c92d8421b2c000fff411d5582474d07bae6aad38b9dc16a59876554ff4529210de712035f64a4b4aa68bf7a71c374bd87f4f968e2a51a71e3dbb14faa8abe72ec9d45146be361045e3525aad673f83f92928967bb5e5b44f33569465ad090693ff2f908ccdc2e1c39ba99ddce796ebc4d8", 0x94}], 0x7, &(0x7f0000000980)=ANY=[@ANYBLOB="75ffffffffffffffff010000036d0000feacb73a29b6a84d4997a8e5e6cd9cb357f42578d30608c97bf0551c32da80c74d7451646dbc6e65c0ec601f6a4b3fcadebe24c3eb845c699e053ee1241f0b35cc464b1dca87459ec5d73a2071b04d839c39de02912b840bab5f637c6542f3e8e1d69b971cae39103511c23aa7a9e28cd8d639a5e611dcb2d6f110e85043e374a7fbea0c59ac6552c6579a231e197d59f1d37240bfabad60531c92125d1adcc7f5995238ee5ba44c86116f458f1f377f174f754116aff8f994f8b24b607a8cdf53e506148e98e843567dd01dac519ffca88168005a3ac935039c31fad9d54e60f45e6127307541a25a10dd92426ba83c"], 0xf0, 0x40800}, 0x1) readv(r1, &(0x7f0000000080), 0x10000000000000a7) ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000440)) sched_getattr(r2, &(0x7f0000000400), 0x30, 0x0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000)=0xff, 0x4) 02:39:14 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140bd, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:14 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:14 executing program 6 (fault-call:6 fault-nth:17): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:14 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x200000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:14 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x1) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000080)={{0x6, 0x4}, {0x1, 0xffff}, 0x34800000000, 0x2, 0x2}) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 505.554518] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 505.585657] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 505.596598] FAULT_INJECTION: forcing a failure. [ 505.596598] name failslab, interval 1, probability 0, space 0, times 0 [ 505.607898] CPU: 1 PID: 26612 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 505.614930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.624307] Call Trace: [ 505.626910] dump_stack+0x1c9/0x2b4 [ 505.630543] ? dump_stack_print_info.cold.2+0x52/0x52 [ 505.635751] should_fail.cold.4+0xa/0x11 [ 505.639818] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 505.644945] ? __save_stack_trace+0x8d/0xf0 [ 505.649271] ? save_stack+0xa9/0xd0 [ 505.652902] ? save_stack+0x43/0xd0 [ 505.656542] ? find_held_lock+0x36/0x1c0 [ 505.660633] ? check_same_owner+0x340/0x340 [ 505.664969] ? rcu_note_context_switch+0x680/0x680 [ 505.669921] __should_failslab+0x124/0x180 [ 505.674167] should_failslab+0x9/0x14 [ 505.677991] __kmalloc+0x2b2/0x720 [ 505.681558] ? match_number.isra.0+0xbf/0x280 [ 505.686076] match_number.isra.0+0xbf/0x280 [ 505.690411] ? match_strdup+0xa0/0xa0 [ 505.694306] ? match_wildcard+0x3c0/0x3c0 [ 505.698831] match_int+0x23/0x30 [ 505.702228] parse_opts+0x32c/0x500 [ 505.705871] ? p9_fd_poll+0x2b0/0x2b0 [ 505.709675] ? kasan_check_write+0x14/0x20 [ 505.713928] ? trace_hardirqs_off+0xb8/0x2b0 [ 505.718332] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 505.723427] ? kfree+0x111/0x210 [ 505.726783] ? kfree+0x111/0x210 [ 505.730139] ? lockdep_hardirqs_on+0x421/0x5c0 [ 505.734724] p9_fd_create+0x8b/0x3f0 [ 505.738431] ? p9_fd_show_options+0x1c0/0x1c0 [ 505.742930] ? p9_client_create+0x7e5/0x159b [ 505.747346] p9_client_create+0x889/0x159b [ 505.751593] ? p9_client_read+0xbf0/0xbf0 [ 505.755745] ? __kmalloc_track_caller+0x26e/0x720 [ 505.760658] ? __lockdep_init_map+0x105/0x590 [ 505.765152] ? lockdep_init_map+0x9/0x10 [ 505.769213] ? kasan_check_write+0x14/0x20 [ 505.773442] ? __init_rwsem+0x1cc/0x2a0 [ 505.777411] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 505.782459] ? rcu_read_lock_sched_held+0x108/0x120 [ 505.787480] ? __kmalloc_track_caller+0x590/0x720 [ 505.792325] ? save_stack+0xa9/0xd0 [ 505.795946] ? save_stack+0x43/0xd0 [ 505.799563] ? kasan_kmalloc+0xc4/0xe0 [ 505.803442] ? kmem_cache_alloc_trace+0x152/0x730 [ 505.808284] ? memcpy+0x45/0x50 [ 505.811573] v9fs_session_init+0x21a/0x1a80 [ 505.815900] ? find_held_lock+0x36/0x1c0 [ 505.819971] ? v9fs_show_options+0x7e0/0x7e0 [ 505.824398] ? kmem_cache_alloc_trace+0x275/0x730 [ 505.829254] ? kasan_check_read+0x11/0x20 [ 505.833405] ? rcu_is_watching+0x8c/0x150 [ 505.837570] ? trace_hardirqs_on+0xbd/0x2c0 [ 505.841887] ? rcu_pm_notify+0xc0/0xc0 [ 505.845807] ? v9fs_mount+0x61/0x900 [ 505.849526] ? rcu_read_lock_sched_held+0x108/0x120 [ 505.854542] ? kmem_cache_alloc_trace+0x324/0x730 [ 505.859398] v9fs_mount+0x7c/0x900 [ 505.862943] ? alloc_pages_current+0x114/0x210 [ 505.867517] mount_fs+0xae/0x328 [ 505.870877] vfs_kern_mount.part.33+0xdc/0x4e0 [ 505.875449] ? may_umount+0xb0/0xb0 [ 505.879067] ? _raw_read_unlock+0x22/0x30 [ 505.883212] ? __get_fs_type+0x97/0xc0 [ 505.887114] do_mount+0x581/0x30e0 [ 505.890658] ? kmem_cache_alloc_trace+0x275/0x730 [ 505.895490] ? copy_mount_string+0x40/0x40 [ 505.899732] ? copy_mount_options+0x5f/0x380 [ 505.904161] ? rcu_read_lock_sched_held+0x108/0x120 [ 505.909204] ? kmem_cache_alloc_trace+0x324/0x730 [ 505.914053] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.919585] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 505.925111] ? copy_mount_options+0x285/0x380 [ 505.929596] ksys_mount+0x12d/0x140 [ 505.933219] __x64_sys_mount+0xbe/0x150 [ 505.937213] do_syscall_64+0x1b9/0x820 [ 505.941111] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 505.946493] ? syscall_return_slowpath+0x5e0/0x5e0 [ 505.951425] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 505.956448] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 505.961459] ? recalc_sigpending_tsk+0x180/0x180 [ 505.966226] ? kasan_check_write+0x14/0x20 [ 505.970469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 505.975327] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 505.980528] RIP: 0033:0x457089 [ 505.983722] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:14 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbe40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:14 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8847000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 506.002612] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 506.010318] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 506.017590] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 506.024857] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 506.032131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 506.039403] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000011 [ 506.047408] 9pnet: Insufficient options for proto=fd 02:39:15 executing program 1: r0 = syz_open_dev$midi(&(0x7f0000000300)='/dev/midi#\x00', 0x3, 0x101000) getsockopt$llc_int(r0, 0x10c, 0xf, &(0x7f0000000340), &(0x7f0000000380)=0x4) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x5, @local, 0x9}}, 0x6, 0x8}, &(0x7f0000000480)=0x90) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000500)={0x425, 0x0, 0x8001, 0x8, r2}, &(0x7f0000000540)=0x10) readv(r1, &(0x7f0000000080), 0x10000000000000a7) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000140)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x7, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x6}, [@jmp={0x5, 0x4, 0xa, 0x5, 0x2, 0x20, 0x10}, @generic={0x8500, 0x2, 0x8, 0x401}]}, &(0x7f0000000080)='syzkaller\x00', 0x1ff, 0x2e, &(0x7f00000000c0)=""/46, 0x40f00, 0x1, [], r3, 0xf}, 0x48) syz_open_dev$midi(&(0x7f0000000580)='/dev/midi#\x00', 0x3, 0x100) [ 506.148729] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:15 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000025000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:15 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0xcc20}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:15 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:15 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1900000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:15 executing program 6 (fault-call:6 fault-nth:18): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:15 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xd00000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:15 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000000)=""/14) 02:39:15 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) getpeername$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000080)=0x10) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 506.361663] FAULT_INJECTION: forcing a failure. [ 506.361663] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 506.373820] CPU: 1 PID: 26659 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 506.380848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.386655] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 506.390219] Call Trace: [ 506.390259] dump_stack+0x1c9/0x2b4 [ 506.390286] ? dump_stack_print_info.cold.2+0x52/0x52 [ 506.390312] ? __lock_acquire+0x7fc/0x5020 [ 506.398787] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 506.400735] ? mark_held_locks+0x160/0x160 [ 506.400762] should_fail.cold.4+0xa/0x11 [ 506.400785] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 506.400801] ? mark_held_locks+0x160/0x160 [ 506.400819] ? print_usage_bug+0xc0/0xc0 [ 506.443308] ? __lock_acquire+0x7fc/0x5020 [ 506.447558] ? __lock_acquire+0x7fc/0x5020 [ 506.451811] ? perf_trace_lock+0x920/0x920 [ 506.456065] ? mark_held_locks+0x160/0x160 [ 506.460314] ? mark_held_locks+0x160/0x160 [ 506.464574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.470134] ? should_fail+0x246/0xd86 [ 506.474039] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 506.479162] __alloc_pages_nodemask+0x365/0xd10 [ 506.483865] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 506.488886] ? graph_lock+0x170/0x170 [ 506.492676] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 506.497781] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 506.502876] ? lockdep_hardirqs_on+0x421/0x5c0 [ 506.507448] ? __debug_object_init+0x581/0x12e0 [ 506.512117] ? find_held_lock+0x36/0x1c0 [ 506.516172] ? trace_hardirqs_off+0xb8/0x2b0 [ 506.520579] cache_grow_begin+0x91/0x710 [ 506.524656] kmem_cache_alloc_trace+0x653/0x730 [ 506.529363] p9_client_prepare_req.part.9+0x663/0xba0 [ 506.534752] ? p9_free_req.isra.8+0x140/0x140 [ 506.539271] ? p9_pollwait+0x83/0x230 [ 506.543086] ? p9_conn_create+0x730/0x730 [ 506.547247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.552793] p9_client_rpc+0x1c2/0x1400 [ 506.556787] ? p9_fd_poll+0x1e0/0x2b0 [ 506.560581] ? p9_conn_create+0x55b/0x730 [ 506.564726] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 506.570095] ? ksys_dup3+0x690/0x690 [ 506.573813] ? kasan_check_read+0x11/0x20 [ 506.577960] ? rcu_is_watching+0x8c/0x150 [ 506.582124] ? trace_hardirqs_on+0xbd/0x2c0 [ 506.586450] ? rcu_pm_notify+0xc0/0xc0 [ 506.590890] ? rcu_read_lock_sched_held+0x108/0x120 [ 506.596246] ? kfree+0x111/0x210 [ 506.599638] ? lockdep_hardirqs_on+0x421/0x5c0 [ 506.604263] ? p9_fd_show_options+0x1c0/0x1c0 [ 506.608789] p9_client_create+0xc4a/0x159b [ 506.613100] ? p9_client_read+0xbf0/0xbf0 [ 506.617278] ? __kmalloc_track_caller+0x26e/0x720 [ 506.622139] ? __lockdep_init_map+0x105/0x590 [ 506.626657] ? kasan_check_write+0x14/0x20 [ 506.630905] ? __init_rwsem+0x1cc/0x2a0 [ 506.634896] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 506.640544] ? rcu_read_lock_sched_held+0x108/0x120 [ 506.645570] ? __kmalloc_track_caller+0x590/0x720 [ 506.650418] ? save_stack+0xa9/0xd0 [ 506.654055] ? save_stack+0x43/0xd0 [ 506.657688] ? kasan_kmalloc+0xc4/0xe0 [ 506.661584] ? kmem_cache_alloc_trace+0x152/0x730 [ 506.666438] ? memcpy+0x45/0x50 [ 506.669743] v9fs_session_init+0x21a/0x1a80 [ 506.674085] ? find_held_lock+0x36/0x1c0 [ 506.678367] ? v9fs_show_options+0x7e0/0x7e0 [ 506.682787] ? kmem_cache_alloc_trace+0x275/0x730 [ 506.687642] ? kasan_check_read+0x11/0x20 [ 506.691802] ? rcu_is_watching+0x8c/0x150 [ 506.695952] ? trace_hardirqs_on+0xbd/0x2c0 [ 506.700776] ? rcu_pm_notify+0xc0/0xc0 [ 506.704685] ? v9fs_mount+0x61/0x900 [ 506.708416] ? rcu_read_lock_sched_held+0x108/0x120 [ 506.713444] ? kmem_cache_alloc_trace+0x324/0x730 [ 506.718309] v9fs_mount+0x7c/0x900 [ 506.721857] ? alloc_pages_current+0x114/0x210 [ 506.726480] mount_fs+0xae/0x328 [ 506.729861] vfs_kern_mount.part.33+0xdc/0x4e0 [ 506.734456] ? may_umount+0xb0/0xb0 [ 506.738090] ? _raw_read_unlock+0x22/0x30 [ 506.742247] ? __get_fs_type+0x97/0xc0 [ 506.746153] do_mount+0x581/0x30e0 [ 506.749701] ? kmem_cache_alloc_trace+0x275/0x730 [ 506.754560] ? copy_mount_string+0x40/0x40 [ 506.758805] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 506.763581] ? retint_kernel+0x10/0x10 [ 506.767491] ? copy_mount_options+0x1a1/0x380 [ 506.772002] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 506.776874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.782425] ? copy_mount_options+0x285/0x380 [ 506.786957] ksys_mount+0x12d/0x140 [ 506.790597] __x64_sys_mount+0xbe/0x150 [ 506.794593] do_syscall_64+0x1b9/0x820 [ 506.798490] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 506.803864] ? syscall_return_slowpath+0x5e0/0x5e0 [ 506.808814] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 506.813842] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 506.818866] ? recalc_sigpending_tsk+0x180/0x180 [ 506.823628] ? kasan_check_write+0x14/0x20 [ 506.827881] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 506.832751] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 506.837946] RIP: 0033:0x457089 [ 506.841147] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:15 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000500", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:15 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xffffdd86, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 506.860062] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 506.867796] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 506.875075] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 506.882350] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 506.889640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 506.896915] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000012 02:39:15 executing program 6 (fault-call:6 fault-nth:19): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:15 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1a000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:15 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:15 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x3, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 506.986753] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 507.040111] FAULT_INJECTION: forcing a failure. [ 507.040111] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 507.051998] CPU: 1 PID: 26690 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 507.059116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.068623] Call Trace: [ 507.071239] dump_stack+0x1c9/0x2b4 [ 507.074887] ? dump_stack_print_info.cold.2+0x52/0x52 [ 507.080109] should_fail.cold.4+0xa/0x11 [ 507.084188] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 507.089336] ? lock_downgrade+0x8f0/0x8f0 [ 507.093504] ? kasan_check_read+0x11/0x20 [ 507.097666] ? rcu_is_watching+0x8c/0x150 [ 507.101827] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 507.106509] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 507.111218] ? is_bpf_text_address+0xd7/0x170 [ 507.115817] ? kernel_text_address+0x79/0xf0 [ 507.120245] ? __kernel_text_address+0xd/0x40 [ 507.124762] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.130315] ? should_fail+0x246/0xd86 [ 507.134232] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 507.139361] __alloc_pages_nodemask+0x365/0xd10 [ 507.144044] ? save_stack+0xa9/0xd0 [ 507.147692] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 507.152734] ? p9_client_create+0xc4a/0x159b [ 507.157158] ? v9fs_mount+0x7c/0x900 [ 507.160892] ? mount_fs+0xae/0x328 [ 507.164439] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 507.169209] ? do_mount+0x581/0x30e0 [ 507.172933] ? ksys_mount+0x12d/0x140 [ 507.176749] ? __x64_sys_mount+0xbe/0x150 [ 507.180909] ? graph_lock+0x170/0x170 [ 507.184769] ? trace_hardirqs_off+0xb8/0x2b0 [ 507.189219] cache_grow_begin+0x91/0x710 [ 507.193307] __kmalloc+0x641/0x720 [ 507.196867] ? p9_fcall_alloc+0x1e/0x90 [ 507.200863] p9_fcall_alloc+0x1e/0x90 [ 507.204683] p9_client_prepare_req.part.9+0x862/0xba0 [ 507.209915] ? p9_free_req.isra.8+0x140/0x140 [ 507.214439] ? p9_pollwait+0x83/0x230 [ 507.218253] ? p9_conn_create+0x730/0x730 [ 507.222415] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.227979] p9_client_rpc+0x1c2/0x1400 [ 507.231989] ? p9_fd_poll+0x1e0/0x2b0 [ 507.235807] ? p9_conn_create+0x55b/0x730 [ 507.239967] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 507.245352] ? ksys_dup3+0x690/0x690 [ 507.249078] ? kasan_check_read+0x11/0x20 [ 507.253237] ? rcu_is_watching+0x8c/0x150 [ 507.257399] ? trace_hardirqs_on+0xbd/0x2c0 [ 507.261747] ? rcu_pm_notify+0xc0/0xc0 [ 507.265666] ? rcu_read_lock_sched_held+0x108/0x120 [ 507.270698] ? kfree+0x111/0x210 [ 507.274076] ? lockdep_hardirqs_on+0x421/0x5c0 [ 507.278685] ? p9_fd_show_options+0x1c0/0x1c0 [ 507.283213] p9_client_create+0xc4a/0x159b [ 507.287474] ? p9_client_read+0xbf0/0xbf0 [ 507.291643] ? __kmalloc_track_caller+0x26e/0x720 [ 507.296492] ? __lockdep_init_map+0x105/0x590 [ 507.301003] ? kasan_check_write+0x14/0x20 [ 507.305255] ? __init_rwsem+0x1cc/0x2a0 [ 507.309241] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 507.314446] ? rcu_read_lock_sched_held+0x108/0x120 [ 507.319472] ? __kmalloc_track_caller+0x590/0x720 [ 507.324323] ? save_stack+0xa9/0xd0 [ 507.327959] ? save_stack+0x43/0xd0 [ 507.331593] ? kasan_kmalloc+0xc4/0xe0 [ 507.335483] ? kmem_cache_alloc_trace+0x152/0x730 [ 507.340333] ? memcpy+0x45/0x50 [ 507.343626] v9fs_session_init+0x21a/0x1a80 [ 507.347958] ? find_held_lock+0x36/0x1c0 [ 507.352044] ? v9fs_show_options+0x7e0/0x7e0 [ 507.356465] ? kmem_cache_alloc_trace+0x275/0x730 [ 507.361328] ? kasan_check_read+0x11/0x20 [ 507.365481] ? rcu_is_watching+0x8c/0x150 [ 507.369633] ? trace_hardirqs_on+0xbd/0x2c0 [ 507.373958] ? rcu_pm_notify+0xc0/0xc0 [ 507.377861] ? v9fs_mount+0x61/0x900 [ 507.381587] ? rcu_read_lock_sched_held+0x108/0x120 [ 507.386609] ? kmem_cache_alloc_trace+0x324/0x730 [ 507.391470] v9fs_mount+0x7c/0x900 [ 507.395018] ? alloc_pages_current+0x114/0x210 [ 507.399621] mount_fs+0xae/0x328 [ 507.403000] vfs_kern_mount.part.33+0xdc/0x4e0 [ 507.407599] ? may_umount+0xb0/0xb0 [ 507.411232] ? _raw_read_unlock+0x22/0x30 [ 507.415405] ? __get_fs_type+0x97/0xc0 [ 507.419306] do_mount+0x581/0x30e0 [ 507.422851] ? kmem_cache_alloc_trace+0x275/0x730 [ 507.427710] ? copy_mount_string+0x40/0x40 [ 507.431976] ? copy_mount_options+0x5f/0x380 [ 507.436395] ? rcu_read_lock_sched_held+0x108/0x120 [ 507.441419] ? kmem_cache_alloc_trace+0x324/0x730 [ 507.446275] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 507.451823] ? _copy_from_user+0xdf/0x150 [ 507.455991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.461538] ? copy_mount_options+0x285/0x380 [ 507.466049] ksys_mount+0x12d/0x140 [ 507.469692] __x64_sys_mount+0xbe/0x150 [ 507.473688] do_syscall_64+0x1b9/0x820 [ 507.477589] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 507.482967] ? syscall_return_slowpath+0x5e0/0x5e0 [ 507.487908] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 507.492937] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 507.497961] ? recalc_sigpending_tsk+0x180/0x180 [ 507.502736] ? kasan_check_write+0x14/0x20 [ 507.506998] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 507.511875] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 507.517082] RIP: 0033:0x457089 [ 507.520290] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 507.539213] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 507.546961] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 507.554254] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 507.561527] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 507.568805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 507.576079] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000013 02:39:16 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x101000, 0x0) ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000340)) rt_sigaction(0x35, &(0x7f0000000380)={0xfff, {}, 0x98000000, 0x2}, &(0x7f00000003c0), 0x8, &(0x7f0000000400)) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000440)=0xf3, 0x4) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000000)={0x800, 0x1, 0x800, 0x2, 0x7fff}, 0xc) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) write$sndseq(0xffffffffffffffff, &(0x7f0000000500)=[{0x3f, 0x81, 0x9, 0x2, @tick=0x1ff, {0x400, 0x8}, {0x1000, 0xffffffffffff7f52}, @raw32={[0x1c, 0x101, 0x9]}}, {0x1f, 0x800, 0xc990, 0x200, @time={0x0, 0x989680}, {0x1, 0x9}, {0x89e, 0x400}, @raw8={"f1cd0ef7fb21c7acef18ebcf"}}, {0x0, 0x1, 0x0, 0x7, @tick=0x5, {0x2, 0xfffffffffffffff9}, {0x0, 0xffffffffffffff3a}, @time=@tick=0xb9}, {0x19, 0x5, 0x6, 0x2, @tick=0x5, {0x1, 0x1}, {0x1, 0x2}, @time=@time={0x77359400}}], 0xc0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000080)="6f400e6f32e7855ecd8fe113df33ba3ccd55f064550b38b3d6126ddbcb4b634a6bb6cc2916fd07ebcbe225ef3157114cf06c2218f5dd9ccf9b47fd08362cd122fbf3d7fc4e47ba6e4a0add9d3df76d5c90128ce171", &(0x7f0000000100)="d08abbcc3fc5ff0a8cb09d54f3d21848f7cfc9cbf7236f7c2c95365b7ea06057b6ccf099191c727e70e36f6b737d9688a3ab4cd224793c47775dea1a2b0afef0c595b23f8363df2991c2d501627281fb9445651a4d7cad1a0d0116a0c8a174f8fc38e188bee07f96d0a600c0064d17fc4aa2a4bafe290d612c56f35157e6ad49cf85c7c4428e9fe6fe6228c5ec5e37af2ea3451c21ea8e39"}, 0x20) write$P9_ROPEN(0xffffffffffffffff, &(0x7f0000000480)={0x18, 0x71, 0x1, {{0x8, 0x2, 0x6}, 0x100000000}}, 0x18) readv(0xffffffffffffffff, &(0x7f0000000080), 0x10000000000000a7) 02:39:16 executing program 1: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x40, 0x0) write$P9_RREAD(r0, &(0x7f0000000080)={0x81, 0x75, 0x2, {0x76, "ca2a6a93cfdf2875a5c6a510177f43522ecbc7a6f91a7505bddf9a154638d603f7bd0fdc93405f481ba15a3ea131aa0ced96d6ebdcf703001de556694d7d42d06b13ba8da4d64533ba2a327a678638571e698619fbbb92b7fbc7f2ef0d0ff0b6d339321b7042a2c9691c69f8c73200f417551f63408b"}}, 0x81) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r1, &(0x7f0000000080), 0x10000000000000a7) [ 507.621759] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 507.704767] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:16 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34, 0xc00e}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:16 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x17000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:16 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x28000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:16 executing program 0: pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000300)={0x9, 0x1, 0x3ff, 0x81, 0xfffffffffffffffd, 0x7f, 0x4, 0x1093, 0x37, 0xffffffffffffd61d}) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYBLOB="84000000b7387d4968aaaf1ed18892b7afad39f09838d716618ef87d3aec0818df4972d869fb72b2d9c97337a6d76ee26c837a76b51d39e8d3c0e579dc7d8ac273654932af117dd62ebed5f450fba63616e099b141d479b577b7523e0c000000000000bb4b4bdb69f7bae37e83ac65c468e51a07841426ed2769"], &(0x7f00000002c0)=0x8c) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000480)={0x4, 0x0, 0x0, 0x6, r2}, 0x10) r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) getpid() ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$seccomp(0x16, 0x1, &(0x7f0000000440)={0x5, &(0x7f0000000400)=[{0x0, 0x366, 0xfeb3, 0xfff}, {0x10000, 0x6, 0x8001, 0x2000000000000000}, {0x101, 0x7fffffff, 0xadf8, 0x7fffffff}, {0x8, 0x8, 0x3f, 0x2}, {0x100000000, 0x3, 0x5, 0x1}]}) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000340)=0x401, 0x4) readv(r4, &(0x7f0000000080), 0x10000000000000a7) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x10}, 0x10) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r3, 0x800448d3, &(0x7f00000004c0)={{0x1ff, 0x7ff800000000, 0x2, 0xffffffffffffffa9, 0xa365, 0x8}, 0x1, 0x9, 0x2, 0x3f, 0x7, "888d1f8d8675418eed90cb2ebcb861c79cc24fdb593c7df5c10623ab4dab7ed06bb3bde0b35e9617bead03dd593a7757a4f46b3e24be7b04705aea93fb274ff8d6b11dfe1ec0badeaaec7a096addb1fa6def9fe00c021fdf6d21308f982da0c1d294d1c1f3e849c1a699f3a34dee2cd79439a1d7d0361e8866677db7e3db687c"}) ioctl$EVIOCGSND(r4, 0x8040451a, &(0x7f0000000140)=""/120) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000580)={0x2, 0x3, 0xd9, 0x3, 0x2}) 02:39:16 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:16 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000080)=""/191, 0x9e}, {&(0x7f0000000440)=""/19, 0x2e1}, {&(0x7f0000001500)=""/4096, 0xffffffd1}, {&(0x7f0000002500)=""/238, 0xfffffffffffffc76}, {&(0x7f0000000140)=""/34, 0xfffffffffffffd4f}], 0x5) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:16 executing program 6 (fault-call:6 fault-nth:20): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 507.890577] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 507.952812] audit: type=1326 audit(1535164756.852:3): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=26739 comm="syz-executor0" exe="/root/syz-executor0" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0 [ 507.966482] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 507.994165] FAULT_INJECTION: forcing a failure. [ 507.994165] name failslab, interval 1, probability 0, space 0, times 0 [ 508.005620] CPU: 1 PID: 26740 Comm: syz-executor6 Not tainted 4.18.0+ #206 [ 508.012664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 508.022060] Call Trace: [ 508.024670] dump_stack+0x1c9/0x2b4 [ 508.028336] ? dump_stack_print_info.cold.2+0x52/0x52 [ 508.033561] ? trace_hardirqs_off+0xb8/0x2b0 [ 508.038023] should_fail.cold.4+0xa/0x11 [ 508.042125] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 508.047283] ? p9_client_create+0xe75/0x159b 02:39:16 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000025000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:16 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:16 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x4000, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x2000, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x100, 0x0) 02:39:16 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x2000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 508.051738] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 508.056875] ? __kasan_slab_free+0x131/0x170 [ 508.061315] ? p9_client_create+0xe75/0x159b [ 508.065764] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.071339] ? p9_free_req.isra.8+0x95/0x140 [ 508.075792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.081369] ? find_held_lock+0x36/0x1c0 [ 508.085489] ? check_same_owner+0x340/0x340 [ 508.089852] ? rcu_note_context_switch+0x680/0x680 [ 508.094814] ? kasan_check_write+0x14/0x20 [ 508.099085] __should_failslab+0x124/0x180 [ 508.103351] should_failslab+0x9/0x14 [ 508.107181] __kmalloc_track_caller+0x2ae/0x720 [ 508.111892] ? save_stack+0xa9/0xd0 [ 508.115547] ? save_stack+0x43/0xd0 [ 508.119207] ? kasan_kmalloc+0xc4/0xe0 [ 508.123111] ? kmem_cache_alloc_trace+0x152/0x730 [ 508.127972] ? v9fs_session_init+0x501/0x1a80 [ 508.132487] kstrdup+0x39/0x70 [ 508.135703] v9fs_session_init+0x501/0x1a80 [ 508.140067] ? v9fs_show_options+0x7e0/0x7e0 [ 508.144514] ? kmem_cache_alloc_trace+0x275/0x730 [ 508.149381] ? kasan_check_read+0x11/0x20 [ 508.153563] ? rcu_is_watching+0x8c/0x150 [ 508.157732] ? trace_hardirqs_on+0xbd/0x2c0 [ 508.162086] ? rcu_pm_notify+0xc0/0xc0 [ 508.166010] ? v9fs_mount+0x61/0x900 [ 508.169775] ? rcu_read_lock_sched_held+0x108/0x120 [ 508.174812] ? kmem_cache_alloc_trace+0x324/0x730 [ 508.179689] v9fs_mount+0x7c/0x900 [ 508.183253] ? alloc_pages_current+0x114/0x210 [ 508.187871] mount_fs+0xae/0x328 [ 508.191275] vfs_kern_mount.part.33+0xdc/0x4e0 [ 508.195885] ? may_umount+0xb0/0xb0 [ 508.199543] ? _raw_read_unlock+0x22/0x30 [ 508.203723] ? __get_fs_type+0x97/0xc0 [ 508.207638] do_mount+0x581/0x30e0 [ 508.211202] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.216682] ? copy_mount_string+0x40/0x40 [ 508.220943] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 508.225735] ? retint_kernel+0x10/0x10 [ 508.229648] ? copy_mount_options+0x213/0x380 [ 508.234159] ? copy_mount_options+0x213/0x380 [ 508.238694] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.244260] ? copy_mount_options+0x285/0x380 [ 508.248781] ksys_mount+0x12d/0x140 [ 508.252433] __x64_sys_mount+0xbe/0x150 [ 508.256441] do_syscall_64+0x1b9/0x820 [ 508.260353] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 508.265746] ? syscall_return_slowpath+0x5e0/0x5e0 [ 508.270703] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 508.275755] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 508.280791] ? recalc_sigpending_tsk+0x180/0x180 [ 508.285569] ? kasan_check_write+0x14/0x20 [ 508.289833] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 508.294709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.299919] RIP: 0033:0x457089 02:39:17 executing program 6 (fault-call:6 fault-nth:21): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:17 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfdffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:17 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:17 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf0, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:17 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 508.303123] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 508.322039] RSP: 002b:00007f24af964c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 508.329773] RAX: ffffffffffffffda RBX: 00007f24af9656d4 RCX: 0000000000457089 [ 508.337059] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 508.344345] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 508.351630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 508.358913] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000014 [ 508.486954] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 508.560258] 9pnet: Insufficient options for proto=fd [ 508.584658] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 508.625265] 9pnet: Insufficient options for proto=fd [ 508.677489] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 508.743234] audit: type=1326 audit(1535164757.641:4): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=26739 comm="syz-executor0" exe="/root/syz-executor0" sig=9 arch=c000003e syscall=202 compat=0 ip=0x457089 code=0x0 02:39:17 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x8000000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:17 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\a\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:17 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffff6, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:17 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:17 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x700, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:17 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x21) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:17 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:17 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b5, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:17 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x3a00, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 508.892629] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:17 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 508.941584] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:17 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:17 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x300, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 509.103908] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 509.181117] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:18 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0x6}, 0x10) 02:39:18 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffffd, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfc400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xc00e0000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:18 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:18 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x2, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:18 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00 \x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:18 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140be, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe4ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0x4100, 0x0) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=""/249, 0xf9}], 0x1) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000440)=0xbb) setsockopt$packet_buf(r0, 0x107, 0x1, &(0x7f0000000500)="c1e6a58de1bb6521d16a89147e13f6c733b573bb0bbb2542dd9bb158c5e0a50e80d78bc6d2b07391d34cfc52d51f415270a54b22d4346c09b057b400fea92eedcef8866eb65244e490470f5664cf6f70a2e112a4e14892ccb75219e18228", 0x5e) write$FUSE_LSEEK(r0, &(0x7f0000000000)={0x18, 0xffffffffffffffda, 0x10000003, {0x5}}, 0xfffffffffffffd25) bind$unix(r0, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e) write$P9_RXATTRCREATE(r0, &(0x7f00000000c0)={0x7, 0x21, 0x2}, 0x7) readv(r0, &(0x7f0000000080), 0x10000000000000b3) write$binfmt_script(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="2321202e2f66696c6530202f6465762f72666b696c6c000acaad4302744b04f65350f38df515a4545c83848e2358be3f56938b9e0bc6c256bf08450882102da2d4f31bd89bba7bf314e912e52f152d3a86b8654f0ab720a83ecb850276310c7529baee6e3dd8b03bb14c97e6fac1f6a8c7fd57cf9ac70575dc4d78db4631e9f1bc47622093a8160f8430f5673fcf4608bb08fbe12dee90e5a0d51f1474cd03d97e"], 0xa1) 02:39:18 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f00000001c0)) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x0) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000180)=0x6) readv(r0, &(0x7f0000000880)=[{&(0x7f0000000080)=""/206, 0xfffffffffffffec5}, {&(0x7f0000000000)=""/59, 0x3b}, {&(0x7f00000007c0)=""/146, 0x92}, {&(0x7f0000000600)=""/219, 0xdb}], 0x130) ioctl$BLKTRACESTOP(r0, 0x1275, 0x0) 02:39:18 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8848000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:18 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x2000, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0x37e7, 0x44, 0x1000, 0x3f, 0x3}) r1 = socket$inet6(0xa, 0x1000000000002, 0x11f87c4) memfd_create(&(0x7f0000000000)='/dev/rfkill\x00', 0x3) socket$pptp(0x18, 0x1, 0x2) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000340)={{0x1, 0x1}, 'port0\x00', 0x2, 0x80001, 0x5, 0xfffffffffffffffc, 0x7, 0x101, 0x7d, 0x0, 0x2, 0xfe8}) ioctl(r1, 0x8912, &(0x7f0000000080)="0a5cc80700315f85715070") r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) open_by_handle_at(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="090000fa02000000828a4040f8de0371f44e6db2b9dd3ae7be71a66d9d39b268bf862cdfb0d66dd5b54be2545cf27a7f80982174dd99fe374d7b322da0712899aca7b5409ed64f31976935fc80572c9fdfea63a8954a65639494841275c3eac14800008d987a4144a1b1130900000046"], 0x101200) fanotify_mark(r2, 0x18, 0x8000000, r0, &(0x7f0000000180)='./bus\x00') readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x55, 0x8000) chdir(&(0x7f0000000300)='./bus\x00') readv(r0, &(0x7f0000000080), 0xe029a6a19da3bdd) [ 509.805714] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 509.814233] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:18 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:18 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x40000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 509.884601] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:18 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) r1 = openat$userio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/userio\x00', 0x341000, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x12001, 0x0) ioctl$sock_inet6_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000140)) 02:39:18 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:18 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000009000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:18 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8dffffff, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 510.075457] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 510.129577] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 510.175561] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:19 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x100000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:19 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) ptrace$setregs(0xf, r1, 0x4, &(0x7f0000000100)="ac77d7264e307bb54d60952360cd5774ff7c92d84a745513a36ef1885a412af3116b99301ab668a3a95da9471345365505903cd0135a90686b54bad164fa6684a9b4236046d996de0d3b9d764bce1817cedcb57cc5f465fdb7982ec205077b36d4b38ba8afceedfd22bc76d3609de7f668ebf58a9cce04fbd97dbcc64c2117a1af75e6642b68262ebe7e7fc0ece499b8f55568e3d6204a0533044eceb5530215bb632c3e1d6dfb1ce2e8839e4bdb28b770624ad2dfae34ab4066f406668e6ba262c8ee1b7c08bdb178976f5b1f54a166") readv(0xffffffffffffffff, &(0x7f00000004c0), 0x10000000000000f0) readv(r0, &(0x7f0000000080), 0x10a2) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @remote}}}, &(0x7f0000000080)=0x84) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000002c0)={0x0, 0x7}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000340)={r2, 0x80, 0x7, 0x80000001, 0x800, 0x3, 0x4, 0x9, {r3, @in6={{0xa, 0x4e22, 0x3, @empty, 0x7}}, 0x3f, 0x0, 0x0, 0x6, 0x6}}, &(0x7f0000000400)=0xb0) 02:39:19 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb740010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:19 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x20cc}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:19 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:19 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:19 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:19 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:19 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:19 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x2, {0x0, 0x5, 0x1, 0x5, 0x401, 0x6}, 0x8, 0x401}, 0xe) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 510.754683] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:19 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x5800, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:19 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 510.831730] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:19 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='cpuacct.usage_percpu\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), &(0x7f0000000300)=0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000540)={0xa, 0x0, 0x0, @remote}, &(0x7f0000000580)=0x1c, 0x80000) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e21, 0x5, @mcast1, 0xa3}, {0xa, 0x4e22, 0x2, @loopback, 0x8001}, 0x1, [0xffff, 0x8, 0x441, 0x7, 0x7ff, 0x800, 0x9, 0x1]}, 0x5c) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x4e20, 0x5, @ipv4={[], [], @remote}}, @in={0x2, 0x4e23, @rand_addr=0x7f}, @in6={0xa, 0x4e24, 0x7fff, @mcast1, 0x7f}, @in6={0xa, 0x4e20, 0x100, @local, 0x93bb}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000140)=@assoc_value={r3, 0x9}, 0x8) readv(r2, &(0x7f0000000080), 0x10000000000000a7) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000340)={0x3}, 0x1) 02:39:19 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140fb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:19 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000008800", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:19 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xfffffff5, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 510.987530] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:19 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb4400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x7}) fanotify_mark(r0, 0x40, 0x2000b, r0, &(0x7f00000000c0)='./file0\x00') ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) sched_setscheduler(r1, 0x7, &(0x7f0000000300)=0x8000000000005) [ 511.068505] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:20 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 511.157784] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:20 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x28, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:20 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xfffffffe}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:20 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x600, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:20 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000200", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 511.644528] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:20 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) getsockopt(r0, 0x2, 0x6, &(0x7f0000000080)=""/252, &(0x7f0000000180)=0xfc) readv(0xffffffffffffffff, &(0x7f0000000000), 0x7d) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000000000)) 02:39:20 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x6, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:20 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x400000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 511.723771] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:20 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:20 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000007fffffe00", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:20 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f00000000c0), 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000000c0)={0x0, 0xb4, "fa7367b1e57dfaef08208e5762f81cf084332948313c6dffe0ea38163b67fc7114d1eb15f6992ecc651eb2b009317c8ffcdd23e85d9a693fe920ff6f15cd96b781f90fff89160dc2c07f03b43f54222f5c68e76ec92cc38c0d3ee63efb1c565da17f4c2c33d0e751bc9b0db6ba3871345e8464a03184c96d3c0643bcad2253e1402c6a108a349fcd18d846462dc1093e86dd6777997f1b39952359b5ce39aa65c12c0c9f9f58185410ad033fb6df77f7d7fa4110"}, &(0x7f0000000180)=0xbc) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000001c0)={r1, 0x7}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x1c) dup(r0) 02:39:20 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xffffffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 511.913298] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 511.940522] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:20 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r1, &(0x7f0000000080), 0x10000000000000a7) sendfile(r0, r1, 0x0, 0x5bc79ccf) ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000080)=""/112) 02:39:20 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b7, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:20 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000006ef00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 512.023883] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:21 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x600, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:21 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000080)) chmod(&(0x7f0000000000)='./file0\x00', 0x20) 02:39:21 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:21 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1700, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:21 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:21 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000300", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:21 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:21 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140fc, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 512.602177] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 512.617154] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:21 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf408000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:21 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000f00600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:21 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000008800", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:21 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) socket$can_bcm(0x1d, 0x2, 0x2) 02:39:21 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:21 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88480000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:21 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 512.865543] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 512.903217] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:21 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:22 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0xc9) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000000)={0x8001, 0xdc3, 0x6, 0x1}) write$eventfd(r0, &(0x7f0000000080)=0x6, 0x8) 02:39:22 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x700000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:22 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4e24000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:22 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:22 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1600, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000009000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:22 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x200, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000080)={{0xa, 0x4e20, 0x4, @loopback, 0x279}, {0xa, 0x4e23, 0x4, @ipv4, 0x80000001}, 0x5, [0x8, 0x9, 0x4c, 0x7fff, 0x7, 0x64, 0x7fff, 0x5]}, 0x5c) readv(r0, &(0x7f0000000080), 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000100)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000140)=0x28) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={r2, 0x9e, 0xff, 0x35}, 0x10) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f0000000300)={0xe, 0x7fff, {0x57, 0x32, 0x400, {0x5, 0x4dd196f7}, {0x7, 0x5}, @const={0x7, {0x9, 0x8, 0x0, 0x8}}}, {0x57, 0x6, 0x9, {0xa00000000000, 0x2}, {0x2, 0x8000}, @ramp={0x3, 0x3f, {0x3, 0x7ff, 0x6, 0x5}}}}) 02:39:22 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000ef0600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:22 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf0ffffffffffff, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:22 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x800000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:22 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f00000003c0), 0xfd) [ 513.569649] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 513.578942] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000080)) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1}) 02:39:22 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:22 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7ffffffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:22 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000008800", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:22 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x300000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:22 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:22 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xc0ed0000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 513.858564] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 513.921516] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:23 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x288}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:23 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000200", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:23 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8dffffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:23 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x14104, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:23 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(r0, &(0x7f0000000080), 0x100000000000028b) readv(r1, &(0x7f0000000080), 0x10000000000000a7) 02:39:23 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:23 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:23 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x6488, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 514.504519] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:23 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88480000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:23 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000)={0x7, 0x2}, 0x2) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:23 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffff87000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:23 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:23 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x500000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 514.608777] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:23 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88caffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:23 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000300", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:23 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 514.792355] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 514.904608] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 514.976101] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000)={0x7, 0x2}, 0x2) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:24 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000000)) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:24 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:24 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x88020000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:24 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8100, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:24 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfd400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:24 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000025000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:24 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:24 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:24 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbc400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 515.464358] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:24 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x2800, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:24 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:24 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000)={0x7, 0x2}, 0x2) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgid(r1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) [ 515.556651] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:24 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8864, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:24 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x15, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:24 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00@\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:24 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb8400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 515.718595] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 515.818737] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 515.909068] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:25 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x17fc, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000000)={'raw\x00'}, &(0x7f0000000080)=0x54) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:25 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xfffff000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:25 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x8802}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:25 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:25 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x7, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:25 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000500", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:25 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf7400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:25 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffff5, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:25 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x81000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:25 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/rfkill\x00', 0x80802, 0x0) readv(r0, &(0x7f00000001c0)=[{&(0x7f0000000300)=""/236, 0xfffffffffffffea1}], 0x100001b6) readv(r0, &(0x7f0000000080), 0x10000000000000a7) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e21, @broadcast}}}, &(0x7f0000000180)=0x84) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000002c0)={r1, 0xffff, 0x30}, &(0x7f0000000400)=0xc) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000080)={0x0, 0xff, 0xf6, 0x539a, 0x1, 0x8, 0x7, 0x7, {0x0, @in={{0x2, 0x4e21, @multicast1}}, 0x4, 0x9, 0x9, 0x4, 0x5}}, &(0x7f0000000000)=0xb0) syz_open_dev$admmidi(&(0x7f0000000440)='/dev/admmidi#\x00', 0x9, 0x4000) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000140)={r2, 0x59bc}, 0x8) 02:39:25 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x600000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:25 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x19000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:25 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf408, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 516.444460] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:25 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x5800000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:25 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000000)) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:25 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 516.533660] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:25 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:25 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 516.825987] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 516.841986] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:26 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4e24}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:26 executing program 1 (fault-call:7 fault-nth:0): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:26 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:26 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000006ef00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:26 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf5ffffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:26 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:26 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000400", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 517.344637] FAULT_INJECTION: forcing a failure. [ 517.344637] name failslab, interval 1, probability 0, space 0, times 0 [ 517.356111] CPU: 1 PID: 27584 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 517.363147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.372525] Call Trace: [ 517.375144] dump_stack+0x1c9/0x2b4 [ 517.378812] ? dump_stack_print_info.cold.2+0x52/0x52 [ 517.384033] ? perf_trace_lock+0xde/0x920 [ 517.388224] should_fail.cold.4+0xa/0x11 02:39:26 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x4305000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 517.392326] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 517.397471] ? lock_downgrade+0x8f0/0x8f0 [ 517.401652] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 517.407224] ? proc_fail_nth_write+0x9e/0x210 [ 517.411754] ? find_held_lock+0x36/0x1c0 [ 517.415862] ? check_same_owner+0x340/0x340 [ 517.420216] ? rcu_note_context_switch+0x680/0x680 [ 517.425184] __should_failslab+0x124/0x180 [ 517.429458] should_failslab+0x9/0x14 [ 517.433278] __kmalloc_track_caller+0x2ae/0x720 [ 517.437977] ? strncpy_from_user+0x510/0x510 [ 517.442409] ? strndup_user+0x77/0xd0 [ 517.446249] memdup_user+0x2c/0xa0 [ 517.449816] strndup_user+0x77/0xd0 [ 517.453500] ksys_mount+0x3c/0x140 [ 517.457071] __x64_sys_mount+0xbe/0x150 [ 517.461075] do_syscall_64+0x1b9/0x820 [ 517.464983] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 517.470373] ? syscall_return_slowpath+0x5e0/0x5e0 [ 517.475323] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 517.480367] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 517.485399] ? recalc_sigpending_tsk+0x180/0x180 [ 517.490169] ? kasan_check_write+0x14/0x20 [ 517.494434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 517.499299] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.504587] RIP: 0033:0x457089 [ 517.507842] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.526755] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 517.534488] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:26 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:26 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88caffff, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 517.541765] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 517.549046] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 517.556326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 517.563613] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000000 [ 517.585053] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:26 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xc0ed0000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:26 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b3, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 517.700787] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x80, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000080)={0xe3cd51617c21c9ec, 0x0, &(0x7f0000ff9000/0x4000)=nil}) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r1, &(0x7f0000000080), 0x10000000000000a7) 02:39:26 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000025000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:26 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x543, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:26 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 517.864928] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 517.964800] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:27 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x244e}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:27 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1a, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:27 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbb40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:27 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x88a8ffff00000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000500)=[{&(0x7f0000000080)=""/234, 0xea}, {&(0x7f00000001c0)=""/37, 0x25}, {&(0x7f0000000300)=""/137, 0x89}, {&(0x7f0000000540)=""/230, 0xe6}], 0xf2) 02:39:27 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00@\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:27 executing program 1 (fault-call:7 fault-nth:1): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:27 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 518.293579] FAULT_INJECTION: forcing a failure. [ 518.293579] name failslab, interval 1, probability 0, space 0, times 0 [ 518.304938] CPU: 0 PID: 27668 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 518.311985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.321377] Call Trace: [ 518.324004] dump_stack+0x1c9/0x2b4 [ 518.327676] ? dump_stack_print_info.cold.2+0x52/0x52 [ 518.332910] ? perf_trace_lock+0x49d/0x920 [ 518.337213] should_fail.cold.4+0xa/0x11 [ 518.341330] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 518.346480] ? kasan_kmalloc+0xc4/0xe0 [ 518.350421] ? strndup_user+0x77/0xd0 [ 518.354280] ? graph_lock+0x170/0x170 [ 518.358113] ? proc_fail_nth_write+0x9e/0x210 [ 518.362653] ? find_held_lock+0x36/0x1c0 [ 518.366794] ? check_same_owner+0x340/0x340 [ 518.371149] ? lock_release+0x9f0/0x9f0 [ 518.375175] ? rcu_note_context_switch+0x680/0x680 [ 518.380158] ? __check_object_size+0xa3/0x5d7 [ 518.384705] __should_failslab+0x124/0x180 [ 518.388986] should_failslab+0x9/0x14 [ 518.392817] kmem_cache_alloc_trace+0x2b5/0x730 [ 518.397524] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 518.403091] ? _copy_from_user+0xdf/0x150 [ 518.407293] copy_mount_options+0x5f/0x380 [ 518.411570] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 518.417145] ksys_mount+0xd0/0x140 [ 518.420725] __x64_sys_mount+0xbe/0x150 [ 518.424746] do_syscall_64+0x1b9/0x820 [ 518.428678] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 518.434085] ? syscall_return_slowpath+0x5e0/0x5e0 [ 518.439056] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 518.444468] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 518.449521] ? recalc_sigpending_tsk+0x180/0x180 [ 518.454318] ? kasan_check_write+0x14/0x20 [ 518.458607] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 518.463504] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 518.468725] RIP: 0033:0x457089 [ 518.471947] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x7, 0xfffffffffffffe0c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x12fc, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10000000000000a7) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x4e22, @rand_addr=0x7}, {0x7, @remote}, 0x44, {0x2, 0x4e21, @broadcast}, 'bcsf0\x00'}) 02:39:27 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb2400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:27 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000008800", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:27 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8848, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 518.490880] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 518.498633] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 518.505937] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 518.513253] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 518.520559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 518.527869] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000001 02:39:27 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1500000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 518.542912] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:27 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x58, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:27 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xba400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 518.635297] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:27 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000001dd5c00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:28 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4000000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:28 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000500", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1900000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:28 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x2800000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:28 executing program 1 (fault-call:7 fault-nth:2): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:28 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x900, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:28 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 519.236563] FAULT_INJECTION: forcing a failure. [ 519.236563] name failslab, interval 1, probability 0, space 0, times 0 [ 519.247900] CPU: 1 PID: 27747 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 519.254928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.258622] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 519.264396] Call Trace: [ 519.264427] dump_stack+0x1c9/0x2b4 [ 519.264453] ? dump_stack_print_info.cold.2+0x52/0x52 02:39:28 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x806000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 519.264479] ? perf_trace_lock+0xde/0x920 [ 519.264504] should_fail.cold.4+0xa/0x11 [ 519.291945] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 519.297078] ? lock_downgrade+0x8f0/0x8f0 [ 519.301261] ? rcu_is_watching+0x8c/0x150 [ 519.305433] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 519.310119] ? find_held_lock+0x36/0x1c0 [ 519.314236] ? check_same_owner+0x340/0x340 [ 519.318579] ? rcu_note_context_switch+0x680/0x680 [ 519.323529] ? save_stack+0xa9/0xd0 [ 519.327185] __should_failslab+0x124/0x180 [ 519.331452] should_failslab+0x9/0x14 [ 519.335265] kmem_cache_alloc+0x29c/0x710 [ 519.339445] getname_flags+0xd0/0x5a0 [ 519.343272] user_path_at_empty+0x2d/0x50 [ 519.347437] do_mount+0x17a/0x30e0 [ 519.350991] ? kmem_cache_alloc_trace+0x275/0x730 [ 519.355865] ? copy_mount_string+0x40/0x40 [ 519.360118] ? rcu_pm_notify+0xc0/0xc0 [ 519.364033] ? copy_mount_options+0x5f/0x380 [ 519.368463] ? rcu_read_lock_sched_held+0x108/0x120 [ 519.373503] ? kmem_cache_alloc_trace+0x324/0x730 [ 519.377935] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:28 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x90, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0xffffffff8e338f14, @mcast1, 0x7ff}, @in={0x2, 0x4e21, @remote}, @in6={0xa, 0x7, 0x65, @ipv4={[], [], @loopback}, 0x2}, @in6={0xa, 0x4e24, 0x6, @mcast2, 0x21}, @in={0x2, 0x4e24}, @in6={0xa, 0x4e24, 0x3, @mcast2, 0x5}]}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=r1, 0x4) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0)={0xffffffffffffffff}, 0x7aedb5388721b5bd, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {r2, 0x3f, 0x0, 0x0, 0x0, @in={0x2, 0x4e22, @multicast2}, @in6={0xa, 0x4e24, 0x10000, @ipv4={[], [], @remote}, 0x7ff}}}, 0x118) readv(r0, &(0x7f0000000080), 0x10000000000000a7) 02:39:28 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 519.378376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.378394] ? copy_mount_options+0x285/0x380 [ 519.378415] ksys_mount+0x12d/0x140 [ 519.399887] __x64_sys_mount+0xbe/0x150 [ 519.403881] do_syscall_64+0x1b9/0x820 [ 519.407781] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 519.413168] ? syscall_return_slowpath+0x5e0/0x5e0 [ 519.418136] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 519.423176] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 519.428235] ? recalc_sigpending_tsk+0x180/0x180 [ 519.433021] ? kasan_check_write+0x14/0x20 [ 519.437285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 519.442159] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.447379] RIP: 0033:0x457089 [ 519.450683] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.469612] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 519.477351] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:28 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000005cdd0100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 519.484639] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 519.491919] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 519.499212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 519.506491] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000002 [ 519.520666] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:28 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x8035000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1600000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:28 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00 \x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:28 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x2100, 0x0) readv(r1, &(0x7f0000000080), 0x0) readv(r0, &(0x7f0000000080), 0x10000000000000a7) userfaultfd(0x800) 02:39:28 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb840010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 519.803167] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 519.890642] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:29 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:29 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:29 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xffc99a3b00000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:29 executing program 1 (fault-call:7 fault-nth:3): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:29 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x1000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:29 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140ba, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:29 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/qat_adf_ctl\x00', 0x400000000080, 0x0) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000300)={0x1, 0x7, [@remote, @remote, @link_local, @remote, @broadcast, @empty, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}]}) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000340)='/dev/rfkill\x00', 0x0, 0x0) r2 = request_key(&(0x7f0000000000)='trusted\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000000c0)='/dev/rfkill\x00', 0xfffffffffffffff8) ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x6) r3 = add_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$negate(0xd, r2, 0xffffffffffff6b59, r3) socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000400)) readv(0xffffffffffffffff, &(0x7f00000004c0), 0x0) readv(r1, &(0x7f0000000080), 0x10000000000000a7) 02:39:29 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000009000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 520.269446] FAULT_INJECTION: forcing a failure. [ 520.269446] name failslab, interval 1, probability 0, space 0, times 0 [ 520.272809] QAT: Invalid ioctl [ 520.280768] CPU: 1 PID: 27820 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 520.280782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.280789] Call Trace: [ 520.280817] dump_stack+0x1c9/0x2b4 [ 520.280843] ? dump_stack_print_info.cold.2+0x52/0x52 [ 520.280869] ? perf_trace_lock+0xde/0x920 [ 520.280897] should_fail.cold.4+0xa/0x11 [ 520.319800] QAT: Invalid ioctl [ 520.320333] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 520.320365] ? lock_downgrade+0x8f0/0x8f0 [ 520.320400] ? rcu_is_watching+0x8c/0x150 [ 520.336981] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 520.341678] ? find_held_lock+0x36/0x1c0 [ 520.345799] ? check_same_owner+0x340/0x340 [ 520.350145] ? rcu_note_context_switch+0x680/0x680 [ 520.355096] ? save_stack+0xa9/0xd0 [ 520.358762] __should_failslab+0x124/0x180 [ 520.360412] QAT: Invalid ioctl [ 520.363015] should_failslab+0x9/0x14 [ 520.363032] kmem_cache_alloc+0x29c/0x710 [ 520.363050] ? find_held_lock+0x36/0x1c0 [ 520.363075] getname_flags+0xd0/0x5a0 [ 520.363096] user_path_at_empty+0x2d/0x50 [ 520.385465] QAT: Invalid ioctl [ 520.386251] do_mount+0x17a/0x30e0 [ 520.386269] ? kmem_cache_alloc_trace+0x275/0x730 [ 520.386292] ? copy_mount_string+0x40/0x40 [ 520.386309] ? rcu_pm_notify+0xc0/0xc0 [ 520.386336] ? copy_mount_options+0x5f/0x380 [ 520.386356] ? rcu_read_lock_sched_held+0x108/0x120 [ 520.386376] ? kmem_cache_alloc_trace+0x324/0x730 02:39:29 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:29 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x3000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:29 executing program 0 (fault-call:7 fault-nth:0): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 520.420334] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 520.425902] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 520.431459] ? copy_mount_options+0x285/0x380 [ 520.435985] ksys_mount+0x12d/0x140 [ 520.439642] __x64_sys_mount+0xbe/0x150 [ 520.443648] do_syscall_64+0x1b9/0x820 [ 520.447561] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 520.452952] ? syscall_return_slowpath+0x5e0/0x5e0 [ 520.457911] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 520.462951] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 520.467983] ? recalc_sigpending_tsk+0x180/0x180 [ 520.472763] ? kasan_check_write+0x14/0x20 [ 520.477030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 520.481927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.487141] RIP: 0033:0x457089 [ 520.490355] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.509280] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 520.517021] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 520.524318] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 520.531617] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 520.538924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 520.546314] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000003 [ 520.557298] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 520.561245] FAULT_INJECTION: forcing a failure. [ 520.561245] name failslab, interval 1, probability 0, space 0, times 0 [ 520.576627] CPU: 0 PID: 27844 Comm: syz-executor0 Not tainted 4.18.0+ #206 [ 520.583676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.593537] Call Trace: [ 520.596168] dump_stack+0x1c9/0x2b4 [ 520.599858] ? dump_stack_print_info.cold.2+0x52/0x52 [ 520.605093] ? perf_trace_lock+0x49d/0x920 [ 520.609375] should_fail.cold.4+0xa/0x11 [ 520.613486] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 520.618651] ? lock_downgrade+0x8f0/0x8f0 [ 520.622843] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 520.627826] 9pnet: Insufficient options for proto=fd [ 520.628419] ? proc_fail_nth_write+0x9e/0x210 [ 520.628460] ? find_held_lock+0x36/0x1c0 [ 520.642206] ? check_same_owner+0x340/0x340 [ 520.646572] ? rcu_note_context_switch+0x680/0x680 [ 520.651551] __should_failslab+0x124/0x180 [ 520.655823] should_failslab+0x9/0x14 [ 520.659652] __kmalloc_track_caller+0x2ae/0x720 [ 520.664364] ? strncpy_from_user+0x510/0x510 02:39:29 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf840010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:29 executing program 1 (fault-call:7 fault-nth:4): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 520.668809] ? strndup_user+0x77/0xd0 [ 520.672647] memdup_user+0x2c/0xa0 [ 520.676250] strndup_user+0x77/0xd0 [ 520.679925] ksys_mount+0x3c/0x140 [ 520.683507] __x64_sys_mount+0xbe/0x150 [ 520.687523] do_syscall_64+0x1b9/0x820 [ 520.691450] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 520.696860] ? syscall_return_slowpath+0x5e0/0x5e0 [ 520.701837] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 520.706900] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 520.711961] ? recalc_sigpending_tsk+0x180/0x180 [ 520.716755] ? kasan_check_write+0x14/0x20 02:39:29 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000300", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:29 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x89060000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 520.721032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 520.725924] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.731139] RIP: 0033:0x457089 [ 520.734357] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.753288] RSP: 002b:00007f1ac9dcac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 520.761035] RAX: ffffffffffffffda RBX: 00007f1ac9dcb6d4 RCX: 0000000000457089 [ 520.768331] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 520.775625] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 520.782918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 520.790230] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000000 [ 520.831313] FAULT_INJECTION: forcing a failure. [ 520.831313] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 520.843170] CPU: 1 PID: 27862 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 520.850218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.859598] Call Trace: [ 520.862223] dump_stack+0x1c9/0x2b4 [ 520.865877] ? dump_stack_print_info.cold.2+0x52/0x52 [ 520.871101] should_fail.cold.4+0xa/0x11 [ 520.875203] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 520.880339] ? perf_trace_lock+0xde/0x920 [ 520.884526] ? mark_held_locks+0x160/0x160 [ 520.888806] ? perf_trace_lock+0x920/0x920 [ 520.893073] ? graph_lock+0x170/0x170 [ 520.896902] ? zap_class+0x740/0x740 [ 520.900632] ? print_usage_bug+0xc0/0xc0 [ 520.904730] ? perf_trace_lock+0xde/0x920 [ 520.908911] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 520.913769] ? find_held_lock+0x36/0x1c0 [ 520.917855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 520.923416] ? should_fail+0x246/0xd86 [ 520.927324] ? zap_class+0x740/0x740 [ 520.931065] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 520.936204] __alloc_pages_nodemask+0x365/0xd10 [ 520.940908] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 520.945945] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 520.950639] ? find_held_lock+0x36/0x1c0 [ 520.954764] ? trace_hardirqs_off+0xb8/0x2b0 [ 520.959383] cache_grow_begin+0x91/0x710 [ 520.963483] kmem_cache_alloc+0x63a/0x710 [ 520.967656] ? find_held_lock+0x36/0x1c0 [ 520.971767] getname_flags+0xd0/0x5a0 [ 520.975600] user_path_at_empty+0x2d/0x50 [ 520.979770] do_mount+0x17a/0x30e0 [ 520.983327] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 520.988803] ? copy_mount_string+0x40/0x40 [ 520.993067] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 520.997862] ? retint_kernel+0x10/0x10 [ 521.001786] ? copy_mount_options+0x1d9/0x380 [ 521.006303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.011860] ? copy_mount_options+0x285/0x380 [ 521.016375] ksys_mount+0x12d/0x140 [ 521.020017] __x64_sys_mount+0xbe/0x150 [ 521.024011] do_syscall_64+0x1b9/0x820 [ 521.027915] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 521.033301] ? syscall_return_slowpath+0x5e0/0x5e0 [ 521.038248] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 521.043284] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 521.048323] ? recalc_sigpending_tsk+0x180/0x180 [ 521.053099] ? kasan_check_write+0x14/0x20 [ 521.057362] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 521.062241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.067446] RIP: 0033:0x457089 [ 521.070649] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.089563] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 521.097298] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 521.104589] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 521.111878] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 521.119166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 02:39:30 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x4305, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:30 executing program 0 (fault-call:7 fault-nth:1): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 521.126466] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000004 [ 521.234531] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 521.258817] FAULT_INJECTION: forcing a failure. [ 521.258817] name failslab, interval 1, probability 0, space 0, times 0 [ 521.270212] CPU: 0 PID: 27881 Comm: syz-executor0 Not tainted 4.18.0+ #206 [ 521.277267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.286652] Call Trace: [ 521.289278] dump_stack+0x1c9/0x2b4 [ 521.292959] ? dump_stack_print_info.cold.2+0x52/0x52 [ 521.298207] ? perf_trace_lock+0x49d/0x920 [ 521.302514] should_fail.cold.4+0xa/0x11 [ 521.306631] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 521.311788] ? kasan_kmalloc+0xc4/0xe0 [ 521.315718] ? strndup_user+0x77/0xd0 [ 521.319567] ? graph_lock+0x170/0x170 [ 521.323402] ? proc_fail_nth_write+0x9e/0x210 [ 521.327946] ? find_held_lock+0x36/0x1c0 [ 521.332097] ? check_same_owner+0x340/0x340 [ 521.336442] ? lock_release+0x9f0/0x9f0 [ 521.340449] ? rcu_note_context_switch+0x680/0x680 [ 521.345401] ? __check_object_size+0xa3/0x5d7 [ 521.349937] __should_failslab+0x124/0x180 [ 521.354213] should_failslab+0x9/0x14 [ 521.358046] kmem_cache_alloc_trace+0x2b5/0x730 [ 521.362755] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 521.368319] ? _copy_from_user+0xdf/0x150 [ 521.372512] copy_mount_options+0x5f/0x380 [ 521.376775] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 521.382346] ksys_mount+0xd0/0x140 [ 521.385923] __x64_sys_mount+0xbe/0x150 [ 521.389933] do_syscall_64+0x1b9/0x820 [ 521.393845] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 521.399253] ? syscall_return_slowpath+0x5e0/0x5e0 [ 521.404225] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 521.409274] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 521.414309] ? recalc_sigpending_tsk+0x180/0x180 [ 521.419092] ? kasan_check_write+0x14/0x20 [ 521.423365] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 521.428268] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.433477] RIP: 0033:0x457089 [ 521.436686] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.455605] RSP: 002b:00007f1ac9dcac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 521.463342] RAX: ffffffffffffffda RBX: 00007f1ac9dcb6d4 RCX: 0000000000457089 [ 521.470639] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 521.477931] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 02:39:30 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000200", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 521.485228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 521.492511] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000001 [ 521.536214] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:30 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xffc99a3b}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:30 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:30 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140f9, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:30 executing program 1 (fault-call:7 fault-nth:5): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:30 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x100000000000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:30 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000490c0200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:30 executing program 0 (fault-call:7 fault-nth:2): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:30 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 521.696855] FAULT_INJECTION: forcing a failure. [ 521.696855] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 521.708849] CPU: 0 PID: 27903 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 521.709587] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 521.715894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.715906] Call Trace: [ 521.715938] dump_stack+0x1c9/0x2b4 [ 521.715972] ? dump_stack_print_info.cold.2+0x52/0x52 [ 521.716003] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 521.749447] should_fail.cold.4+0xa/0x11 [ 521.753546] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 521.758676] ? pcpu_alloc+0x190/0x1280 [ 521.762594] ? graph_lock+0x170/0x170 [ 521.766456] ? find_held_lock+0x36/0x1c0 [ 521.770599] ? check_same_owner+0x340/0x340 [ 521.774968] ? rcu_note_context_switch+0x680/0x680 [ 521.779957] __alloc_pages_nodemask+0x365/0xd10 [ 521.784681] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 521.789736] ? kasan_check_read+0x11/0x20 [ 521.793907] ? graph_lock+0x170/0x170 [ 521.797767] ? find_held_lock+0x36/0x1c0 [ 521.801872] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 521.807445] alloc_pages_current+0x10c/0x210 [ 521.811889] get_zeroed_page+0x14/0x50 [ 521.815797] mount_fs+0x210/0x328 [ 521.819267] ? mpi_free.cold.1+0x19/0x19 [ 521.823361] vfs_kern_mount.part.33+0xdc/0x4e0 [ 521.827972] ? may_umount+0xb0/0xb0 [ 521.831624] ? _raw_read_unlock+0x22/0x30 [ 521.835790] ? __get_fs_type+0x97/0xc0 [ 521.839708] do_mount+0x581/0x30e0 [ 521.843263] ? kmem_cache_alloc_trace+0x275/0x730 [ 521.848138] ? copy_mount_string+0x40/0x40 [ 521.852415] ? copy_mount_options+0x5f/0x380 [ 521.856846] ? rcu_read_lock_sched_held+0x108/0x120 [ 521.861886] ? kmem_cache_alloc_trace+0x324/0x730 [ 521.866773] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 521.872347] ? _copy_from_user+0xdf/0x150 [ 521.876529] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.882091] ? copy_mount_options+0x285/0x380 [ 521.886621] ksys_mount+0x12d/0x140 [ 521.890282] __x64_sys_mount+0xbe/0x150 [ 521.894297] do_syscall_64+0x1b9/0x820 [ 521.898228] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 521.903622] ? syscall_return_slowpath+0x5e0/0x5e0 [ 521.908578] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 521.913628] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 521.918662] ? recalc_sigpending_tsk+0x180/0x180 [ 521.923470] ? kasan_check_write+0x14/0x20 [ 521.927747] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 521.932647] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.937865] RIP: 0033:0x457089 [ 521.941078] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.960008] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 521.967759] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 521.975063] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 521.982364] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 521.989654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 02:39:30 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf5ffffff, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 521.996948] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000005 [ 522.012135] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 522.029017] FAULT_INJECTION: forcing a failure. [ 522.029017] name failslab, interval 1, probability 0, space 0, times 0 [ 522.040382] CPU: 1 PID: 27913 Comm: syz-executor0 Not tainted 4.18.0+ #206 [ 522.047411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.056785] Call Trace: [ 522.059400] dump_stack+0x1c9/0x2b4 [ 522.063056] ? dump_stack_print_info.cold.2+0x52/0x52 [ 522.068292] should_fail.cold.4+0xa/0x11 [ 522.072388] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 522.077512] ? __switch_to_asm+0x40/0x70 [ 522.081587] ? __switch_to_asm+0x34/0x70 [ 522.085664] ? __switch_to_asm+0x40/0x70 [ 522.089765] ? __switch_to_asm+0x34/0x70 [ 522.093844] ? __switch_to_asm+0x40/0x70 [ 522.097927] ? __switch_to_asm+0x34/0x70 [ 522.102018] ? __switch_to_asm+0x34/0x70 [ 522.106107] ? __switch_to_asm+0x40/0x70 [ 522.110205] ? __switch_to_asm+0x40/0x70 [ 522.114292] ? __switch_to_asm+0x34/0x70 [ 522.118376] ? __switch_to_asm+0x40/0x70 [ 522.122464] ? __schedule+0x884/0x1df0 [ 522.126383] ? __sched_text_start+0x8/0x8 [ 522.130556] ? find_held_lock+0x36/0x1c0 [ 522.134667] ? check_same_owner+0x340/0x340 [ 522.139019] ? save_stack+0xa9/0xd0 [ 522.142674] __should_failslab+0x124/0x180 [ 522.146938] should_failslab+0x9/0x14 [ 522.150767] kmem_cache_alloc+0x29c/0x710 [ 522.154952] getname_flags+0xd0/0x5a0 [ 522.158775] user_path_at_empty+0x2d/0x50 [ 522.162943] do_mount+0x17a/0x30e0 [ 522.166504] ? kmem_cache_alloc_trace+0x275/0x730 [ 522.171389] ? copy_mount_string+0x40/0x40 [ 522.175650] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 522.180437] ? retint_kernel+0x10/0x10 [ 522.184356] ? copy_mount_options+0x1a1/0x380 [ 522.188877] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 522.191617] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 522.193756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.193776] ? copy_mount_options+0x285/0x380 [ 522.193800] ksys_mount+0x12d/0x140 [ 522.193821] __x64_sys_mount+0xbe/0x150 [ 522.193849] do_syscall_64+0x1b9/0x820 [ 522.223180] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 522.228580] ? syscall_return_slowpath+0x5e0/0x5e0 [ 522.233528] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 522.238557] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 522.243586] ? recalc_sigpending_tsk+0x180/0x180 [ 522.248367] ? kasan_check_write+0x14/0x20 [ 522.252691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 522.257575] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 522.262792] RIP: 0033:0x457089 [ 522.266004] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 522.284925] RSP: 002b:00007f1ac9dcac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:39:30 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf9400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:31 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x58000000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:31 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0xf0ffff, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:31 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x80350000, 0x6, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:31 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x5, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:31 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff7f00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 522.292653] RAX: ffffffffffffffda RBX: 00007f1ac9dcb6d4 RCX: 0000000000457089 [ 522.299942] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 522.307232] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 522.314518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 522.321810] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000002 02:39:31 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x9000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:31 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:31 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0xb, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:31 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xcc20000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:31 executing program 1 (fault-call:7 fault-nth:6): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:31 executing program 0 (fault-call:7 fault-nth:3): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:31 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x200000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:31 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:31 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfa400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 522.953972] FAULT_INJECTION: forcing a failure. [ 522.953972] name failslab, interval 1, probability 0, space 0, times 0 [ 522.965329] CPU: 1 PID: 27982 Comm: syz-executor0 Not tainted 4.18.0+ #206 [ 522.965866] FAULT_INJECTION: forcing a failure. [ 522.965866] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 522.972361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 522.972369] Call Trace: [ 522.972397] dump_stack+0x1c9/0x2b4 [ 522.972423] ? dump_stack_print_info.cold.2+0x52/0x52 [ 522.972451] ? perf_trace_lock+0xde/0x920 [ 522.972480] should_fail.cold.4+0xa/0x11 [ 522.972513] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 523.018341] ? lock_downgrade+0x8f0/0x8f0 [ 523.022511] ? rcu_is_watching+0x8c/0x150 [ 523.026671] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 523.031356] ? find_held_lock+0x36/0x1c0 [ 523.035467] ? check_same_owner+0x340/0x340 [ 523.039820] ? rcu_note_context_switch+0x680/0x680 [ 523.044767] ? save_stack+0xa9/0xd0 [ 523.048415] __should_failslab+0x124/0x180 [ 523.052670] should_failslab+0x9/0x14 [ 523.056493] kmem_cache_alloc+0x29c/0x710 [ 523.060663] ? find_held_lock+0x36/0x1c0 [ 523.064768] getname_flags+0xd0/0x5a0 [ 523.068593] user_path_at_empty+0x2d/0x50 [ 523.072770] do_mount+0x17a/0x30e0 [ 523.076324] ? kmem_cache_alloc_trace+0x275/0x730 [ 523.081206] ? copy_mount_string+0x40/0x40 [ 523.085464] ? rcu_pm_notify+0xc0/0xc0 [ 523.089376] ? copy_mount_options+0x5f/0x380 [ 523.093799] ? rcu_read_lock_sched_held+0x108/0x120 [ 523.098829] ? kmem_cache_alloc_trace+0x324/0x730 [ 523.103690] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 523.109262] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 523.114816] ? copy_mount_options+0x285/0x380 [ 523.119327] ksys_mount+0x12d/0x140 [ 523.122968] __x64_sys_mount+0xbe/0x150 [ 523.126961] do_syscall_64+0x1b9/0x820 [ 523.130865] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 523.136239] ? syscall_return_slowpath+0x5e0/0x5e0 [ 523.141179] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 523.146227] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 523.151252] ? recalc_sigpending_tsk+0x180/0x180 [ 523.156018] ? kasan_check_write+0x14/0x20 [ 523.160283] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.165154] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.170397] RIP: 0033:0x457089 [ 523.173606] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 523.192525] RSP: 002b:00007f1ac9dcac78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 523.200256] RAX: ffffffffffffffda RBX: 00007f1ac9dcb6d4 RCX: 0000000000457089 [ 523.207625] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 523.214947] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 523.222235] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 523.229521] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000003 [ 523.236831] CPU: 0 PID: 27979 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 523.238954] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 523.243877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.243886] Call Trace: [ 523.243912] dump_stack+0x1c9/0x2b4 [ 523.243939] ? dump_stack_print_info.cold.2+0x52/0x52 [ 523.272632] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 523.277516] should_fail.cold.4+0xa/0x11 [ 523.281615] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 523.286757] ? pcpu_alloc+0x190/0x1280 [ 523.290675] ? graph_lock+0x170/0x170 [ 523.294540] ? find_held_lock+0x36/0x1c0 [ 523.298663] ? check_same_owner+0x340/0x340 02:39:32 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:32 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x57, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 523.303020] ? rcu_note_context_switch+0x680/0x680 [ 523.308009] __alloc_pages_nodemask+0x365/0xd10 [ 523.312728] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 523.317785] ? kasan_check_read+0x11/0x20 [ 523.321959] ? graph_lock+0x170/0x170 [ 523.325806] ? find_held_lock+0x36/0x1c0 [ 523.329905] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 523.335474] alloc_pages_current+0x10c/0x210 [ 523.339923] get_zeroed_page+0x14/0x50 [ 523.343836] mount_fs+0x210/0x328 [ 523.347320] ? mpi_free.cold.1+0x19/0x19 [ 523.351412] vfs_kern_mount.part.33+0xdc/0x4e0 [ 523.356024] ? may_umount+0xb0/0xb0 [ 523.359676] ? _raw_read_unlock+0x22/0x30 [ 523.363849] ? __get_fs_type+0x97/0xc0 [ 523.367772] do_mount+0x581/0x30e0 [ 523.371331] ? kmem_cache_alloc_trace+0x275/0x730 [ 523.376213] ? copy_mount_string+0x40/0x40 [ 523.380501] ? copy_mount_options+0x5f/0x380 [ 523.384933] ? rcu_read_lock_sched_held+0x108/0x120 [ 523.389971] ? kmem_cache_alloc_trace+0x324/0x730 [ 523.394844] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 523.400422] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 523.405983] ? copy_mount_options+0x285/0x380 [ 523.410513] ksys_mount+0x12d/0x140 [ 523.414167] __x64_sys_mount+0xbe/0x150 [ 523.418182] do_syscall_64+0x1b9/0x820 [ 523.422102] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 523.427508] ? syscall_return_slowpath+0x5e0/0x5e0 [ 523.432456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.437321] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 523.442362] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 523.447398] ? prepare_exit_to_usermode+0x291/0x3b0 [ 523.452446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.457335] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.462540] RIP: 0033:0x457089 [ 523.465752] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 523.484681] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 523.492423] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:32 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 523.499711] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 523.507005] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 523.514302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 523.521596] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000006 [ 523.545442] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:32 executing program 1 (fault-call:7 fault-nth:7): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 523.640745] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:32 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000006ef00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:32 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x2, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:32 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:32 executing program 0 (fault-call:7 fault-nth:4): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:32 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000009000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:32 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfdffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 523.780740] FAULT_INJECTION: forcing a failure. [ 523.780740] name failslab, interval 1, probability 0, space 0, times 0 [ 523.792153] CPU: 1 PID: 28016 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 523.799212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.808585] Call Trace: [ 523.811205] dump_stack+0x1c9/0x2b4 [ 523.814864] ? dump_stack_print_info.cold.2+0x52/0x52 [ 523.820092] ? perf_trace_lock+0xde/0x920 [ 523.824278] should_fail.cold.4+0xa/0x11 [ 523.828393] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 523.833531] ? save_stack+0x43/0xd0 [ 523.837301] ? kasan_kmalloc+0xc4/0xe0 [ 523.841230] ? __kmalloc_track_caller+0x14a/0x720 [ 523.846095] ? kstrdup+0x39/0x70 [ 523.849477] ? v9fs_session_init+0xdd/0x1a80 [ 523.853897] ? v9fs_mount+0x7c/0x900 [ 523.857628] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 523.862480] ? do_mount+0x581/0x30e0 [ 523.866216] ? __x64_sys_mount+0xbe/0x150 [ 523.870383] ? do_syscall_64+0x1b9/0x820 [ 523.874463] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.879872] ? find_held_lock+0x36/0x1c0 [ 523.883972] ? check_same_owner+0x340/0x340 [ 523.888312] ? trace_hardirqs_on+0xbd/0x2c0 [ 523.892821] ? rcu_note_context_switch+0x680/0x680 [ 523.897783] __should_failslab+0x124/0x180 [ 523.902061] should_failslab+0x9/0x14 [ 523.905887] __kmalloc_track_caller+0x2ae/0x720 [ 523.910583] ? save_stack+0xa9/0xd0 [ 523.914238] ? save_stack+0x43/0xd0 [ 523.917881] ? kasan_kmalloc+0xc4/0xe0 [ 523.921906] ? kmem_cache_alloc_trace+0x152/0x730 [ 523.926762] ? v9fs_session_init+0x115/0x1a80 [ 523.931281] kstrdup+0x39/0x70 [ 523.934489] v9fs_session_init+0x115/0x1a80 [ 523.938824] ? find_held_lock+0x36/0x1c0 [ 523.942917] ? v9fs_show_options+0x7e0/0x7e0 [ 523.947352] ? kmem_cache_alloc_trace+0x275/0x730 [ 523.952218] ? kasan_check_read+0x11/0x20 [ 523.956398] ? rcu_is_watching+0x8c/0x150 [ 523.960577] ? trace_hardirqs_on+0xbd/0x2c0 [ 523.964915] ? rcu_pm_notify+0xc0/0xc0 [ 523.968824] ? v9fs_mount+0x61/0x900 [ 523.972553] ? rcu_read_lock_sched_held+0x108/0x120 [ 523.977585] ? kmem_cache_alloc_trace+0x324/0x730 [ 523.982452] v9fs_mount+0x7c/0x900 [ 523.986011] ? alloc_pages_current+0x114/0x210 [ 523.990618] mount_fs+0xae/0x328 [ 523.994013] vfs_kern_mount.part.33+0xdc/0x4e0 [ 523.998631] ? may_umount+0xb0/0xb0 [ 524.002275] ? _raw_read_unlock+0x22/0x30 [ 524.006442] ? __get_fs_type+0x97/0xc0 [ 524.010355] do_mount+0x581/0x30e0 [ 524.013913] ? kmem_cache_alloc_trace+0x275/0x730 [ 524.018803] ? copy_mount_string+0x40/0x40 [ 524.023084] ? copy_mount_options+0x5f/0x380 [ 524.027511] ? rcu_read_lock_sched_held+0x108/0x120 [ 524.032536] ? kmem_cache_alloc_trace+0x324/0x730 [ 524.037397] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 524.042951] ? _copy_from_user+0xdf/0x150 [ 524.047124] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.052671] ? copy_mount_options+0x285/0x380 [ 524.057183] ksys_mount+0x12d/0x140 [ 524.060838] __x64_sys_mount+0xbe/0x150 [ 524.064831] do_syscall_64+0x1b9/0x820 [ 524.068733] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 524.074115] ? syscall_return_slowpath+0x5e0/0x5e0 [ 524.079175] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 524.084350] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 524.089388] ? recalc_sigpending_tsk+0x180/0x180 [ 524.094163] ? kasan_check_write+0x14/0x20 [ 524.098430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 524.103322] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.108531] RIP: 0033:0x457089 [ 524.111746] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 524.130669] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 524.138411] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 524.145702] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 524.152994] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 524.160284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 524.167565] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000007 [ 524.395749] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:33 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x100000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:33 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x5, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x3, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:33 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfeffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:33 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x500000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x4, "06f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 524.567158] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:33 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8f4, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000007fffffe00", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:33 executing program 1 (fault-call:7 fault-nth:8): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:33 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:33 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "57f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:33 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffff87000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 524.843458] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:33 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000000ffffffff00", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 525.040266] FAULT_INJECTION: forcing a failure. [ 525.040266] name failslab, interval 1, probability 0, space 0, times 0 [ 525.051598] CPU: 1 PID: 28115 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 525.058626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.068000] Call Trace: [ 525.070612] dump_stack+0x1c9/0x2b4 [ 525.074261] ? dump_stack_print_info.cold.2+0x52/0x52 [ 525.079474] ? perf_trace_lock+0xde/0x920 [ 525.083651] should_fail.cold.4+0xa/0x11 [ 525.087750] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 525.092877] ? find_held_lock+0x36/0x1c0 [ 525.096974] ? lock_downgrade+0x8f0/0x8f0 [ 525.101149] ? find_held_lock+0x36/0x1c0 [ 525.105281] ? check_same_owner+0x340/0x340 [ 525.109637] ? unwind_get_return_address+0x61/0xa0 [ 525.114594] ? rcu_note_context_switch+0x680/0x680 [ 525.119555] __should_failslab+0x124/0x180 [ 525.123815] should_failslab+0x9/0x14 [ 525.127633] __kmalloc_track_caller+0x2ae/0x720 [ 525.132329] ? save_stack+0xa9/0xd0 [ 525.135978] ? save_stack+0x43/0xd0 [ 525.139651] ? kasan_kmalloc+0xc4/0xe0 [ 525.143561] ? kmem_cache_alloc_trace+0x152/0x730 [ 525.148424] ? mount_fs+0xae/0x328 [ 525.151977] ? v9fs_session_init+0xdd/0x1a80 [ 525.156404] kstrdup+0x39/0x70 [ 525.159611] v9fs_session_init+0xdd/0x1a80 [ 525.163860] ? find_held_lock+0x36/0x1c0 [ 525.167956] ? v9fs_show_options+0x7e0/0x7e0 [ 525.172379] ? kmem_cache_alloc_trace+0x275/0x730 [ 525.177240] ? kasan_check_read+0x11/0x20 [ 525.181403] ? rcu_is_watching+0x8c/0x150 [ 525.185561] ? trace_hardirqs_on+0xbd/0x2c0 [ 525.189896] ? rcu_pm_notify+0xc0/0xc0 [ 525.193815] ? v9fs_mount+0x61/0x900 [ 525.197542] ? rcu_read_lock_sched_held+0x108/0x120 [ 525.202572] ? kmem_cache_alloc_trace+0x324/0x730 [ 525.207448] v9fs_mount+0x7c/0x900 [ 525.211001] ? alloc_pages_current+0x114/0x210 [ 525.215607] mount_fs+0xae/0x328 [ 525.219008] vfs_kern_mount.part.33+0xdc/0x4e0 [ 525.223622] ? may_umount+0xb0/0xb0 [ 525.227266] ? _raw_read_unlock+0x22/0x30 [ 525.231426] ? __get_fs_type+0x97/0xc0 [ 525.235331] do_mount+0x581/0x30e0 [ 525.238879] ? kmem_cache_alloc_trace+0x275/0x730 [ 525.243746] ? copy_mount_string+0x40/0x40 [ 525.247991] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 525.252768] ? retint_kernel+0x10/0x10 [ 525.256689] ? __sanitizer_cov_trace_const_cmp4+0x5/0x20 [ 525.262159] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.267722] ? copy_mount_options+0x285/0x380 [ 525.272239] ksys_mount+0x12d/0x140 [ 525.275905] __x64_sys_mount+0xbe/0x150 [ 525.279896] do_syscall_64+0x1b9/0x820 [ 525.283795] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 525.289174] ? syscall_return_slowpath+0x5e0/0x5e0 [ 525.294133] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 525.299225] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 525.304266] ? recalc_sigpending_tsk+0x180/0x180 [ 525.309039] ? kasan_check_write+0x14/0x20 [ 525.313301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 525.318167] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 525.323370] RIP: 0033:0x457089 [ 525.326574] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 525.345488] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 525.353222] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 525.360499] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 525.367789] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 525.375064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 525.382344] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000008 [ 525.421745] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:34 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x3b9ac9ff}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:34 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:34 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "02f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:34 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:34 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:34 executing program 1 (fault-call:7 fault-nth:9): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 525.465823] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 525.535914] FAULT_INJECTION: forcing a failure. [ 525.535914] name failslab, interval 1, probability 0, space 0, times 0 [ 525.547322] CPU: 1 PID: 28142 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 525.554345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.563707] Call Trace: [ 525.566325] dump_stack+0x1c9/0x2b4 [ 525.569979] ? dump_stack_print_info.cold.2+0x52/0x52 [ 525.575206] ? perf_trace_lock+0xde/0x920 [ 525.579395] should_fail.cold.4+0xa/0x11 02:39:34 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "03f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:34 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000500", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 525.583481] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 525.588614] ? save_stack+0x43/0xd0 [ 525.592258] ? kasan_kmalloc+0xc4/0xe0 [ 525.596167] ? __kmalloc_track_caller+0x14a/0x720 [ 525.601042] ? kstrdup+0x39/0x70 [ 525.604434] ? v9fs_session_init+0xdd/0x1a80 [ 525.608860] ? v9fs_mount+0x7c/0x900 [ 525.612594] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 525.617369] ? do_mount+0x581/0x30e0 [ 525.621110] ? __x64_sys_mount+0xbe/0x150 [ 525.625290] ? do_syscall_64+0x1b9/0x820 [ 525.629379] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe 02:39:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x19000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 525.634778] ? find_held_lock+0x36/0x1c0 [ 525.638890] ? check_same_owner+0x340/0x340 [ 525.643241] ? trace_hardirqs_on+0xbd/0x2c0 [ 525.647616] ? rcu_note_context_switch+0x680/0x680 [ 525.652588] __should_failslab+0x124/0x180 [ 525.656855] should_failslab+0x9/0x14 [ 525.660675] __kmalloc_track_caller+0x2ae/0x720 [ 525.665372] ? save_stack+0xa9/0xd0 [ 525.669024] ? save_stack+0x43/0xd0 [ 525.672674] ? kasan_kmalloc+0xc4/0xe0 [ 525.676587] ? kmem_cache_alloc_trace+0x152/0x730 [ 525.681455] ? v9fs_session_init+0x115/0x1a80 [ 525.685990] kstrdup+0x39/0x70 [ 525.689224] v9fs_session_init+0x115/0x1a80 [ 525.693588] ? find_held_lock+0x36/0x1c0 [ 525.698062] ? v9fs_show_options+0x7e0/0x7e0 [ 525.702518] ? kmem_cache_alloc_trace+0x275/0x730 [ 525.707388] ? kasan_check_read+0x11/0x20 [ 525.711561] ? rcu_is_watching+0x8c/0x150 [ 525.715735] ? trace_hardirqs_on+0xbd/0x2c0 [ 525.720083] ? rcu_pm_notify+0xc0/0xc0 [ 525.724012] ? v9fs_mount+0x61/0x900 [ 525.727762] ? rcu_read_lock_sched_held+0x108/0x120 [ 525.732801] ? kmem_cache_alloc_trace+0x324/0x730 [ 525.737667] v9fs_mount+0x7c/0x900 [ 525.741233] ? alloc_pages_current+0x114/0x210 [ 525.745843] mount_fs+0xae/0x328 [ 525.749248] vfs_kern_mount.part.33+0xdc/0x4e0 [ 525.753847] ? may_umount+0xb0/0xb0 [ 525.757492] ? _raw_read_unlock+0x22/0x30 [ 525.761664] ? __get_fs_type+0x97/0xc0 [ 525.765582] do_mount+0x581/0x30e0 [ 525.766633] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 525.769144] ? kmem_cache_alloc_trace+0x275/0x730 [ 525.769169] ? copy_mount_string+0x40/0x40 [ 525.769210] ? copy_mount_options+0x5f/0x380 [ 525.769231] ? rcu_read_lock_sched_held+0x108/0x120 [ 525.769248] ? kmem_cache_alloc_trace+0x324/0x730 [ 525.769271] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 525.805965] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.811531] ? copy_mount_options+0x285/0x380 [ 525.816056] ksys_mount+0x12d/0x140 [ 525.819710] __x64_sys_mount+0xbe/0x150 [ 525.823723] do_syscall_64+0x1b9/0x820 [ 525.827644] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 525.833030] ? syscall_return_slowpath+0x5e0/0x5e0 [ 525.838015] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 525.843085] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 525.848128] ? recalc_sigpending_tsk+0x180/0x180 [ 525.852904] ? kasan_check_write+0x14/0x20 [ 525.857172] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 525.862058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 525.867276] RIP: 0033:0x457089 02:39:34 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbe400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x300000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 525.870482] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 525.889411] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 525.897144] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 525.904422] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 525.911699] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 525.918987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 525.926273] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000009 02:39:34 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:34 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:34 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "04f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 525.978305] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\a\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 526.082389] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 526.207814] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 526.246398] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:35 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xfeffffff00000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:35 executing program 1 (fault-call:7 fault-nth:10): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7ffffffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "05f526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:35 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:35 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x100000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\a\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 526.463346] FAULT_INJECTION: forcing a failure. [ 526.463346] name failslab, interval 1, probability 0, space 0, times 0 [ 526.474744] CPU: 0 PID: 28226 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 526.475175] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 526.481782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.481794] Call Trace: [ 526.481822] dump_stack+0x1c9/0x2b4 [ 526.481854] ? dump_stack_print_info.cold.2+0x52/0x52 [ 526.490407] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 526.499019] ? perf_trace_lock+0x49d/0x920 [ 526.499056] should_fail.cold.4+0xa/0x11 [ 526.499085] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 526.531721] ? lock_downgrade+0x8f0/0x8f0 [ 526.535924] ? find_held_lock+0x36/0x1c0 [ 526.540056] ? check_same_owner+0x340/0x340 [ 526.544407] ? __save_stack_trace+0x8d/0xf0 [ 526.548756] ? rcu_note_context_switch+0x680/0x680 [ 526.553729] __should_failslab+0x124/0x180 [ 526.557997] should_failslab+0x9/0x14 [ 526.561823] kmem_cache_alloc_trace+0x2b5/0x730 [ 526.566520] ? save_stack+0x43/0xd0 [ 526.570174] ? kasan_kmalloc+0xc4/0xe0 [ 526.574100] ? __kmalloc_track_caller+0x14a/0x720 [ 526.578969] ? kstrdup+0x39/0x70 [ 526.582363] ? v9fs_session_init+0x115/0x1a80 [ 526.586873] ? v9fs_mount+0x7c/0x900 [ 526.591103] ? mount_fs+0xae/0x328 [ 526.594675] p9_client_create+0x106/0x159b [ 526.598943] ? find_held_lock+0x36/0x1c0 [ 526.603035] ? p9_client_read+0xbf0/0xbf0 [ 526.607242] ? __kmalloc_track_caller+0x26e/0x720 [ 526.612115] ? __lockdep_init_map+0x105/0x590 [ 526.616642] ? lockdep_init_map+0x9/0x10 [ 526.620730] ? kasan_check_write+0x14/0x20 [ 526.624989] ? __init_rwsem+0x1cc/0x2a0 [ 526.628995] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 526.634051] ? rcu_read_lock_sched_held+0x108/0x120 [ 526.639096] ? __kmalloc_track_caller+0x590/0x720 [ 526.643964] ? save_stack+0xa9/0xd0 [ 526.647620] ? save_stack+0x43/0xd0 [ 526.651264] ? kasan_kmalloc+0xc4/0xe0 [ 526.655167] ? kmem_cache_alloc_trace+0x152/0x730 [ 526.660052] ? memcpy+0x45/0x50 [ 526.663366] v9fs_session_init+0x21a/0x1a80 [ 526.667712] ? find_held_lock+0x36/0x1c0 [ 526.671826] ? v9fs_show_options+0x7e0/0x7e0 [ 526.676264] ? kmem_cache_alloc_trace+0x275/0x730 [ 526.681136] ? kasan_check_read+0x11/0x20 [ 526.685303] ? rcu_is_watching+0x8c/0x150 [ 526.689465] ? trace_hardirqs_on+0xbd/0x2c0 [ 526.693812] ? rcu_pm_notify+0xc0/0xc0 [ 526.697739] ? v9fs_mount+0x61/0x900 [ 526.701477] ? rcu_read_lock_sched_held+0x108/0x120 [ 526.706518] ? kmem_cache_alloc_trace+0x324/0x730 [ 526.711411] v9fs_mount+0x7c/0x900 [ 526.714969] ? alloc_pages_current+0x114/0x210 [ 526.719574] ? retint_kernel+0x10/0x10 [ 526.723495] mount_fs+0xae/0x328 [ 526.726902] vfs_kern_mount.part.33+0xdc/0x4e0 [ 526.731518] ? may_umount+0xb0/0xb0 [ 526.735163] ? _raw_read_unlock+0x22/0x30 [ 526.739342] ? __get_fs_type+0x97/0xc0 [ 526.743267] do_mount+0x581/0x30e0 [ 526.746827] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 526.752322] ? copy_mount_string+0x40/0x40 [ 526.756589] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 526.761384] ? retint_kernel+0x10/0x10 [ 526.765312] ? copy_mount_options+0x213/0x380 [ 526.769827] ? copy_mount_options+0x1a1/0x380 [ 526.774347] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 526.779228] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.784791] ? copy_mount_options+0x285/0x380 [ 526.789321] ksys_mount+0x12d/0x140 [ 526.792977] __x64_sys_mount+0xbe/0x150 [ 526.796986] do_syscall_64+0x1b9/0x820 [ 526.800898] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 526.806288] ? syscall_return_slowpath+0x5e0/0x5e0 [ 526.811251] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 526.816297] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 526.821334] ? recalc_sigpending_tsk+0x180/0x180 [ 526.826114] ? kasan_check_write+0x14/0x20 [ 526.830388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 526.835273] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.840480] RIP: 0033:0x457089 [ 526.843695] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x441010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 526.862622] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 526.870374] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 526.878023] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 526.885321] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 526.892652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 526.899946] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000a 02:39:35 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "0bf526", 0x30, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:35 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:35 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x7ffff, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfeffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 527.075568] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 527.109379] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b6, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 1 (fault-call:7 fault-nth:11): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x8802000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:36 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x7, 0x3a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:36 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1900000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000020c4900", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:36 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfd40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 527.311399] FAULT_INJECTION: forcing a failure. [ 527.311399] name failslab, interval 1, probability 0, space 0, times 0 [ 527.322726] CPU: 1 PID: 28286 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 527.329750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.339115] Call Trace: [ 527.341741] dump_stack+0x1c9/0x2b4 [ 527.345391] ? dump_stack_print_info.cold.2+0x52/0x52 [ 527.350604] ? perf_trace_lock+0xde/0x920 [ 527.354787] should_fail.cold.4+0xa/0x11 [ 527.358869] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 527.363994] ? perf_trace_lock+0xde/0x920 [ 527.368177] ? zap_class+0x740/0x740 [ 527.372023] ? __radix_tree_replace+0x1fc/0x360 [ 527.376729] ? find_held_lock+0x36/0x1c0 [ 527.380835] ? check_same_owner+0x340/0x340 [ 527.385184] ? rcu_note_context_switch+0x680/0x680 [ 527.390146] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 527.395287] __should_failslab+0x124/0x180 [ 527.399535] should_failslab+0x9/0x14 [ 527.403348] __kmalloc_track_caller+0x2ae/0x720 [ 527.408039] ? idr_alloc_u32+0x3f0/0x3f0 [ 527.412118] ? do_raw_spin_lock+0xc1/0x200 [ 527.416372] ? p9_client_create+0x49b/0x159b [ 527.420797] kstrdup+0x39/0x70 [ 527.424023] p9_client_create+0x49b/0x159b [ 527.428308] ? find_held_lock+0x36/0x1c0 [ 527.432391] ? p9_client_read+0xbf0/0xbf0 [ 527.436563] ? __kmalloc_track_caller+0x26e/0x720 [ 527.441420] ? __lockdep_init_map+0x105/0x590 [ 527.445927] ? lockdep_init_map+0x9/0x10 [ 527.450012] ? kasan_check_write+0x14/0x20 [ 527.454264] ? __init_rwsem+0x1cc/0x2a0 [ 527.458255] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 527.463296] ? rcu_read_lock_sched_held+0x108/0x120 [ 527.468323] ? __kmalloc_track_caller+0x590/0x720 [ 527.473174] ? save_stack+0xa9/0xd0 [ 527.476827] ? save_stack+0x43/0xd0 [ 527.480466] ? kasan_kmalloc+0xc4/0xe0 [ 527.484361] ? kmem_cache_alloc_trace+0x152/0x730 [ 527.489307] ? memcpy+0x45/0x50 [ 527.492605] v9fs_session_init+0x21a/0x1a80 [ 527.496945] ? find_held_lock+0x36/0x1c0 [ 527.501037] ? v9fs_show_options+0x7e0/0x7e0 [ 527.505475] ? kmem_cache_alloc_trace+0x275/0x730 [ 527.510331] ? kasan_check_read+0x11/0x20 [ 527.514489] ? rcu_is_watching+0x8c/0x150 [ 527.518818] ? trace_hardirqs_on+0xbd/0x2c0 [ 527.523152] ? rcu_pm_notify+0xc0/0xc0 [ 527.527071] ? v9fs_mount+0x61/0x900 [ 527.530798] ? rcu_read_lock_sched_held+0x108/0x120 [ 527.535822] ? kmem_cache_alloc_trace+0x324/0x730 [ 527.540686] v9fs_mount+0x7c/0x900 [ 527.544294] ? alloc_pages_current+0x114/0x210 [ 527.548898] mount_fs+0xae/0x328 [ 527.552282] vfs_kern_mount.part.33+0xdc/0x4e0 [ 527.556880] ? may_umount+0xb0/0xb0 [ 527.560516] ? _raw_read_unlock+0x22/0x30 [ 527.564679] ? __get_fs_type+0x97/0xc0 [ 527.568593] do_mount+0x581/0x30e0 [ 527.572150] ? copy_mount_string+0x40/0x40 [ 527.576409] ? copy_mount_options+0x5f/0x380 [ 527.580828] ? rcu_read_lock_sched_held+0x108/0x120 [ 527.585876] ? kmem_cache_alloc_trace+0x324/0x730 [ 527.590748] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 527.596304] ? _copy_from_user+0xdf/0x150 [ 527.600466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.606024] ? copy_mount_options+0x285/0x380 [ 527.610544] ksys_mount+0x12d/0x140 [ 527.614184] __x64_sys_mount+0xbe/0x150 [ 527.618289] do_syscall_64+0x1b9/0x820 [ 527.622186] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 527.627572] ? syscall_return_slowpath+0x5e0/0x5e0 [ 527.632516] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 527.637543] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 527.642582] ? recalc_sigpending_tsk+0x180/0x180 [ 527.647350] ? kasan_check_write+0x14/0x20 [ 527.651603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 527.656469] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.661664] RIP: 0033:0x457089 [ 527.664869] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 527.683798] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 527.691525] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 527.699224] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 527.706505] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 527.713780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 527.721057] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000b 02:39:36 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x2b, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:36 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfeffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x41010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 527.814267] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbc40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:36 executing program 1 (fault-call:7 fault-nth:12): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x29, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 527.960237] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b1, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 528.089536] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 528.114165] FAULT_INJECTION: forcing a failure. [ 528.114165] name failslab, interval 1, probability 0, space 0, times 0 [ 528.125604] CPU: 0 PID: 28343 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 528.132652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.142025] Call Trace: [ 528.144645] dump_stack+0x1c9/0x2b4 [ 528.148312] ? dump_stack_print_info.cold.2+0x52/0x52 [ 528.153542] ? perf_trace_lock+0x49d/0x920 [ 528.157825] should_fail.cold.4+0xa/0x11 [ 528.161937] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 528.167086] ? save_stack+0xa9/0xd0 [ 528.170751] ? save_stack+0x43/0xd0 [ 528.174413] ? kasan_kmalloc+0xc4/0xe0 [ 528.178335] ? kmem_cache_alloc_trace+0x152/0x730 [ 528.183233] ? v9fs_session_init+0x21a/0x1a80 [ 528.187765] ? v9fs_mount+0x7c/0x900 [ 528.191509] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 528.196286] ? do_mount+0x581/0x30e0 [ 528.200025] ? ksys_mount+0x12d/0x140 [ 528.203858] ? __x64_sys_mount+0xbe/0x150 [ 528.208051] ? find_held_lock+0x36/0x1c0 [ 528.212203] ? check_same_owner+0x340/0x340 [ 528.216567] ? kasan_check_read+0x11/0x20 [ 528.220747] ? rcu_is_watching+0x8c/0x150 [ 528.224925] ? rcu_note_context_switch+0x680/0x680 [ 528.229870] ? rcu_pm_notify+0xc0/0xc0 [ 528.233804] __should_failslab+0x124/0x180 [ 528.238091] should_failslab+0x9/0x14 [ 528.241915] kmem_cache_alloc_trace+0x2b5/0x730 [ 528.246606] ? kmem_cache_alloc_trace+0x324/0x730 [ 528.251469] ? __lockdep_init_map+0x105/0x590 [ 528.255983] ? kasan_kmalloc+0xc4/0xe0 [ 528.259912] p9_idpool_create+0x42/0x190 [ 528.263998] p9_client_create+0x2e0/0x159b [ 528.268276] ? find_held_lock+0x36/0x1c0 [ 528.272370] ? p9_client_read+0xbf0/0xbf0 [ 528.276563] ? __kmalloc_track_caller+0x26e/0x720 [ 528.281427] ? __lockdep_init_map+0x105/0x590 [ 528.285950] ? lockdep_init_map+0x9/0x10 [ 528.290036] ? kasan_check_write+0x14/0x20 [ 528.294294] ? __init_rwsem+0x1cc/0x2a0 [ 528.298292] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 528.303334] ? rcu_read_lock_sched_held+0x108/0x120 [ 528.308367] ? __kmalloc_track_caller+0x590/0x720 [ 528.313241] ? save_stack+0xa9/0xd0 [ 528.316889] ? save_stack+0x43/0xd0 [ 528.320530] ? kasan_kmalloc+0xc4/0xe0 [ 528.324430] ? kmem_cache_alloc_trace+0x152/0x730 [ 528.329297] ? memcpy+0x45/0x50 [ 528.332615] v9fs_session_init+0x21a/0x1a80 [ 528.336957] ? find_held_lock+0x36/0x1c0 [ 528.341064] ? v9fs_show_options+0x7e0/0x7e0 [ 528.345497] ? kmem_cache_alloc_trace+0x275/0x730 [ 528.350375] ? kasan_check_read+0x11/0x20 [ 528.354538] ? rcu_is_watching+0x8c/0x150 [ 528.358701] ? trace_hardirqs_on+0xbd/0x2c0 [ 528.363039] ? rcu_pm_notify+0xc0/0xc0 [ 528.366967] ? v9fs_mount+0x61/0x900 [ 528.370702] ? rcu_read_lock_sched_held+0x108/0x120 [ 528.375736] ? kmem_cache_alloc_trace+0x324/0x730 [ 528.380597] ? lock_release+0x4dc/0x9f0 [ 528.384614] v9fs_mount+0x7c/0x900 [ 528.388178] ? alloc_pages_current+0x114/0x210 [ 528.392808] mount_fs+0xae/0x328 [ 528.396220] vfs_kern_mount.part.33+0xdc/0x4e0 [ 528.400831] ? may_umount+0xb0/0xb0 [ 528.404508] ? _raw_read_unlock+0x22/0x30 [ 528.408674] ? __get_fs_type+0x97/0xc0 [ 528.412601] do_mount+0x581/0x30e0 [ 528.416158] ? kmem_cache_alloc_trace+0x275/0x730 [ 528.421040] ? copy_mount_string+0x40/0x40 [ 528.425346] ? copy_mount_options+0x5f/0x380 [ 528.429777] ? rcu_read_lock_sched_held+0x108/0x120 [ 528.434815] ? kmem_cache_alloc_trace+0x324/0x730 [ 528.439687] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 528.445262] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.450819] ? copy_mount_options+0x285/0x380 [ 528.455351] ksys_mount+0x12d/0x140 [ 528.459003] __x64_sys_mount+0xbe/0x150 [ 528.463011] do_syscall_64+0x1b9/0x820 [ 528.466921] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 528.472308] ? syscall_return_slowpath+0x5e0/0x5e0 [ 528.477265] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 528.482306] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 528.487339] ? recalc_sigpending_tsk+0x180/0x180 [ 528.492114] ? kasan_check_write+0x14/0x20 [ 528.496378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 528.501269] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 528.506474] RIP: 0033:0x457089 [ 528.509688] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 528.528605] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 528.536336] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 528.543619] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 528.550901] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 528.558196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 528.565499] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000c [ 528.616106] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:37 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x400000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:37 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x800000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x33, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:37 executing program 1 (fault-call:7 fault-nth:13): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 528.731836] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1fffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 528.868135] FAULT_INJECTION: forcing a failure. [ 528.868135] name failslab, interval 1, probability 0, space 0, times 0 [ 528.879519] CPU: 0 PID: 28397 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 528.886555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.895928] Call Trace: [ 528.898554] dump_stack+0x1c9/0x2b4 [ 528.902242] ? dump_stack_print_info.cold.2+0x52/0x52 [ 528.907493] should_fail.cold.4+0xa/0x11 [ 528.911596] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 528.916737] ? __switch_to_asm+0x40/0x70 [ 528.920829] ? __switch_to_asm+0x34/0x70 [ 528.924919] ? __switch_to_asm+0x40/0x70 [ 528.929038] ? __switch_to_asm+0x34/0x70 [ 528.933150] ? __switch_to_asm+0x40/0x70 [ 528.937266] ? __switch_to_asm+0x34/0x70 [ 528.941359] ? __switch_to_asm+0x34/0x70 [ 528.945452] ? __switch_to_asm+0x40/0x70 [ 528.949547] ? __switch_to_asm+0x40/0x70 [ 528.953641] ? __switch_to_asm+0x34/0x70 [ 528.957735] ? __switch_to_asm+0x40/0x70 [ 528.961841] ? __schedule+0x884/0x1df0 02:39:37 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x4, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:37 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x14141, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:37 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 528.965785] ? __sched_text_start+0x8/0x8 [ 528.969963] ? find_held_lock+0x36/0x1c0 [ 528.974106] ? check_same_owner+0x340/0x340 [ 528.978468] ? unwind_get_return_address+0x61/0xa0 [ 528.983464] __should_failslab+0x124/0x180 [ 528.987733] should_failslab+0x9/0x14 [ 528.991558] __kmalloc_track_caller+0x2ae/0x720 [ 528.996265] ? save_stack+0xa9/0xd0 [ 528.999929] ? parse_opts+0x176/0x500 [ 529.003765] kstrdup+0x39/0x70 [ 529.006995] parse_opts+0x176/0x500 [ 529.010657] ? trace_hardirqs_off+0xb8/0x2b0 02:39:37 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1a000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 529.015100] ? do_raw_spin_unlock+0xa7/0x2f0 [ 529.019545] ? p9_fd_poll+0x2b0/0x2b0 [ 529.023384] ? kasan_check_write+0x14/0x20 [ 529.027656] ? trace_hardirqs_off+0xb8/0x2b0 [ 529.032100] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 529.037264] ? trace_hardirqs_on+0x2c0/0x2c0 [ 529.041701] ? kfree+0x111/0x210 [ 529.045088] ? kfree+0x111/0x210 [ 529.048471] ? lockdep_hardirqs_on+0x421/0x5c0 [ 529.053105] p9_fd_create+0x8b/0x3f0 [ 529.056851] ? p9_fd_show_options+0x1c0/0x1c0 [ 529.061371] ? p9_client_create+0x7e5/0x159b [ 529.065815] p9_client_create+0x889/0x159b [ 529.070101] ? p9_client_read+0xbf0/0xbf0 [ 529.074298] ? __kmalloc_track_caller+0x26e/0x720 [ 529.079164] ? __lockdep_init_map+0x105/0x590 [ 529.083700] ? lockdep_init_map+0x9/0x10 [ 529.087797] ? kasan_check_write+0x14/0x20 [ 529.092064] ? __init_rwsem+0x1cc/0x2a0 [ 529.096082] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 529.101146] ? rcu_read_lock_sched_held+0x108/0x120 [ 529.106231] ? __kmalloc_track_caller+0x590/0x720 [ 529.111127] ? save_stack+0xa9/0xd0 [ 529.114780] ? save_stack+0x43/0xd0 [ 529.118419] ? kasan_kmalloc+0xc4/0xe0 [ 529.122318] ? kmem_cache_alloc_trace+0x152/0x730 [ 529.127183] ? memcpy+0x45/0x50 [ 529.130528] v9fs_session_init+0x21a/0x1a80 [ 529.134865] ? find_held_lock+0x36/0x1c0 [ 529.138970] ? v9fs_show_options+0x7e0/0x7e0 [ 529.143397] ? kmem_cache_alloc_trace+0x275/0x730 [ 529.148269] ? kasan_check_read+0x11/0x20 [ 529.152432] ? rcu_is_watching+0x8c/0x150 [ 529.156592] ? trace_hardirqs_on+0xbd/0x2c0 [ 529.160932] ? rcu_pm_notify+0xc0/0xc0 [ 529.164856] ? v9fs_mount+0x61/0x900 [ 529.168589] ? rcu_read_lock_sched_held+0x108/0x120 [ 529.173621] ? kmem_cache_alloc_trace+0x324/0x730 [ 529.178516] v9fs_mount+0x7c/0x900 [ 529.182075] ? alloc_pages_current+0x114/0x210 [ 529.186691] mount_fs+0xae/0x328 [ 529.190093] vfs_kern_mount.part.33+0xdc/0x4e0 [ 529.194705] ? may_umount+0xb0/0xb0 [ 529.198353] ? _raw_read_unlock+0x22/0x30 [ 529.202520] ? __get_fs_type+0x97/0xc0 [ 529.206442] do_mount+0x581/0x30e0 [ 529.209998] ? kmem_cache_alloc_trace+0x275/0x730 [ 529.214876] ? copy_mount_string+0x40/0x40 [ 529.219129] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 529.223919] ? retint_kernel+0x10/0x10 [ 529.227842] ? copy_mount_options+0x1f0/0x380 [ 529.232359] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 529.237234] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.242789] ? copy_mount_options+0x285/0x380 [ 529.247318] ksys_mount+0x12d/0x140 [ 529.250968] __x64_sys_mount+0xbe/0x150 [ 529.254970] do_syscall_64+0x1b9/0x820 [ 529.258879] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 529.264262] ? syscall_return_slowpath+0x5e0/0x5e0 [ 529.269228] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 529.274268] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 529.279300] ? recalc_sigpending_tsk+0x180/0x180 [ 529.284075] ? kasan_check_write+0x14/0x20 [ 529.288381] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 529.293265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 529.298471] RIP: 0033:0x457089 [ 529.301681] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 529.320595] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 529.328326] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 529.335605] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 529.342880] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 529.350175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 529.357474] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000d [ 529.365234] 9pnet: Insufficient options for proto=fd 02:39:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 529.511274] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 529.598800] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:38 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x19, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x40000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4e240000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:38 executing program 1 (fault-call:7 fault-nth:14): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:38 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:38 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0xffffff89, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 529.733351] FAULT_INJECTION: forcing a failure. [ 529.733351] name failslab, interval 1, probability 0, space 0, times 0 [ 529.744701] CPU: 1 PID: 28452 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 529.751746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.761114] Call Trace: [ 529.763734] dump_stack+0x1c9/0x2b4 [ 529.767384] ? dump_stack_print_info.cold.2+0x52/0x52 [ 529.772599] ? perf_trace_lock+0xde/0x920 [ 529.776777] should_fail.cold.4+0xa/0x11 [ 529.780873] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 529.785991] ? __kernel_text_address+0xd/0x40 [ 529.790522] ? unwind_get_return_address+0x61/0xa0 [ 529.795497] ? find_held_lock+0x36/0x1c0 [ 529.799613] ? check_same_owner+0x340/0x340 [ 529.803960] ? rcu_note_context_switch+0x680/0x680 [ 529.808920] __should_failslab+0x124/0x180 [ 529.813181] should_failslab+0x9/0x14 [ 529.817018] __kmalloc+0x2b2/0x720 [ 529.820583] ? rcu_pm_notify+0xc0/0xc0 [ 529.824502] ? match_number.isra.0+0xbf/0x280 [ 529.829032] match_number.isra.0+0xbf/0x280 [ 529.833378] ? match_strdup+0xa0/0xa0 [ 529.837210] ? match_wildcard+0x3c0/0x3c0 [ 529.841395] match_int+0x23/0x30 [ 529.844790] parse_opts+0x32c/0x500 [ 529.848445] ? p9_fd_poll+0x2b0/0x2b0 [ 529.852272] ? kasan_check_write+0x14/0x20 [ 529.856535] ? trace_hardirqs_off+0xb8/0x2b0 [ 529.858574] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 529.860967] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 529.860990] ? kfree+0x111/0x210 [ 529.861007] ? kfree+0x111/0x210 [ 529.861026] ? lockdep_hardirqs_on+0x421/0x5c0 [ 529.861056] p9_fd_create+0x8b/0x3f0 [ 529.861080] ? p9_fd_show_options+0x1c0/0x1c0 [ 529.893494] ? p9_client_create+0x7e5/0x159b [ 529.897930] p9_client_create+0x889/0x159b [ 529.902207] ? p9_client_read+0xbf0/0xbf0 [ 529.906391] ? __kmalloc_track_caller+0x26e/0x720 [ 529.911266] ? __lockdep_init_map+0x105/0x590 [ 529.915784] ? lockdep_init_map+0x9/0x10 [ 529.919873] ? kasan_check_write+0x14/0x20 [ 529.924128] ? __init_rwsem+0x1cc/0x2a0 [ 529.928119] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 529.933157] ? rcu_read_lock_sched_held+0x108/0x120 [ 529.938225] ? __kmalloc_track_caller+0x590/0x720 [ 529.943080] ? save_stack+0xa9/0xd0 [ 529.946724] ? save_stack+0x43/0xd0 [ 529.950365] ? kasan_kmalloc+0xc4/0xe0 [ 529.954268] ? kmem_cache_alloc_trace+0x152/0x730 [ 529.959128] ? memcpy+0x45/0x50 [ 529.962435] v9fs_session_init+0x21a/0x1a80 [ 529.966795] ? find_held_lock+0x36/0x1c0 [ 529.970887] ? v9fs_show_options+0x7e0/0x7e0 [ 529.975313] ? kmem_cache_alloc_trace+0x275/0x730 [ 529.980172] ? kasan_check_read+0x11/0x20 02:39:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffe4, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1410100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 529.984351] ? rcu_is_watching+0x8c/0x150 [ 529.988510] ? trace_hardirqs_on+0xbd/0x2c0 [ 529.992859] ? rcu_pm_notify+0xc0/0xc0 [ 529.996783] ? v9fs_mount+0x61/0x900 [ 530.000517] ? rcu_read_lock_sched_held+0x108/0x120 [ 530.005550] ? kmem_cache_alloc_trace+0x324/0x730 [ 530.010424] v9fs_mount+0x7c/0x900 [ 530.013981] ? alloc_pages_current+0x114/0x210 [ 530.018587] mount_fs+0xae/0x328 [ 530.021979] vfs_kern_mount.part.33+0xdc/0x4e0 [ 530.026593] ? may_umount+0xb0/0xb0 [ 530.030243] ? _raw_read_unlock+0x22/0x30 02:39:38 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x20000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffff1f00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 530.034409] ? __get_fs_type+0x97/0xc0 [ 530.038323] do_mount+0x581/0x30e0 [ 530.041881] ? kmem_cache_alloc_trace+0x275/0x730 [ 530.046756] ? copy_mount_string+0x40/0x40 [ 530.051019] ? copy_mount_options+0x5f/0x380 [ 530.055452] ? rcu_read_lock_sched_held+0x108/0x120 [ 530.060482] ? kmem_cache_alloc_trace+0x324/0x730 [ 530.065349] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 530.070908] ? _copy_from_user+0xdf/0x150 [ 530.075086] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.080640] ? copy_mount_options+0x285/0x380 [ 530.085157] ksys_mount+0x12d/0x140 [ 530.088819] __x64_sys_mount+0xbe/0x150 [ 530.092820] do_syscall_64+0x1b9/0x820 [ 530.096736] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 530.102124] ? syscall_return_slowpath+0x5e0/0x5e0 [ 530.107072] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 530.112114] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 530.117148] ? recalc_sigpending_tsk+0x180/0x180 [ 530.121943] ? kasan_check_write+0x14/0x20 [ 530.126213] ? trace_hardirqs_off_thunk+0x1a/0x1c 02:39:39 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3c, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 530.131086] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.136294] RIP: 0033:0x457089 [ 530.139502] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 530.158419] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 530.166144] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 530.173430] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 530.180711] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 530.188001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 530.195287] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000e 02:39:39 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:39 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140f8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xb9400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 530.308202] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:39 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x21, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 530.526238] 9pnet: Insufficient options for proto=fd 02:39:39 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x40000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:39 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf5ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000400", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:39 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:39 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfb40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x11, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:39 executing program 1 (fault-call:7 fault-nth:15): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 530.734155] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 530.736392] FAULT_INJECTION: forcing a failure. [ 530.736392] name failslab, interval 1, probability 0, space 0, times 0 [ 530.748678] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 530.753441] CPU: 0 PID: 28546 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 530.768257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.777630] Call Trace: [ 530.780257] dump_stack+0x1c9/0x2b4 [ 530.783919] ? dump_stack_print_info.cold.2+0x52/0x52 [ 530.789142] ? perf_trace_lock+0x49d/0x920 [ 530.793447] should_fail.cold.4+0xa/0x11 [ 530.797560] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 530.802686] ? __save_stack_trace+0x8d/0xf0 [ 530.807079] ? save_stack+0x43/0xd0 [ 530.810787] ? find_held_lock+0x36/0x1c0 [ 530.814916] ? check_same_owner+0x340/0x340 [ 530.819266] ? rcu_note_context_switch+0x680/0x680 [ 530.824251] __should_failslab+0x124/0x180 [ 530.828521] should_failslab+0x9/0x14 [ 530.832435] __kmalloc+0x2b2/0x720 [ 530.836012] ? match_number.isra.0+0xbf/0x280 [ 530.840549] match_number.isra.0+0xbf/0x280 [ 530.844895] ? match_strdup+0xa0/0xa0 [ 530.848719] ? match_wildcard+0x3c0/0x3c0 [ 530.852907] match_int+0x23/0x30 [ 530.856332] parse_opts+0x32c/0x500 [ 530.860001] ? p9_fd_poll+0x2b0/0x2b0 [ 530.863831] ? kasan_check_write+0x14/0x20 [ 530.868094] ? trace_hardirqs_off+0xb8/0x2b0 [ 530.872532] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 530.877660] ? kfree+0x111/0x210 [ 530.881048] ? kfree+0x111/0x210 [ 530.884451] ? lockdep_hardirqs_on+0x421/0x5c0 [ 530.889074] p9_fd_create+0x8b/0x3f0 [ 530.892820] ? p9_fd_show_options+0x1c0/0x1c0 [ 530.897351] ? p9_client_create+0x7e5/0x159b [ 530.901800] p9_client_create+0x889/0x159b [ 530.906082] ? p9_client_read+0xbf0/0xbf0 [ 530.910288] ? __kmalloc_track_caller+0x26e/0x720 [ 530.915160] ? __lockdep_init_map+0x105/0x590 [ 530.919700] ? lockdep_init_map+0x9/0x10 [ 530.923796] ? kasan_check_write+0x14/0x20 [ 530.928058] ? __init_rwsem+0x1cc/0x2a0 [ 530.932061] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 530.937116] ? rcu_read_lock_sched_held+0x108/0x120 [ 530.942156] ? __kmalloc_track_caller+0x590/0x720 [ 530.947036] ? save_stack+0xa9/0xd0 [ 530.950693] ? save_stack+0x43/0xd0 [ 530.954533] ? kasan_kmalloc+0xc4/0xe0 [ 530.958448] ? kmem_cache_alloc_trace+0x152/0x730 [ 530.963319] ? memcpy+0x45/0x50 [ 530.966637] v9fs_session_init+0x21a/0x1a80 [ 530.970982] ? find_held_lock+0x36/0x1c0 [ 530.975093] ? v9fs_show_options+0x7e0/0x7e0 [ 530.979529] ? kmem_cache_alloc_trace+0x275/0x730 [ 530.984409] ? kasan_check_read+0x11/0x20 [ 530.988587] ? rcu_is_watching+0x8c/0x150 [ 530.992764] ? trace_hardirqs_on+0xbd/0x2c0 [ 530.997109] ? rcu_pm_notify+0xc0/0xc0 [ 531.001036] ? v9fs_mount+0x61/0x900 [ 531.004779] ? rcu_read_lock_sched_held+0x108/0x120 [ 531.009818] ? kmem_cache_alloc_trace+0x324/0x730 [ 531.014705] v9fs_mount+0x7c/0x900 [ 531.018269] ? alloc_pages_current+0x114/0x210 [ 531.022887] mount_fs+0xae/0x328 [ 531.026294] vfs_kern_mount.part.33+0xdc/0x4e0 [ 531.030910] ? may_umount+0xb0/0xb0 [ 531.034558] ? _raw_read_unlock+0x22/0x30 [ 531.038730] ? __get_fs_type+0x97/0xc0 [ 531.042659] do_mount+0x581/0x30e0 [ 531.046247] ? kmem_cache_alloc_trace+0x275/0x730 [ 531.051126] ? copy_mount_string+0x40/0x40 [ 531.055406] ? copy_mount_options+0x5f/0x380 [ 531.059846] ? rcu_read_lock_sched_held+0x108/0x120 [ 531.064890] ? kmem_cache_alloc_trace+0x324/0x730 [ 531.069788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 531.075379] ? copy_mount_options+0x285/0x380 [ 531.079914] ksys_mount+0x12d/0x140 [ 531.083570] __x64_sys_mount+0xbe/0x150 [ 531.087585] do_syscall_64+0x1b9/0x820 [ 531.091498] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 531.096891] ? syscall_return_slowpath+0x5e0/0x5e0 [ 531.101849] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 531.106889] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 531.112099] ? recalc_sigpending_tsk+0x180/0x180 [ 531.116885] ? kasan_check_write+0x14/0x20 [ 531.121156] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 531.126057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.131272] RIP: 0033:0x457089 [ 531.134488] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 531.153415] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 531.161157] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 531.168457] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 531.175744] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 02:39:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfe400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x2, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:39 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x5000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:39 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00?\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:39 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4a41010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 531.183038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 531.190339] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000000f [ 531.198236] 9pnet: Insufficient options for proto=fd [ 531.212173] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:40 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0xffffff88, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:40 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:40 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 531.290719] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 531.456838] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:40 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xcc20}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:40 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:40 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x40000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:40 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:40 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0xffffff84, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:40 executing program 1 (fault-call:7 fault-nth:16): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:40 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140f7, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:40 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000001dd5c00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 531.955800] FAULT_INJECTION: forcing a failure. [ 531.955800] name failslab, interval 1, probability 0, space 0, times 0 [ 531.967167] CPU: 1 PID: 28626 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 531.974230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.983602] Call Trace: [ 531.985916] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 531.986218] dump_stack+0x1c9/0x2b4 [ 531.986248] ? dump_stack_print_info.cold.2+0x52/0x52 [ 531.986274] ? perf_trace_lock+0xde/0x920 [ 532.007046] should_fail.cold.4+0xa/0x11 [ 532.011129] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 532.016246] ? __kernel_text_address+0xd/0x40 [ 532.020760] ? unwind_get_return_address+0x61/0xa0 [ 532.025735] ? find_held_lock+0x36/0x1c0 [ 532.029849] ? check_same_owner+0x340/0x340 [ 532.034201] ? rcu_note_context_switch+0x680/0x680 [ 532.039163] __should_failslab+0x124/0x180 [ 532.043428] should_failslab+0x9/0x14 [ 532.047247] __kmalloc+0x2b2/0x720 [ 532.050813] ? rcu_pm_notify+0xc0/0xc0 [ 532.054774] ? match_number.isra.0+0xbf/0x280 [ 532.059297] match_number.isra.0+0xbf/0x280 [ 532.063640] ? match_strdup+0xa0/0xa0 [ 532.067459] ? match_wildcard+0x3c0/0x3c0 [ 532.071631] match_int+0x23/0x30 [ 532.075029] parse_opts+0x32c/0x500 [ 532.078691] ? p9_fd_poll+0x2b0/0x2b0 [ 532.082523] ? kasan_check_write+0x14/0x20 [ 532.086773] ? trace_hardirqs_off+0xb8/0x2b0 [ 532.091213] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 532.096339] ? kfree+0x111/0x210 [ 532.099721] ? kfree+0x111/0x210 [ 532.103101] ? lockdep_hardirqs_on+0x421/0x5c0 [ 532.107707] p9_fd_create+0x8b/0x3f0 [ 532.111448] ? p9_fd_show_options+0x1c0/0x1c0 [ 532.115967] ? p9_client_create+0x7e5/0x159b [ 532.120399] p9_client_create+0x889/0x159b [ 532.124662] ? p9_client_read+0xbf0/0xbf0 [ 532.128837] ? __kmalloc_track_caller+0x26e/0x720 [ 532.133696] ? __lockdep_init_map+0x105/0x590 [ 532.138227] ? lockdep_init_map+0x9/0x10 [ 532.142311] ? kasan_check_write+0x14/0x20 [ 532.146569] ? __init_rwsem+0x1cc/0x2a0 [ 532.150570] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 532.155613] ? rcu_read_lock_sched_held+0x108/0x120 [ 532.160642] ? __kmalloc_track_caller+0x590/0x720 [ 532.165500] ? save_stack+0xa9/0xd0 [ 532.169146] ? save_stack+0x43/0xd0 [ 532.172788] ? kasan_kmalloc+0xc4/0xe0 [ 532.176704] ? kmem_cache_alloc_trace+0x152/0x730 [ 532.181581] ? memcpy+0x45/0x50 [ 532.184890] v9fs_session_init+0x21a/0x1a80 [ 532.189243] ? find_held_lock+0x36/0x1c0 [ 532.193337] ? v9fs_show_options+0x7e0/0x7e0 [ 532.197792] ? kmem_cache_alloc_trace+0x275/0x730 [ 532.202655] ? kasan_check_read+0x11/0x20 [ 532.206906] ? rcu_is_watching+0x8c/0x150 [ 532.211072] ? trace_hardirqs_on+0xbd/0x2c0 [ 532.215408] ? rcu_pm_notify+0xc0/0xc0 [ 532.219327] ? v9fs_mount+0x61/0x900 [ 532.223070] ? rcu_read_lock_sched_held+0x108/0x120 [ 532.228105] ? kmem_cache_alloc_trace+0x324/0x730 [ 532.232977] v9fs_mount+0x7c/0x900 [ 532.236538] ? alloc_pages_current+0x114/0x210 [ 532.241141] mount_fs+0xae/0x328 [ 532.244530] vfs_kern_mount.part.33+0xdc/0x4e0 [ 532.249129] ? may_umount+0xb0/0xb0 [ 532.251739] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 532.252767] ? _raw_read_unlock+0x22/0x30 [ 532.252787] ? __get_fs_type+0x97/0xc0 [ 532.252810] do_mount+0x581/0x30e0 [ 532.252826] ? kmem_cache_alloc_trace+0x275/0x730 [ 532.252848] ? copy_mount_string+0x40/0x40 [ 532.281317] ? retint_kernel+0x10/0x10 [ 532.285241] ? copy_mount_options+0x1e3/0x380 [ 532.289768] ? write_comp_data+0x14/0x70 [ 532.293883] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 532.299447] ? copy_mount_options+0x285/0x380 [ 532.303964] ksys_mount+0x12d/0x140 [ 532.307612] __x64_sys_mount+0xbe/0x150 [ 532.311601] do_syscall_64+0x1b9/0x820 [ 532.315507] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 532.320898] ? syscall_return_slowpath+0x5e0/0x5e0 [ 532.325867] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 532.330901] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 532.335930] ? recalc_sigpending_tsk+0x180/0x180 [ 532.340706] ? kasan_check_write+0x14/0x20 [ 532.344980] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 532.349860] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 532.355083] RIP: 0033:0x457089 [ 532.358293] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 532.377216] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 532.384946] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 532.392235] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 532.399519] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 02:39:41 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x6, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:41 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf408, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000000000020c4900", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:41 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x2f, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:41 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000400", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:41 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3b, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 532.402746] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 532.406796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 532.406807] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000010 02:39:41 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1300, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x900000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:41 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:41 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x700000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:41 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000001100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:41 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf5ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 1 (fault-call:7 fault-nth:17): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:41 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffff87000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 532.593701] 9pnet: Insufficient options for proto=fd [ 532.613737] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 532.902306] FAULT_INJECTION: forcing a failure. [ 532.902306] name failslab, interval 1, probability 0, space 0, times 0 [ 532.913613] CPU: 1 PID: 28698 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 532.920642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 532.930005] Call Trace: [ 532.932618] dump_stack+0x1c9/0x2b4 [ 532.936271] ? dump_stack_print_info.cold.2+0x52/0x52 [ 532.941475] ? kfree+0xd9/0x210 [ 532.944777] ? parse_opts+0x3b8/0x500 [ 532.946694] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 532.948595] ? perf_trace_lock+0xde/0x920 [ 532.948634] should_fail.cold.4+0xa/0x11 [ 532.948667] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 532.956962] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 532.960600] ? kasan_check_write+0x14/0x20 [ 532.960621] ? trace_hardirqs_off+0xb8/0x2b0 [ 532.960642] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 532.960657] ? trace_hardirqs_on+0x2c0/0x2c0 [ 532.960675] ? kfree+0x111/0x210 [ 532.999084] ? lockdep_hardirqs_on+0x421/0x5c0 [ 533.003661] ? find_held_lock+0x36/0x1c0 [ 533.007755] ? check_same_owner+0x340/0x340 [ 533.012099] ? p9_fd_poll+0x2b0/0x2b0 [ 533.015906] ? rcu_note_context_switch+0x680/0x680 [ 533.020824] ? kasan_check_write+0x14/0x20 [ 533.025055] __should_failslab+0x124/0x180 [ 533.029302] should_failslab+0x9/0x14 [ 533.033117] kmem_cache_alloc_trace+0x2b5/0x730 [ 533.037776] ? kfree+0x111/0x210 [ 533.041135] ? lockdep_hardirqs_on+0x421/0x5c0 [ 533.045734] p9_fd_create+0x1a7/0x3f0 [ 533.049551] ? p9_fd_show_options+0x1c0/0x1c0 [ 533.054071] ? p9_client_create+0x7e5/0x159b [ 533.058505] p9_client_create+0x889/0x159b [ 533.062758] ? p9_client_read+0xbf0/0xbf0 [ 533.066920] ? __kmalloc_track_caller+0x26e/0x720 [ 533.071775] ? __lockdep_init_map+0x105/0x590 [ 533.076300] ? lockdep_init_map+0x9/0x10 [ 533.080379] ? kasan_check_write+0x14/0x20 [ 533.084632] ? __init_rwsem+0x1cc/0x2a0 [ 533.088612] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 533.093640] ? rcu_read_lock_sched_held+0x108/0x120 [ 533.098660] ? __kmalloc_track_caller+0x590/0x720 [ 533.103490] ? save_stack+0xa9/0xd0 [ 533.107106] ? save_stack+0x43/0xd0 [ 533.110754] ? kasan_kmalloc+0xc4/0xe0 [ 533.114648] ? kmem_cache_alloc_trace+0x152/0x730 [ 533.119481] ? memcpy+0x45/0x50 [ 533.122771] v9fs_session_init+0x21a/0x1a80 [ 533.127093] ? find_held_lock+0x36/0x1c0 [ 533.131175] ? v9fs_show_options+0x7e0/0x7e0 [ 533.135614] ? kmem_cache_alloc_trace+0x275/0x730 [ 533.140473] ? kasan_check_read+0x11/0x20 [ 533.144643] ? rcu_is_watching+0x8c/0x150 [ 533.148797] ? trace_hardirqs_on+0xbd/0x2c0 [ 533.153117] ? rcu_pm_notify+0xc0/0xc0 [ 533.157045] ? v9fs_mount+0x61/0x900 [ 533.160775] ? rcu_read_lock_sched_held+0x108/0x120 [ 533.165784] ? kmem_cache_alloc_trace+0x324/0x730 [ 533.170624] v9fs_mount+0x7c/0x900 [ 533.174163] ? alloc_pages_current+0x114/0x210 [ 533.178774] mount_fs+0xae/0x328 [ 533.182155] vfs_kern_mount.part.33+0xdc/0x4e0 [ 533.186751] ? may_umount+0xb0/0xb0 [ 533.190369] ? _raw_read_unlock+0x22/0x30 [ 533.194524] ? __get_fs_type+0x97/0xc0 [ 533.198442] do_mount+0x581/0x30e0 [ 533.202020] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 533.207487] ? copy_mount_string+0x40/0x40 [ 533.211739] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 533.216509] ? retint_kernel+0x10/0x10 [ 533.220412] ? copy_mount_options+0x1f0/0x380 [ 533.224909] ? copy_mount_options+0x202/0x380 [ 533.229409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 533.234954] ? copy_mount_options+0x285/0x380 [ 533.239469] ksys_mount+0x12d/0x140 [ 533.243105] __x64_sys_mount+0xbe/0x150 [ 533.247091] do_syscall_64+0x1b9/0x820 [ 533.250981] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 533.256367] ? syscall_return_slowpath+0x5e0/0x5e0 [ 533.261313] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 533.266340] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 533.271357] ? recalc_sigpending_tsk+0x180/0x180 [ 533.276111] ? kasan_check_write+0x14/0x20 [ 533.280340] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 533.285178] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 533.290372] RIP: 0033:0x457089 [ 533.293563] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 533.312476] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 533.320199] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 533.327472] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 533.334745] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 533.342026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 02:39:41 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:42 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 533.349317] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000011 02:39:42 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1800000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:42 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8100000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:42 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:42 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x40000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 533.482341] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:42 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:42 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 533.797548] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 533.826567] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:43 executing program 1 (fault-call:7 fault-nth:18): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88caffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:43 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xfeffffff}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:43 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1700000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff97, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000000ffffffff00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:43 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000100", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 534.358915] FAULT_INJECTION: forcing a failure. [ 534.358915] name failslab, interval 1, probability 0, space 0, times 0 [ 534.370307] CPU: 1 PID: 28781 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 534.377343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.386727] Call Trace: [ 534.389345] dump_stack+0x1c9/0x2b4 [ 534.393007] ? dump_stack_print_info.cold.2+0x52/0x52 [ 534.398243] ? kfree+0xd9/0x210 [ 534.401546] ? parse_opts+0x3b8/0x500 [ 534.405387] ? perf_trace_lock+0xde/0x920 [ 534.409577] should_fail.cold.4+0xa/0x11 [ 534.413678] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 534.418835] ? kasan_check_write+0x14/0x20 [ 534.423100] ? trace_hardirqs_off+0xb8/0x2b0 [ 534.427539] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 534.432663] ? trace_hardirqs_on+0x2c0/0x2c0 [ 534.437106] ? kfree+0x111/0x210 [ 534.440500] ? lockdep_hardirqs_on+0x421/0x5c0 [ 534.445110] ? find_held_lock+0x36/0x1c0 [ 534.449235] ? check_same_owner+0x340/0x340 [ 534.453590] ? p9_fd_poll+0x2b0/0x2b0 [ 534.457411] ? rcu_note_context_switch+0x680/0x680 [ 534.462369] ? kasan_check_write+0x14/0x20 [ 534.466640] __should_failslab+0x124/0x180 [ 534.470902] should_failslab+0x9/0x14 [ 534.474739] kmem_cache_alloc_trace+0x2b5/0x730 [ 534.479434] ? kfree+0x111/0x210 [ 534.482824] ? lockdep_hardirqs_on+0x421/0x5c0 [ 534.487441] p9_fd_create+0x1a7/0x3f0 [ 534.491271] ? p9_fd_show_options+0x1c0/0x1c0 [ 534.495805] ? p9_client_create+0x7e5/0x159b [ 534.500275] p9_client_create+0x889/0x159b [ 534.504552] ? p9_client_read+0xbf0/0xbf0 [ 534.508747] ? __kmalloc_track_caller+0x26e/0x720 [ 534.513626] ? __lockdep_init_map+0x105/0x590 [ 534.518162] ? lockdep_init_map+0x9/0x10 [ 534.522269] ? kasan_check_write+0x14/0x20 [ 534.526539] ? __init_rwsem+0x1cc/0x2a0 [ 534.530542] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 534.535598] ? rcu_read_lock_sched_held+0x108/0x120 [ 534.540649] ? __kmalloc_track_caller+0x590/0x720 [ 534.545516] ? save_stack+0xa9/0xd0 [ 534.549166] ? save_stack+0x43/0xd0 [ 534.552825] ? kasan_kmalloc+0xc4/0xe0 [ 534.556734] ? kmem_cache_alloc_trace+0x152/0x730 [ 534.561597] ? memcpy+0x45/0x50 [ 534.564898] v9fs_session_init+0x21a/0x1a80 [ 534.569243] ? find_held_lock+0x36/0x1c0 [ 534.573336] ? v9fs_show_options+0x7e0/0x7e0 [ 534.577771] ? kmem_cache_alloc_trace+0x275/0x730 [ 534.582631] ? kasan_check_read+0x11/0x20 [ 534.586794] ? rcu_is_watching+0x8c/0x150 [ 534.591449] ? trace_hardirqs_on+0xbd/0x2c0 [ 534.595787] ? rcu_pm_notify+0xc0/0xc0 [ 534.599699] ? v9fs_mount+0x61/0x900 [ 534.603439] ? rcu_read_lock_sched_held+0x108/0x120 02:39:43 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xd00, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:43 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:43 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x608, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 534.608473] ? kmem_cache_alloc_trace+0x324/0x730 [ 534.613342] v9fs_mount+0x7c/0x900 [ 534.616898] ? alloc_pages_current+0x114/0x210 [ 534.621514] mount_fs+0xae/0x328 [ 534.624909] vfs_kern_mount.part.33+0xdc/0x4e0 [ 534.629511] ? may_umount+0xb0/0xb0 [ 534.633157] ? _raw_read_unlock+0x22/0x30 [ 534.637333] ? __get_fs_type+0x97/0xc0 [ 534.641255] do_mount+0x581/0x30e0 [ 534.644811] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 534.650291] ? copy_mount_string+0x40/0x40 [ 534.654549] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 534.659339] ? retint_kernel+0x10/0x10 [ 534.663258] ? copy_mount_options+0x1e3/0x380 [ 534.667772] ? copy_mount_options+0x1f0/0x380 [ 534.672285] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 534.677151] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 534.682746] ? copy_mount_options+0x285/0x380 [ 534.687267] ksys_mount+0x12d/0x140 [ 534.689620] 9pnet: Insufficient options for proto=fd [ 534.690911] __x64_sys_mount+0xbe/0x150 [ 534.690936] do_syscall_64+0x1b9/0x820 [ 534.690957] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 02:39:43 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x9000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 534.690977] ? syscall_return_slowpath+0x5e0/0x5e0 [ 534.690993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 534.691012] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 534.691030] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 534.691047] ? prepare_exit_to_usermode+0x291/0x3b0 [ 534.691067] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 534.691092] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 534.691112] RIP: 0033:0x457089 02:39:43 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8dffffff00000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 534.747979] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 534.766903] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 534.774667] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 534.781962] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 534.789255] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 534.796550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 534.803843] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000012 [ 534.813899] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 534.822782] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:43 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x13000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 1 (fault-call:7 fault-nth:19): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1b00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:43 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xec0}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:43 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000008800", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:43 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:43 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88caffff00000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:43 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140bb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 535.135686] FAULT_INJECTION: forcing a failure. [ 535.135686] name failslab, interval 1, probability 0, space 0, times 0 [ 535.147150] CPU: 0 PID: 28848 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 535.154225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.163617] Call Trace: [ 535.166265] dump_stack+0x1c9/0x2b4 [ 535.169948] ? dump_stack_print_info.cold.2+0x52/0x52 [ 535.175176] ? perf_tp_event+0xc40/0xc40 [ 535.179321] should_fail.cold.4+0xa/0x11 [ 535.183434] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 535.188581] ? perf_trace_lock+0x49d/0x920 [ 535.192867] ? zap_class+0x740/0x740 [ 535.196618] ? p9_client_prepare_req.part.9+0x663/0xba0 [ 535.202015] ? p9_client_rpc+0x1c2/0x1400 [ 535.206221] ? p9_client_create+0xc4a/0x159b [ 535.210678] ? v9fs_session_init+0x21a/0x1a80 [ 535.215234] ? v9fs_mount+0x7c/0x900 [ 535.218983] ? mount_fs+0xae/0x328 [ 535.222563] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 535.227355] ? ksys_mount+0x12d/0x140 [ 535.231229] ? __x64_sys_mount+0xbe/0x150 [ 535.235425] ? graph_lock+0x170/0x170 [ 535.239303] ? find_held_lock+0x36/0x1c0 [ 535.243409] ? check_same_owner+0x340/0x340 [ 535.247778] ? rcu_note_context_switch+0x680/0x680 [ 535.252764] __should_failslab+0x124/0x180 [ 535.257044] should_failslab+0x9/0x14 [ 535.260892] __kmalloc+0x2b2/0x720 [ 535.264487] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 535.269631] ? init_wait_entry+0x1c0/0x1c0 [ 535.273900] ? p9_fcall_alloc+0x1e/0x90 [ 535.277924] p9_fcall_alloc+0x1e/0x90 [ 535.281761] p9_client_prepare_req.part.9+0x862/0xba0 [ 535.287012] ? p9_free_req.isra.8+0x140/0x140 [ 535.291556] ? p9_pollwait+0x83/0x230 [ 535.295398] ? p9_conn_create+0x730/0x730 [ 535.299589] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 535.305172] p9_client_rpc+0x1c2/0x1400 [ 535.309209] ? p9_fd_poll+0x1e0/0x2b0 [ 535.313058] ? p9_conn_create+0x55b/0x730 [ 535.317257] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 535.319553] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 535.322663] ? ksys_dup3+0x690/0x690 [ 535.322682] ? kasan_check_read+0x11/0x20 [ 535.322703] ? rcu_is_watching+0x8c/0x150 [ 535.342675] ? trace_hardirqs_on+0xbd/0x2c0 [ 535.347029] ? rcu_pm_notify+0xc0/0xc0 [ 535.350977] ? rcu_read_lock_sched_held+0x108/0x120 [ 535.356027] ? kfree+0x111/0x210 [ 535.359417] ? lockdep_hardirqs_on+0x421/0x5c0 [ 535.364049] ? p9_fd_show_options+0x1c0/0x1c0 [ 535.368598] p9_client_create+0xc4a/0x159b [ 535.372885] ? p9_client_read+0xbf0/0xbf0 [ 535.377081] ? __kmalloc_track_caller+0x26e/0x720 [ 535.381959] ? __lockdep_init_map+0x105/0x590 [ 535.386503] ? kasan_check_write+0x14/0x20 [ 535.390765] ? __init_rwsem+0x1cc/0x2a0 [ 535.394801] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 535.399852] ? rcu_read_lock_sched_held+0x108/0x120 [ 535.404898] ? __kmalloc_track_caller+0x590/0x720 [ 535.409765] ? save_stack+0xa9/0xd0 [ 535.413412] ? save_stack+0x43/0xd0 [ 535.417063] ? kasan_kmalloc+0xc4/0xe0 [ 535.420967] ? kmem_cache_alloc_trace+0x152/0x730 [ 535.425857] ? memcpy+0x45/0x50 [ 535.429172] v9fs_session_init+0x21a/0x1a80 [ 535.433547] ? find_held_lock+0x36/0x1c0 [ 535.437655] ? v9fs_show_options+0x7e0/0x7e0 [ 535.442086] ? kmem_cache_alloc_trace+0x275/0x730 [ 535.446956] ? kasan_check_read+0x11/0x20 [ 535.451125] ? rcu_is_watching+0x8c/0x150 [ 535.455289] ? trace_hardirqs_on+0xbd/0x2c0 [ 535.459635] ? rcu_pm_notify+0xc0/0xc0 [ 535.463562] ? v9fs_mount+0x61/0x900 [ 535.467297] ? rcu_read_lock_sched_held+0x108/0x120 [ 535.472334] ? kmem_cache_alloc_trace+0x324/0x730 [ 535.477235] v9fs_mount+0x7c/0x900 [ 535.480797] ? alloc_pages_current+0x114/0x210 [ 535.485502] mount_fs+0xae/0x328 [ 535.488905] vfs_kern_mount.part.33+0xdc/0x4e0 [ 535.493524] ? may_umount+0xb0/0xb0 [ 535.497195] ? _raw_read_unlock+0x22/0x30 [ 535.501386] ? __get_fs_type+0x97/0xc0 [ 535.505307] do_mount+0x581/0x30e0 [ 535.508868] ? kmem_cache_alloc_trace+0x275/0x730 [ 535.513747] ? copy_mount_string+0x40/0x40 [ 535.518033] ? copy_mount_options+0x5f/0x380 [ 535.522468] ? rcu_read_lock_sched_held+0x108/0x120 [ 535.527504] ? kmem_cache_alloc_trace+0x324/0x730 [ 535.532396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 535.537955] ? copy_mount_options+0x285/0x380 [ 535.542487] ksys_mount+0x12d/0x140 [ 535.546149] __x64_sys_mount+0xbe/0x150 [ 535.550162] do_syscall_64+0x1b9/0x820 [ 535.554081] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 535.559475] ? syscall_return_slowpath+0x5e0/0x5e0 [ 535.564432] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 535.569471] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 535.574508] ? recalc_sigpending_tsk+0x180/0x180 [ 535.579302] ? kasan_check_write+0x14/0x20 [ 535.583568] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 535.588451] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 535.594130] RIP: 0033:0x457089 [ 535.597340] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 535.616272] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 535.624012] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:44 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:44 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x86ddffff00000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:44 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1500000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 535.631333] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 535.638628] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 535.645922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 535.653230] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000013 [ 535.668184] 9pnet: Couldn't grow tag array 02:39:44 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 535.690457] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:44 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000feffff0700", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:44 executing program 1 (fault-call:7 fault-nth:20): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:44 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xf0ffffffffffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1800, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:44 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 535.898850] FAULT_INJECTION: forcing a failure. [ 535.898850] name failslab, interval 1, probability 0, space 0, times 0 [ 535.910259] CPU: 0 PID: 28900 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 535.917303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.926694] Call Trace: [ 535.929319] dump_stack+0x1c9/0x2b4 [ 535.932990] ? dump_stack_print_info.cold.2+0x52/0x52 [ 535.938238] ? __kernel_text_address+0xd/0x40 [ 535.942769] ? unwind_get_return_address+0x61/0xa0 [ 535.947751] should_fail.cold.4+0xa/0x11 [ 535.951860] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 535.957011] ? save_stack+0xa9/0xd0 [ 535.960674] ? save_stack+0x43/0xd0 [ 535.964335] ? kasan_kmalloc+0xc4/0xe0 [ 535.968259] ? __kmalloc+0x14e/0x720 [ 535.972014] ? p9_fcall_alloc+0x1e/0x90 [ 535.976034] ? p9_client_prepare_req.part.9+0x862/0xba0 [ 535.981445] ? p9_client_rpc+0x1c2/0x1400 [ 535.985634] ? v9fs_session_init+0x21a/0x1a80 [ 535.990167] ? v9fs_mount+0x7c/0x900 [ 535.993930] ? mount_fs+0xae/0x328 [ 535.997502] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 536.002294] ? do_mount+0x581/0x30e0 [ 536.006049] ? ksys_mount+0x12d/0x140 [ 536.009887] ? __x64_sys_mount+0xbe/0x150 [ 536.014073] ? do_syscall_64+0x1b9/0x820 [ 536.018177] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 536.023627] ? lock_downgrade+0x8f0/0x8f0 [ 536.027839] ? __kmalloc+0x272/0x720 [ 536.031604] ? check_same_owner+0x340/0x340 [ 536.035960] ? trace_hardirqs_on+0xbd/0x2c0 [ 536.040332] ? rcu_note_context_switch+0x680/0x680 [ 536.045318] __should_failslab+0x124/0x180 02:39:44 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4841010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 536.049602] should_failslab+0x9/0x14 [ 536.053442] __kmalloc+0x2b2/0x720 [ 536.057023] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 536.062167] ? init_wait_entry+0x1c0/0x1c0 [ 536.066460] ? p9_fcall_alloc+0x1e/0x90 [ 536.070471] p9_fcall_alloc+0x1e/0x90 [ 536.074299] p9_client_prepare_req.part.9+0x7eb/0xba0 [ 536.079535] ? p9_free_req.isra.8+0x140/0x140 [ 536.084063] ? p9_pollwait+0x83/0x230 [ 536.087901] ? p9_conn_create+0x730/0x730 [ 536.092090] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 536.097705] p9_client_rpc+0x1c2/0x1400 [ 536.101727] ? p9_fd_poll+0x1e0/0x2b0 [ 536.105568] ? p9_conn_create+0x55b/0x730 [ 536.109754] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 536.115172] ? ksys_dup3+0x690/0x690 [ 536.118932] ? kasan_check_read+0x11/0x20 [ 536.123111] ? rcu_is_watching+0x8c/0x150 [ 536.127279] ? trace_hardirqs_on+0xbd/0x2c0 [ 536.131631] ? rcu_pm_notify+0xc0/0xc0 [ 536.135571] ? rcu_read_lock_sched_held+0x108/0x120 [ 536.140615] ? kfree+0x111/0x210 [ 536.144007] ? lockdep_hardirqs_on+0x421/0x5c0 [ 536.148642] ? p9_fd_show_options+0x1c0/0x1c0 [ 536.153182] p9_client_create+0xc4a/0x159b [ 536.157482] ? p9_client_read+0xbf0/0xbf0 [ 536.161673] ? __kmalloc_track_caller+0x26e/0x720 [ 536.166548] ? __lockdep_init_map+0x105/0x590 [ 536.171087] ? kasan_check_write+0x14/0x20 [ 536.175352] ? __init_rwsem+0x1cc/0x2a0 [ 536.179360] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 536.184411] ? rcu_read_lock_sched_held+0x108/0x120 [ 536.189460] ? __kmalloc_track_caller+0x590/0x720 [ 536.194330] ? save_stack+0xa9/0xd0 [ 536.197986] ? save_stack+0x43/0xd0 [ 536.201635] ? kasan_kmalloc+0xc4/0xe0 [ 536.205549] ? kmem_cache_alloc_trace+0x152/0x730 [ 536.210422] ? memcpy+0x45/0x50 [ 536.213741] v9fs_session_init+0x21a/0x1a80 [ 536.218097] ? find_held_lock+0x36/0x1c0 [ 536.222228] ? v9fs_show_options+0x7e0/0x7e0 [ 536.226673] ? kmem_cache_alloc_trace+0x275/0x730 [ 536.231547] ? kasan_check_read+0x11/0x20 [ 536.235723] ? rcu_is_watching+0x8c/0x150 [ 536.239898] ? trace_hardirqs_on+0xbd/0x2c0 [ 536.244259] ? rcu_pm_notify+0xc0/0xc0 02:39:45 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xc00e000000000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:45 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xf5ffffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:45 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:45 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140fe, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:45 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 536.248202] ? v9fs_mount+0x61/0x900 [ 536.251963] ? rcu_read_lock_sched_held+0x108/0x120 [ 536.257007] ? kmem_cache_alloc_trace+0x324/0x730 [ 536.261907] v9fs_mount+0x7c/0x900 [ 536.265468] ? alloc_pages_current+0x114/0x210 [ 536.270088] mount_fs+0xae/0x328 [ 536.273489] vfs_kern_mount.part.33+0xdc/0x4e0 [ 536.276911] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 536.278095] ? may_umount+0xb0/0xb0 [ 536.278125] ? _raw_read_unlock+0x22/0x30 [ 536.293707] ? __get_fs_type+0x97/0xc0 [ 536.297635] do_mount+0x581/0x30e0 [ 536.301212] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 536.306709] ? copy_mount_string+0x40/0x40 [ 536.310978] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 536.315777] ? retint_kernel+0x10/0x10 [ 536.319713] ? copy_mount_options+0x1a1/0x380 [ 536.324252] ? copy_mount_options+0x1a4/0x380 [ 536.328783] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 536.334346] ? copy_mount_options+0x285/0x380 [ 536.338874] ksys_mount+0x12d/0x140 [ 536.342539] __x64_sys_mount+0xbe/0x150 [ 536.346551] do_syscall_64+0x1b9/0x820 [ 536.350467] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 536.355858] ? syscall_return_slowpath+0x5e0/0x5e0 [ 536.360820] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 536.365862] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 536.370900] ? recalc_sigpending_tsk+0x180/0x180 [ 536.375684] ? kasan_check_write+0x14/0x20 [ 536.379960] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 536.384851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 536.390062] RIP: 0033:0x457089 [ 536.393273] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 536.412222] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 536.419994] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 536.427310] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 536.434602] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 536.441892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 02:39:45 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x3a000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 536.449178] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000014 [ 536.456779] 9pnet: Couldn't grow tag array [ 536.466463] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:45 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:45 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4041010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:45 executing program 1 (fault-call:7 fault-nth:21): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 536.549944] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:45 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3410100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:45 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88480000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:45 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x15000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:45 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 536.750503] FAULT_INJECTION: forcing a failure. [ 536.750503] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 536.762367] CPU: 1 PID: 28968 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 536.769403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.776635] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 536.778775] Call Trace: [ 536.778805] dump_stack+0x1c9/0x2b4 [ 536.778831] ? dump_stack_print_info.cold.2+0x52/0x52 [ 536.778872] should_fail.cold.4+0xa/0x11 [ 536.802164] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 536.807336] ? lock_downgrade+0x8f0/0x8f0 [ 536.811526] ? rcu_is_watching+0x8c/0x150 [ 536.815814] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 536.820523] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 536.825250] ? is_bpf_text_address+0xd7/0x170 [ 536.829778] ? kernel_text_address+0x79/0xf0 [ 536.834238] ? __kernel_text_address+0xd/0x40 [ 536.838779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 536.844352] ? should_fail+0x246/0xd86 [ 536.848368] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 536.853503] __alloc_pages_nodemask+0x365/0xd10 [ 536.858213] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 536.863253] ? p9_client_create+0xc4a/0x159b [ 536.867681] ? v9fs_mount+0x7c/0x900 [ 536.871433] ? mount_fs+0xae/0x328 [ 536.875161] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 536.879946] ? do_mount+0x581/0x30e0 [ 536.883673] ? ksys_mount+0x12d/0x140 [ 536.887501] ? __x64_sys_mount+0xbe/0x150 [ 536.891691] ? graph_lock+0x170/0x170 [ 536.895561] ? find_held_lock+0x36/0x1c0 [ 536.899648] ? trace_hardirqs_off+0xb8/0x2b0 [ 536.904108] cache_grow_begin+0x91/0x710 [ 536.908227] __kmalloc+0x641/0x720 [ 536.911790] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 536.917004] ? init_wait_entry+0x1c0/0x1c0 [ 536.921267] ? p9_fcall_alloc+0x1e/0x90 [ 536.925272] p9_fcall_alloc+0x1e/0x90 [ 536.929234] p9_client_prepare_req.part.9+0x862/0xba0 [ 536.934468] ? p9_free_req.isra.8+0x140/0x140 [ 536.939013] ? p9_pollwait+0x83/0x230 [ 536.942852] ? p9_conn_create+0x730/0x730 [ 536.947045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 536.952625] p9_client_rpc+0x1c2/0x1400 [ 536.956640] ? p9_fd_poll+0x1e0/0x2b0 [ 536.960461] ? p9_conn_create+0x55b/0x730 [ 536.964632] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 536.970028] ? ksys_dup3+0x690/0x690 [ 536.973759] ? kasan_check_read+0x11/0x20 [ 536.977920] ? rcu_is_watching+0x8c/0x150 [ 536.982079] ? trace_hardirqs_on+0xbd/0x2c0 [ 536.986416] ? rcu_pm_notify+0xc0/0xc0 [ 536.990332] ? rcu_read_lock_sched_held+0x108/0x120 [ 536.995367] ? kfree+0x111/0x210 [ 536.998754] ? lockdep_hardirqs_on+0x421/0x5c0 [ 537.003391] ? p9_fd_show_options+0x1c0/0x1c0 [ 537.007919] p9_client_create+0xc4a/0x159b [ 537.012211] ? p9_client_read+0xbf0/0xbf0 [ 537.016395] ? __kmalloc_track_caller+0x26e/0x720 [ 537.021278] ? __lockdep_init_map+0x105/0x590 [ 537.025818] ? kasan_check_write+0x14/0x20 [ 537.030092] ? __init_rwsem+0x1cc/0x2a0 [ 537.034098] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 537.039147] ? rcu_read_lock_sched_held+0x108/0x120 [ 537.044211] ? __kmalloc_track_caller+0x590/0x720 [ 537.049098] ? save_stack+0xa9/0xd0 [ 537.052754] ? save_stack+0x43/0xd0 [ 537.056402] ? kasan_kmalloc+0xc4/0xe0 [ 537.060304] ? kmem_cache_alloc_trace+0x152/0x730 [ 537.065169] ? memcpy+0x45/0x50 [ 537.068481] v9fs_session_init+0x21a/0x1a80 [ 537.072826] ? find_held_lock+0x36/0x1c0 [ 537.076932] ? v9fs_show_options+0x7e0/0x7e0 [ 537.081362] ? kmem_cache_alloc_trace+0x275/0x730 [ 537.086241] ? kasan_check_read+0x11/0x20 [ 537.090419] ? rcu_is_watching+0x8c/0x150 [ 537.094588] ? trace_hardirqs_on+0xbd/0x2c0 [ 537.098932] ? rcu_pm_notify+0xc0/0xc0 [ 537.102851] ? v9fs_mount+0x61/0x900 [ 537.106585] ? rcu_read_lock_sched_held+0x108/0x120 [ 537.111625] ? kmem_cache_alloc_trace+0x324/0x730 [ 537.116509] v9fs_mount+0x7c/0x900 [ 537.120075] ? alloc_pages_current+0x114/0x210 [ 537.124685] mount_fs+0xae/0x328 [ 537.128085] vfs_kern_mount.part.33+0xdc/0x4e0 [ 537.132692] ? may_umount+0xb0/0xb0 [ 537.136366] ? _raw_read_unlock+0x22/0x30 [ 537.140532] ? __get_fs_type+0x97/0xc0 [ 537.144444] do_mount+0x581/0x30e0 [ 537.148025] ? kmem_cache_alloc_trace+0x275/0x730 [ 537.152893] ? copy_mount_string+0x40/0x40 [ 537.157158] ? copy_mount_options+0x5f/0x380 [ 537.161589] ? rcu_read_lock_sched_held+0x108/0x120 [ 537.166619] ? kmem_cache_alloc_trace+0x324/0x730 [ 537.171480] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 537.177048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 537.182604] ? copy_mount_options+0x285/0x380 [ 537.187128] ksys_mount+0x12d/0x140 [ 537.190792] __x64_sys_mount+0xbe/0x150 [ 537.194793] do_syscall_64+0x1b9/0x820 [ 537.198694] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 537.204079] ? syscall_return_slowpath+0x5e0/0x5e0 [ 537.209025] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 537.214235] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 537.219279] ? recalc_sigpending_tsk+0x180/0x180 [ 537.224058] ? kasan_check_write+0x14/0x20 [ 537.228323] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 537.233206] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 537.238407] RIP: 0033:0x457089 [ 537.241612] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 537.260527] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 537.268258] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 537.275542] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 537.282833] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 537.290122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 02:39:45 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b2, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 537.297407] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000015 02:39:46 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8035, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:46 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:46 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 537.434661] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:46 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:46 executing program 1 (fault-call:7 fault-nth:22): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:46 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8864, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:46 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000000400", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 537.661721] FAULT_INJECTION: forcing a failure. [ 537.661721] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 537.673599] CPU: 1 PID: 29023 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 537.680683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.690068] Call Trace: [ 537.692726] dump_stack+0x1c9/0x2b4 [ 537.696812] ? dump_stack_print_info.cold.2+0x52/0x52 [ 537.702042] ? graph_lock+0x170/0x170 [ 537.705888] should_fail.cold.4+0xa/0x11 [ 537.709982] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 537.715130] ? find_held_lock+0x36/0x1c0 [ 537.719272] ? _raw_spin_unlock_irq+0x27/0x70 [ 537.723819] ? _raw_spin_unlock_irq+0x27/0x70 [ 537.728375] ? lockdep_hardirqs_on+0x421/0x5c0 [ 537.733003] ? trace_hardirqs_on+0xbd/0x2c0 [ 537.737378] ? kasan_check_read+0x11/0x20 [ 537.741571] ? finish_task_switch+0x1d3/0x870 [ 537.746105] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 537.751256] ? compat_start_thread+0x80/0x80 [ 537.755720] ? _raw_spin_unlock_irq+0x27/0x70 [ 537.760261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 537.765865] ? should_fail+0x246/0xd86 [ 537.769790] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 537.774921] ? __switch_to_asm+0x40/0x70 [ 537.779259] ? __switch_to_asm+0x34/0x70 [ 537.783349] ? __switch_to_asm+0x40/0x70 [ 537.787177] 9pnet: Insufficient options for proto=fd [ 537.787449] __alloc_pages_nodemask+0x365/0xd10 [ 537.787470] ? __switch_to_asm+0x34/0x70 [ 537.787494] ? __switch_to_asm+0x40/0x70 [ 537.805437] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 537.810482] ? p9_client_create+0xc4a/0x159b [ 537.814925] ? __sched_text_start+0x8/0x8 [ 537.819119] ? find_held_lock+0x36/0x1c0 [ 537.823223] ? trace_hardirqs_off+0xb8/0x2b0 [ 537.827672] cache_grow_begin+0x91/0x710 [ 537.831790] __kmalloc+0x641/0x720 [ 537.835352] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 537.838708] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 537.840473] ? init_wait_entry+0x1c0/0x1c0 [ 537.840493] ? p9_fcall_alloc+0x1e/0x90 [ 537.840516] p9_fcall_alloc+0x1e/0x90 02:39:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000000000200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x16, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:46 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:46 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x5800, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:46 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 537.840535] p9_client_prepare_req.part.9+0x862/0xba0 [ 537.840563] ? p9_free_req.isra.8+0x140/0x140 [ 537.840585] ? p9_pollwait+0x83/0x230 [ 537.874019] ? p9_conn_create+0x730/0x730 [ 537.878213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 537.883890] p9_client_rpc+0x1c2/0x1400 [ 537.887897] ? p9_fd_poll+0x1e0/0x2b0 [ 537.891745] ? p9_conn_create+0x55b/0x730 [ 537.895925] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 537.901336] ? ksys_dup3+0x690/0x690 [ 537.905072] ? kasan_check_read+0x11/0x20 02:39:46 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x6, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:46 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00?\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 537.909241] ? rcu_is_watching+0x8c/0x150 [ 537.913523] ? trace_hardirqs_on+0xbd/0x2c0 [ 537.917882] ? rcu_pm_notify+0xc0/0xc0 [ 537.921812] ? rcu_read_lock_sched_held+0x108/0x120 [ 537.926859] ? kfree+0x111/0x210 [ 537.930257] ? lockdep_hardirqs_on+0x421/0x5c0 [ 537.934887] ? p9_fd_show_options+0x1c0/0x1c0 [ 537.939423] p9_client_create+0xc4a/0x159b [ 537.943709] ? p9_client_read+0xbf0/0xbf0 [ 537.947897] ? __kmalloc_track_caller+0x26e/0x720 [ 537.952764] ? __lockdep_init_map+0x105/0x590 [ 537.957291] ? kasan_check_write+0x14/0x20 [ 537.961675] ? __init_rwsem+0x1cc/0x2a0 [ 537.965690] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 537.970783] ? rcu_read_lock_sched_held+0x108/0x120 [ 537.975819] ? __kmalloc_track_caller+0x590/0x720 [ 537.980692] ? save_stack+0xa9/0xd0 [ 537.984355] ? save_stack+0x43/0xd0 [ 537.988005] ? kasan_kmalloc+0xc4/0xe0 [ 537.991928] ? kmem_cache_alloc_trace+0x152/0x730 [ 537.996798] ? memcpy+0x45/0x50 [ 538.000109] v9fs_session_init+0x21a/0x1a80 [ 538.004458] ? find_held_lock+0x36/0x1c0 [ 538.008562] ? v9fs_show_options+0x7e0/0x7e0 [ 538.013087] ? kmem_cache_alloc_trace+0x275/0x730 [ 538.017944] ? kasan_check_read+0x11/0x20 [ 538.022205] ? rcu_is_watching+0x8c/0x150 [ 538.026367] ? trace_hardirqs_on+0xbd/0x2c0 [ 538.030701] ? rcu_pm_notify+0xc0/0xc0 [ 538.034634] ? v9fs_mount+0x61/0x900 [ 538.038362] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.043401] ? kmem_cache_alloc_trace+0x324/0x730 [ 538.048363] v9fs_mount+0x7c/0x900 [ 538.051916] ? alloc_pages_current+0x114/0x210 [ 538.056518] mount_fs+0xae/0x328 [ 538.059907] vfs_kern_mount.part.33+0xdc/0x4e0 [ 538.064509] ? may_umount+0xb0/0xb0 [ 538.068153] ? _raw_read_unlock+0x22/0x30 [ 538.072331] ? __get_fs_type+0x97/0xc0 [ 538.076248] do_mount+0x581/0x30e0 [ 538.079815] ? kmem_cache_alloc_trace+0x275/0x730 [ 538.084682] ? copy_mount_string+0x40/0x40 [ 538.088958] ? copy_mount_options+0x5f/0x380 [ 538.093388] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.098429] ? kmem_cache_alloc_trace+0x324/0x730 [ 538.103303] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 538.108870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 538.114424] ? copy_mount_options+0x285/0x380 [ 538.118943] ksys_mount+0x12d/0x140 [ 538.122595] __x64_sys_mount+0xbe/0x150 [ 538.126598] do_syscall_64+0x1b9/0x820 [ 538.130504] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 538.135894] ? syscall_return_slowpath+0x5e0/0x5e0 [ 538.140852] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 538.145898] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 538.150933] ? recalc_sigpending_tsk+0x180/0x180 [ 538.155707] ? kasan_check_write+0x14/0x20 [ 538.159975] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 538.164844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 538.170043] RIP: 0033:0x457089 [ 538.173257] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 538.192179] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 538.199933] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 538.207234] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 538.214523] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 538.221818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 538.229110] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000016 02:39:47 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140b9, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:47 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:47 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 538.336154] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 538.416160] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:47 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x4000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:47 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8864000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:47 executing program 1 (fault-call:7 fault-nth:23): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:47 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000f00600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:47 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000500200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:47 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:47 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 538.558331] FAULT_INJECTION: forcing a failure. [ 538.558331] name failslab, interval 1, probability 0, space 0, times 0 [ 538.569809] CPU: 0 PID: 29088 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 538.576857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.586252] Call Trace: [ 538.589272] dump_stack+0x1c9/0x2b4 [ 538.592950] ? dump_stack_print_info.cold.2+0x52/0x52 [ 538.598210] should_fail.cold.4+0xa/0x11 [ 538.602322] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 538.607448] ? __switch_to_asm+0x40/0x70 [ 538.611529] ? __switch_to_asm+0x34/0x70 [ 538.615610] ? __switch_to_asm+0x40/0x70 [ 538.619689] ? __switch_to_asm+0x34/0x70 [ 538.623769] ? __switch_to_asm+0x40/0x70 [ 538.627853] ? __switch_to_asm+0x34/0x70 [ 538.631939] ? __switch_to_asm+0x34/0x70 [ 538.636076] ? __switch_to_asm+0x40/0x70 [ 538.640162] ? __switch_to_asm+0x40/0x70 [ 538.644258] ? __switch_to_asm+0x34/0x70 [ 538.648342] ? __switch_to_asm+0x40/0x70 [ 538.652440] ? __schedule+0x884/0x1df0 [ 538.656357] ? p9pdu_readf+0xb78/0x2170 [ 538.660355] ? __switch_to_asm+0x40/0x70 [ 538.664477] ? __sched_text_start+0x8/0x8 [ 538.668647] ? p9pdu_writef+0xe0/0xe0 [ 538.672474] ? __schedule+0x884/0x1df0 [ 538.676471] ? check_same_owner+0x340/0x340 [ 538.680853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 538.686446] __should_failslab+0x124/0x180 [ 538.690724] should_failslab+0x9/0x14 [ 538.694556] __kmalloc+0x2b2/0x720 [ 538.698137] ? memcpy+0x45/0x50 [ 538.701447] ? p9pdu_readf+0x526/0x2170 [ 538.705457] p9pdu_readf+0x526/0x2170 [ 538.709298] ? p9pdu_writef+0xe0/0xe0 [ 538.713132] ? ksys_dup3+0x690/0x690 [ 538.716864] ? kasan_check_read+0x11/0x20 [ 538.721045] ? rcu_is_watching+0x8c/0x150 [ 538.725228] ? trace_hardirqs_on+0xbd/0x2c0 [ 538.729574] ? rcu_pm_notify+0xc0/0xc0 [ 538.733505] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.738541] ? kfree+0x111/0x210 [ 538.741927] ? lockdep_hardirqs_on+0x421/0x5c0 [ 538.746558] ? p9_fd_show_options+0x1c0/0x1c0 [ 538.751100] p9_client_create+0xd1f/0x159b [ 538.755386] ? p9_client_read+0xbf0/0xbf0 [ 538.759581] ? __kmalloc_track_caller+0x26e/0x720 [ 538.764461] ? __lockdep_init_map+0x105/0x590 [ 538.769012] ? kasan_check_write+0x14/0x20 [ 538.773283] ? __init_rwsem+0x1cc/0x2a0 [ 538.777295] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 538.782352] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.787402] ? __kmalloc_track_caller+0x590/0x720 [ 538.792271] ? save_stack+0xa9/0xd0 [ 538.795926] ? save_stack+0x43/0xd0 [ 538.799572] ? kasan_kmalloc+0xc4/0xe0 [ 538.803479] ? kmem_cache_alloc_trace+0x152/0x730 [ 538.808360] ? memcpy+0x45/0x50 [ 538.811688] v9fs_session_init+0x21a/0x1a80 [ 538.816049] ? find_held_lock+0x36/0x1c0 [ 538.820167] ? v9fs_show_options+0x7e0/0x7e0 [ 538.824616] ? kmem_cache_alloc_trace+0x275/0x730 [ 538.829493] ? kasan_check_read+0x11/0x20 [ 538.833667] ? rcu_is_watching+0x8c/0x150 [ 538.837833] ? trace_hardirqs_on+0xbd/0x2c0 [ 538.842175] ? rcu_pm_notify+0xc0/0xc0 [ 538.846120] ? v9fs_mount+0x61/0x900 [ 538.849858] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.854903] ? kmem_cache_alloc_trace+0x324/0x730 [ 538.859804] v9fs_mount+0x7c/0x900 [ 538.863375] ? alloc_pages_current+0x114/0x210 [ 538.867997] mount_fs+0xae/0x328 [ 538.871407] vfs_kern_mount.part.33+0xdc/0x4e0 [ 538.876036] ? may_umount+0xb0/0xb0 [ 538.879694] ? _raw_read_unlock+0x22/0x30 [ 538.883872] ? __get_fs_type+0x97/0xc0 [ 538.887817] do_mount+0x581/0x30e0 [ 538.891375] ? kmem_cache_alloc_trace+0x275/0x730 [ 538.896265] ? copy_mount_string+0x40/0x40 [ 538.900547] ? copy_mount_options+0x5f/0x380 [ 538.904985] ? rcu_read_lock_sched_held+0x108/0x120 [ 538.910034] ? kmem_cache_alloc_trace+0x324/0x730 [ 538.914918] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 538.920489] ? _copy_from_user+0xdf/0x150 [ 538.924675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 538.930256] ? copy_mount_options+0x285/0x380 [ 538.934793] ksys_mount+0x12d/0x140 [ 538.938450] __x64_sys_mount+0xbe/0x150 [ 538.942456] do_syscall_64+0x1b9/0x820 [ 538.946367] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 538.951771] ? syscall_return_slowpath+0x5e0/0x5e0 [ 538.956741] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 538.961790] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 538.966827] ? recalc_sigpending_tsk+0x180/0x180 [ 538.971610] ? kasan_check_write+0x14/0x20 [ 538.975884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 538.980779] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 538.985992] RIP: 0033:0x457089 [ 538.989231] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:47 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x14100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 539.008161] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 539.015932] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 539.023246] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 539.030543] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 539.037841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 539.045146] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000017 02:39:48 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x800000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:48 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffffffff0700, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 539.168515] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:48 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x97ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:48 executing program 1 (fault-call:7 fault-nth:24): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 539.248139] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:48 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xf0ffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:48 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000000000300", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 539.552527] FAULT_INJECTION: forcing a failure. [ 539.552527] name failslab, interval 1, probability 0, space 0, times 0 [ 539.563976] CPU: 0 PID: 29156 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 539.571057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.580526] Call Trace: [ 539.583184] dump_stack+0x1c9/0x2b4 [ 539.586910] ? dump_stack_print_info.cold.2+0x52/0x52 [ 539.592174] ? perf_trace_lock+0x49d/0x920 [ 539.596468] should_fail.cold.4+0xa/0x11 [ 539.600571] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 539.605703] ? p9_client_create+0xe75/0x159b [ 539.610132] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 539.615267] ? __kasan_slab_free+0x131/0x170 [ 539.619752] ? p9_client_create+0xe75/0x159b [ 539.624298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 539.629929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 539.635574] ? find_held_lock+0x36/0x1c0 [ 539.639805] ? check_same_owner+0x340/0x340 [ 539.644223] ? rcu_note_context_switch+0x680/0x680 [ 539.649451] ? kasan_check_write+0x14/0x20 [ 539.653762] __should_failslab+0x124/0x180 [ 539.658083] should_failslab+0x9/0x14 [ 539.662016] __kmalloc_track_caller+0x2ae/0x720 [ 539.666870] ? save_stack+0xa9/0xd0 [ 539.670558] ? save_stack+0x43/0xd0 [ 539.674231] ? kasan_kmalloc+0xc4/0xe0 [ 539.678167] ? kmem_cache_alloc_trace+0x152/0x730 [ 539.683078] ? v9fs_session_init+0x501/0x1a80 [ 539.687614] kstrdup+0x39/0x70 [ 539.690831] v9fs_session_init+0x501/0x1a80 [ 539.695379] ? v9fs_show_options+0x7e0/0x7e0 [ 539.700249] ? kmem_cache_alloc_trace+0x275/0x730 [ 539.705145] ? kasan_check_read+0x11/0x20 [ 539.709461] ? rcu_is_watching+0x8c/0x150 [ 539.713633] ? trace_hardirqs_on+0xbd/0x2c0 [ 539.717991] ? rcu_pm_notify+0xc0/0xc0 [ 539.721929] ? v9fs_mount+0x61/0x900 [ 539.725723] ? rcu_read_lock_sched_held+0x108/0x120 [ 539.730762] ? kmem_cache_alloc_trace+0x324/0x730 [ 539.735724] v9fs_mount+0x7c/0x900 [ 539.739297] ? alloc_pages_current+0x114/0x210 [ 539.743926] mount_fs+0xae/0x328 [ 539.747316] vfs_kern_mount.part.33+0xdc/0x4e0 [ 539.751918] ? may_umount+0xb0/0xb0 [ 539.755558] ? _raw_read_unlock+0x22/0x30 [ 539.759752] ? __get_fs_type+0x97/0xc0 [ 539.763682] do_mount+0x581/0x30e0 [ 539.767256] ? kmem_cache_alloc_trace+0x275/0x730 [ 539.772343] ? copy_mount_string+0x40/0x40 [ 539.776610] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 539.781468] ? retint_kernel+0x10/0x10 [ 539.785385] ? copy_mount_options+0x1a1/0x380 [ 539.790041] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 539.794921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 539.800593] ? copy_mount_options+0x285/0x380 [ 539.805117] ksys_mount+0x12d/0x140 [ 539.808762] __x64_sys_mount+0xbe/0x150 [ 539.812754] do_syscall_64+0x1b9/0x820 [ 539.816671] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 539.822088] ? syscall_return_slowpath+0x5e0/0x5e0 [ 539.827063] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 539.832133] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 539.837184] ? recalc_sigpending_tsk+0x180/0x180 [ 539.842001] ? kasan_check_write+0x14/0x20 [ 539.846301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 539.851430] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 539.856635] RIP: 0033:0x457089 [ 539.859858] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 539.878812] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 539.886586] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 539.893905] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 02:39:48 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xc00e}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:48 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:48 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000300", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:48 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfa40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:48 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xf000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:48 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000005cdd0100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:48 executing program 1 (fault-call:7 fault-nth:25): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x17, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8848, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:49 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 539.901253] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 539.908589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 539.915992] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000018 [ 540.018760] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:49 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000000000000000200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 540.230136] FAULT_INJECTION: forcing a failure. [ 540.230136] name failslab, interval 1, probability 0, space 0, times 0 [ 540.241660] CPU: 1 PID: 29196 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 540.248707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.258355] Call Trace: [ 540.261000] dump_stack+0x1c9/0x2b4 [ 540.264682] ? dump_stack_print_info.cold.2+0x52/0x52 [ 540.270062] ? perf_trace_lock+0xde/0x920 [ 540.274292] should_fail.cold.4+0xa/0x11 [ 540.278408] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 540.283564] ? save_stack+0x43/0xd0 [ 540.287271] ? kasan_kmalloc+0xc4/0xe0 [ 540.291307] ? __kmalloc_track_caller+0x14a/0x720 [ 540.296182] ? kstrdup+0x39/0x70 [ 540.299616] ? v9fs_session_init+0x501/0x1a80 [ 540.304142] ? v9fs_mount+0x7c/0x900 [ 540.307896] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 540.312691] ? do_mount+0x581/0x30e0 [ 540.316448] ? __x64_sys_mount+0xbe/0x150 [ 540.320634] ? do_syscall_64+0x1b9/0x820 [ 540.324749] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 540.330172] ? p9_client_create+0x35f/0x159b [ 540.334662] ? find_held_lock+0x36/0x1c0 [ 540.338885] ? check_same_owner+0x340/0x340 [ 540.343263] ? trace_hardirqs_on+0xbd/0x2c0 [ 540.347630] ? rcu_note_context_switch+0x680/0x680 [ 540.352635] __should_failslab+0x124/0x180 [ 540.356914] should_failslab+0x9/0x14 [ 540.360762] __kmalloc+0x2b2/0x720 [ 540.364358] ? match_strdup+0x5e/0xa0 [ 540.368241] match_strdup+0x5e/0xa0 [ 540.371916] v9fs_session_init+0x797/0x1a80 [ 540.376316] ? v9fs_show_options+0x7e0/0x7e0 [ 540.380788] ? kmem_cache_alloc_trace+0x275/0x730 [ 540.385682] ? rcu_is_watching+0x8c/0x150 [ 540.389871] ? trace_hardirqs_on+0xbd/0x2c0 [ 540.394268] ? rcu_pm_notify+0xc0/0xc0 [ 540.398239] ? v9fs_mount+0x61/0x900 [ 540.401999] ? rcu_read_lock_sched_held+0x108/0x120 [ 540.407084] v9fs_mount+0x7c/0x900 [ 540.410662] ? alloc_pages_current+0x114/0x210 [ 540.415406] mount_fs+0xae/0x328 [ 540.418825] vfs_kern_mount.part.33+0xdc/0x4e0 [ 540.423461] ? may_umount+0xb0/0xb0 [ 540.427128] ? _raw_read_unlock+0x22/0x30 [ 540.431331] ? __get_fs_type+0x97/0xc0 [ 540.435535] do_mount+0x581/0x30e0 [ 540.439120] ? kmem_cache_alloc_trace+0x275/0x730 [ 540.444014] ? copy_mount_string+0x40/0x40 [ 540.448446] ? copy_mount_options+0x5f/0x380 [ 540.452899] ? rcu_read_lock_sched_held+0x108/0x120 [ 540.457956] ? kmem_cache_alloc_trace+0x324/0x730 [ 540.462845] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 540.468421] ? _copy_from_user+0xdf/0x150 [ 540.472634] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 540.478234] ? copy_mount_options+0x285/0x380 [ 540.482800] ksys_mount+0x12d/0x140 [ 540.486464] __x64_sys_mount+0xbe/0x150 [ 540.490482] do_syscall_64+0x1b9/0x820 [ 540.494404] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 540.499809] ? syscall_return_slowpath+0x5e0/0x5e0 [ 540.504781] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 540.509839] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 540.514892] ? recalc_sigpending_tsk+0x180/0x180 [ 540.519687] ? kasan_check_write+0x14/0x20 [ 540.524013] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 540.528912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 540.534137] RIP: 0033:0x457089 [ 540.537520] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 540.557053] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 540.565025] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 540.572588] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 02:39:49 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 540.579971] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 540.587286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 540.595172] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000019 02:39:49 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8100, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:49 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x43410100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 540.737692] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 540.871973] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:49 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xffffffff00000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x15000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1500000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xfffffffffffff000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:49 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:49 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x45410100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:49 executing program 1 (fault-call:7 fault-nth:26): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 540.919286] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 540.998828] FAULT_INJECTION: forcing a failure. [ 540.998828] name failslab, interval 1, probability 0, space 0, times 0 [ 541.010302] CPU: 0 PID: 29246 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 541.017362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.026746] Call Trace: [ 541.029381] dump_stack+0x1c9/0x2b4 [ 541.033057] ? dump_stack_print_info.cold.2+0x52/0x52 [ 541.034830] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 541.038300] ? perf_trace_lock+0x49d/0x920 [ 541.038344] should_fail.cold.4+0xa/0x11 [ 541.054648] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 541.059783] ? p9_client_create+0xe75/0x159b [ 541.064253] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 541.069398] ? __kasan_slab_free+0x131/0x170 [ 541.073844] ? p9_client_create+0xe75/0x159b [ 541.078290] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.083932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.089512] ? find_held_lock+0x36/0x1c0 [ 541.093650] ? check_same_owner+0x340/0x340 [ 541.098008] ? rcu_note_context_switch+0x680/0x680 [ 541.102973] ? kasan_check_write+0x14/0x20 [ 541.107278] __should_failslab+0x124/0x180 [ 541.111545] should_failslab+0x9/0x14 [ 541.115377] __kmalloc_track_caller+0x2ae/0x720 [ 541.120074] ? save_stack+0xa9/0xd0 [ 541.123729] ? save_stack+0x43/0xd0 [ 541.127381] ? kasan_kmalloc+0xc4/0xe0 [ 541.131293] ? kmem_cache_alloc_trace+0x152/0x730 [ 541.136165] ? v9fs_session_init+0x501/0x1a80 [ 541.140729] kstrdup+0x39/0x70 [ 541.143960] v9fs_session_init+0x501/0x1a80 [ 541.148344] ? v9fs_show_options+0x7e0/0x7e0 [ 541.152782] ? kmem_cache_alloc_trace+0x275/0x730 [ 541.157662] ? kasan_check_read+0x11/0x20 [ 541.161844] ? rcu_is_watching+0x8c/0x150 [ 541.166023] ? trace_hardirqs_on+0xbd/0x2c0 [ 541.170386] ? rcu_pm_notify+0xc0/0xc0 [ 541.174327] ? v9fs_mount+0x61/0x900 [ 541.178081] ? rcu_read_lock_sched_held+0x108/0x120 [ 541.183138] ? kmem_cache_alloc_trace+0x324/0x730 [ 541.188130] v9fs_mount+0x7c/0x900 [ 541.191710] ? alloc_pages_current+0x114/0x210 [ 541.196341] mount_fs+0xae/0x328 [ 541.199753] vfs_kern_mount.part.33+0xdc/0x4e0 [ 541.204456] ? may_umount+0xb0/0xb0 [ 541.208239] ? _raw_read_unlock+0x22/0x30 [ 541.212424] ? __get_fs_type+0x97/0xc0 [ 541.216354] do_mount+0x581/0x30e0 [ 541.219925] ? kmem_cache_alloc_trace+0x275/0x730 [ 541.224818] ? copy_mount_string+0x40/0x40 [ 541.229111] ? copy_mount_options+0x5f/0x380 [ 541.233554] ? rcu_read_lock_sched_held+0x108/0x120 [ 541.238606] ? kmem_cache_alloc_trace+0x324/0x730 [ 541.243764] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 541.249350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.254920] ? copy_mount_options+0x285/0x380 [ 541.259462] ksys_mount+0x12d/0x140 [ 541.263273] __x64_sys_mount+0xbe/0x150 [ 541.267291] do_syscall_64+0x1b9/0x820 [ 541.271245] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 541.276649] ? syscall_return_slowpath+0x5e0/0x5e0 [ 541.281625] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 541.286675] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 541.291723] ? recalc_sigpending_tsk+0x180/0x180 [ 541.297174] ? kasan_check_write+0x14/0x20 [ 541.301497] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 541.306389] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 541.311609] RIP: 0033:0x457089 [ 541.314832] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 541.333771] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 541.341528] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:50 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000490c0200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 541.348841] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 541.356335] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 541.363635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 541.370929] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001a 02:39:50 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x5800000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:50 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfeffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:50 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000006ef00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:50 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:50 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x200000000000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:50 executing program 1 (fault-call:7 fault-nth:27): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 541.561520] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8f4, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 541.682648] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 541.706678] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 541.734710] FAULT_INJECTION: forcing a failure. [ 541.734710] name failslab, interval 1, probability 0, space 0, times 0 [ 541.746173] CPU: 0 PID: 29304 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 541.753273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.762867] Call Trace: [ 541.765509] dump_stack+0x1c9/0x2b4 [ 541.769222] ? dump_stack_print_info.cold.2+0x52/0x52 [ 541.774469] ? radix_tree_clear_tags+0xc0/0xc0 [ 541.779124] should_fail.cold.4+0xa/0x11 [ 541.783286] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 541.788451] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 541.793354] ? zap_class+0x740/0x740 [ 541.797131] ? __radix_tree_replace+0x1fc/0x360 [ 541.801856] ? graph_lock+0x170/0x170 [ 541.805723] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 541.811393] ? node_tag_clear+0xc0/0x1c0 [ 541.815562] ? check_same_owner+0x340/0x340 [ 541.819945] ? rcu_note_context_switch+0x680/0x680 [ 541.824924] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 541.830086] __should_failslab+0x124/0x180 [ 541.834379] should_failslab+0x9/0x14 [ 541.838270] __kmalloc+0x2b2/0x720 [ 541.842050] ? idr_alloc_u32+0x3f0/0x3f0 [ 541.846172] ? do_raw_spin_lock+0xc1/0x200 [ 541.850497] ? p9_fcall_alloc+0x1e/0x90 [ 541.854557] p9_fcall_alloc+0x1e/0x90 [ 541.858416] p9_client_prepare_req.part.9+0x862/0xba0 [ 541.863659] ? idr_get_free+0xbfc/0x10c0 [ 541.867826] ? p9_free_req.isra.8+0x140/0x140 [ 541.872386] ? perf_trace_lock+0x49d/0x920 [ 541.876793] ? radix_tree_clear_tags+0xc0/0xc0 [ 541.881465] p9_client_rpc+0x1c2/0x1400 [ 541.885529] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 541.891026] ? find_held_lock+0x36/0x1c0 [ 541.895171] ? find_held_lock+0x36/0x1c0 [ 541.899396] ? _raw_spin_unlock_irq+0x27/0x70 [ 541.903948] ? _raw_spin_unlock_irq+0x27/0x70 [ 541.908490] ? lockdep_hardirqs_on+0x421/0x5c0 [ 541.913124] ? trace_hardirqs_on+0xbd/0x2c0 [ 541.917497] ? kasan_check_read+0x11/0x20 [ 541.921698] ? p9_fid_create+0x1e2/0x280 [ 541.925809] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 541.930962] ? kasan_check_write+0x14/0x20 [ 541.935323] ? do_raw_spin_lock+0xc1/0x200 [ 541.939614] p9_client_attach+0x18c/0x7c0 [ 541.943807] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 541.948955] ? p9_client_walk+0xaa0/0xaa0 [ 541.953146] ? lockdep_hardirqs_on+0x421/0x5c0 [ 541.957821] ? trace_hardirqs_on+0xbd/0x2c0 [ 541.962181] ? v9fs_session_init+0xd5b/0x1a80 [ 541.966760] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 541.971916] ? __kasan_slab_free+0x131/0x170 [ 541.976384] v9fs_session_init+0xf62/0x1a80 [ 541.980747] ? v9fs_session_init+0xf62/0x1a80 [ 541.985443] ? v9fs_show_options+0x7e0/0x7e0 [ 541.989895] ? kmem_cache_alloc_trace+0x275/0x730 [ 541.994785] ? rcu_is_watching+0x8c/0x150 [ 541.999088] ? trace_hardirqs_on+0xbd/0x2c0 [ 542.003454] ? rcu_pm_notify+0xc0/0xc0 [ 542.007401] ? v9fs_mount+0x61/0x900 [ 542.011163] ? rcu_read_lock_sched_held+0x108/0x120 [ 542.016297] v9fs_mount+0x7c/0x900 [ 542.019970] ? alloc_pages_current+0x114/0x210 [ 542.024611] mount_fs+0xae/0x328 [ 542.028032] vfs_kern_mount.part.33+0xdc/0x4e0 [ 542.032664] ? may_umount+0xb0/0xb0 02:39:50 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x1000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:50 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1700, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2000000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:50 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:50 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x7000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:50 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\a\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:51 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x86ddffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 542.036339] ? _raw_read_unlock+0x22/0x30 [ 542.040533] ? __get_fs_type+0x97/0xc0 [ 542.044475] do_mount+0x581/0x30e0 [ 542.048260] ? kmem_cache_alloc_trace+0x275/0x730 [ 542.053347] ? copy_mount_string+0x40/0x40 [ 542.057926] ? copy_mount_options+0x5f/0x380 [ 542.062726] ? rcu_read_lock_sched_held+0x108/0x120 [ 542.067809] ? kmem_cache_alloc_trace+0x324/0x730 [ 542.072705] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 542.078295] ? _copy_from_user+0xdf/0x150 [ 542.082526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.088119] ? copy_mount_options+0x285/0x380 [ 542.092680] ksys_mount+0x12d/0x140 [ 542.096360] __x64_sys_mount+0xbe/0x150 [ 542.100393] do_syscall_64+0x1b9/0x820 [ 542.104323] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 542.109731] ? syscall_return_slowpath+0x5e0/0x5e0 [ 542.114711] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 542.118591] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 542.119770] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 542.119790] ? recalc_sigpending_tsk+0x180/0x180 [ 542.119812] ? kasan_check_write+0x14/0x20 [ 542.119842] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.146718] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.151953] RIP: 0033:0x457089 [ 542.155228] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.174271] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 542.182036] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 542.189360] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 542.196754] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 542.204061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 542.211376] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001b [ 542.225698] 9pnet: Couldn't grow tag array 02:39:51 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:51 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf408000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:51 executing program 1 (fault-call:7 fault-nth:28): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:51 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x2000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:51 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:51 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1500, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 542.456345] FAULT_INJECTION: forcing a failure. [ 542.456345] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 542.468264] CPU: 0 PID: 29365 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 542.472486] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 542.475312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.475324] Call Trace: [ 542.475356] dump_stack+0x1c9/0x2b4 [ 542.475389] ? dump_stack_print_info.cold.2+0x52/0x52 [ 542.475422] ? radix_tree_node_alloc.constprop.19+0x1bf/0x310 [ 542.510228] should_fail.cold.4+0xa/0x11 [ 542.514342] ? radix_tree_extend+0x53c/0x650 [ 542.518799] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 542.523941] ? radix_tree_node_alloc.constprop.19+0x310/0x310 [ 542.529870] ? perf_tp_event+0x91b/0xc40 [ 542.533993] ? perf_trace_run_bpf_submit+0x269/0x3b0 [ 542.539144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.544841] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 542.550426] ? delete_node+0x311/0xce0 [ 542.554359] ? perf_trace_run_bpf_submit+0x269/0x3b0 [ 542.559507] ? perf_trace_run_bpf_submit+0x270/0x3b0 [ 542.564668] ? perf_tp_event+0xc40/0xc40 [ 542.568779] ? radix_tree_clear_tags+0xc0/0xc0 [ 542.573409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.578993] ? replace_slot+0x153/0x500 [ 542.583020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.588606] ? should_fail+0x246/0xd86 [ 542.594115] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 542.599297] __alloc_pages_nodemask+0x365/0xd10 [ 542.604011] ? zap_class+0x740/0x740 [ 542.607776] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 542.612837] ? graph_lock+0x170/0x170 [ 542.616680] ? node_tag_clear+0xc0/0x1c0 [ 542.620832] ? trace_hardirqs_off+0xb8/0x2b0 [ 542.625297] cache_grow_begin+0x91/0x710 [ 542.629422] __kmalloc+0x641/0x720 [ 542.633005] ? idr_alloc_u32+0x3f0/0x3f0 [ 542.637121] ? p9_fcall_alloc+0x1e/0x90 [ 542.641143] p9_fcall_alloc+0x1e/0x90 [ 542.644988] p9_client_prepare_req.part.9+0x862/0xba0 [ 542.650264] ? idr_get_free+0xbfc/0x10c0 [ 542.654385] ? p9_free_req.isra.8+0x140/0x140 [ 542.658934] ? perf_trace_lock+0x49d/0x920 [ 542.663254] ? radix_tree_clear_tags+0xc0/0xc0 [ 542.667906] p9_client_rpc+0x1c2/0x1400 [ 542.671943] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 542.677350] ? find_held_lock+0x36/0x1c0 [ 542.681478] ? find_held_lock+0x36/0x1c0 [ 542.685625] ? _raw_spin_unlock_irq+0x27/0x70 [ 542.690163] ? _raw_spin_unlock_irq+0x27/0x70 [ 542.694740] ? lockdep_hardirqs_on+0x421/0x5c0 [ 542.699370] ? trace_hardirqs_on+0xbd/0x2c0 [ 542.703733] ? kasan_check_read+0x11/0x20 [ 542.707925] ? p9_fid_create+0x1e2/0x280 [ 542.712029] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 542.717183] ? kasan_check_write+0x14/0x20 [ 542.721500] ? do_raw_spin_lock+0xc1/0x200 [ 542.725798] p9_client_attach+0x18c/0x7c0 [ 542.729996] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 542.735148] ? p9_client_walk+0xaa0/0xaa0 [ 542.739632] ? lockdep_hardirqs_on+0x421/0x5c0 [ 542.744270] ? trace_hardirqs_on+0xbd/0x2c0 [ 542.748631] ? v9fs_session_init+0xd5b/0x1a80 02:39:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4080000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x14102, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 542.753165] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 542.758359] ? __kasan_slab_free+0x131/0x170 [ 542.762822] v9fs_session_init+0xf62/0x1a80 [ 542.767224] ? v9fs_session_init+0xf62/0x1a80 [ 542.771794] ? v9fs_show_options+0x7e0/0x7e0 [ 542.776267] ? kmem_cache_alloc_trace+0x275/0x730 [ 542.781158] ? rcu_is_watching+0x8c/0x150 [ 542.785378] ? trace_hardirqs_on+0xbd/0x2c0 [ 542.789740] ? rcu_pm_notify+0xc0/0xc0 [ 542.793700] ? v9fs_mount+0x61/0x900 [ 542.797457] ? rcu_read_lock_sched_held+0x108/0x120 [ 542.802533] v9fs_mount+0x7c/0x900 [ 542.806116] ? alloc_pages_current+0x114/0x210 [ 542.810766] mount_fs+0xae/0x328 [ 542.814226] vfs_kern_mount.part.33+0xdc/0x4e0 [ 542.818861] ? may_umount+0xb0/0xb0 [ 542.821821] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 542.822610] ? _raw_read_unlock+0x22/0x30 [ 542.822633] ? __get_fs_type+0x97/0xc0 [ 542.822666] do_mount+0x581/0x30e0 [ 542.822696] ? copy_mount_string+0x40/0x40 [ 542.846396] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 542.851282] ? retint_kernel+0x10/0x10 [ 542.855259] ? copy_mount_options+0x1f0/0x380 [ 542.859794] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 542.864676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.870268] ? copy_mount_options+0x285/0x380 [ 542.874805] ksys_mount+0x12d/0x140 [ 542.878483] __x64_sys_mount+0xbe/0x150 [ 542.882499] do_syscall_64+0x1b9/0x820 [ 542.886423] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 542.891825] ? syscall_return_slowpath+0x5e0/0x5e0 [ 542.896790] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 542.901846] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 542.906917] ? recalc_sigpending_tsk+0x180/0x180 [ 542.911708] ? kasan_check_write+0x14/0x20 [ 542.915997] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.920901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.926121] RIP: 0033:0x457089 [ 542.929348] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.948395] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 542.956160] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 542.963505] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 542.971405] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 542.978714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 542.986026] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001c 02:39:52 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0xcc200000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:52 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000000000000000200", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfdffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x87ffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8060000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:52 executing program 1 (fault-call:7 fault-nth:29): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x17000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000000020c4900", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 543.174486] FAULT_INJECTION: forcing a failure. [ 543.174486] name failslab, interval 1, probability 0, space 0, times 0 [ 543.185950] CPU: 0 PID: 29411 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 543.193154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.202589] Call Trace: [ 543.205361] dump_stack+0x1c9/0x2b4 [ 543.209051] ? dump_stack_print_info.cold.2+0x52/0x52 [ 543.214562] ? __kernel_text_address+0xd/0x40 [ 543.219125] ? unwind_get_return_address+0x61/0xa0 [ 543.224120] should_fail.cold.4+0xa/0x11 [ 543.228279] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 543.233443] ? save_stack+0xa9/0xd0 [ 543.237273] ? save_stack+0x43/0xd0 [ 543.240939] ? kasan_kmalloc+0xc4/0xe0 [ 543.244867] ? __kmalloc+0x14e/0x720 [ 543.248623] ? p9_fcall_alloc+0x1e/0x90 [ 543.252728] ? p9_client_prepare_req.part.9+0x862/0xba0 [ 543.258252] ? p9_client_rpc+0x1c2/0x1400 [ 543.262456] ? v9fs_session_init+0xf62/0x1a80 [ 543.266999] ? v9fs_mount+0x7c/0x900 [ 543.270765] ? mount_fs+0xae/0x328 [ 543.274352] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 543.279166] ? do_mount+0x581/0x30e0 [ 543.282975] ? ksys_mount+0x12d/0x140 [ 543.286823] ? __x64_sys_mount+0xbe/0x150 [ 543.291106] ? do_syscall_64+0x1b9/0x820 [ 543.295248] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 543.300690] ? lock_downgrade+0x8f0/0x8f0 [ 543.304913] ? __kmalloc+0x272/0x720 [ 543.308685] ? check_same_owner+0x340/0x340 [ 543.313053] ? trace_hardirqs_on+0xbd/0x2c0 [ 543.317435] ? rcu_note_context_switch+0x680/0x680 02:39:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xbd400100, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:52 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xf0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 543.322434] __should_failslab+0x124/0x180 [ 543.326726] should_failslab+0x9/0x14 [ 543.330577] __kmalloc+0x2b2/0x720 [ 543.334166] ? idr_alloc_u32+0x3f0/0x3f0 [ 543.338320] ? p9_fcall_alloc+0x1e/0x90 [ 543.342353] p9_fcall_alloc+0x1e/0x90 [ 543.346239] p9_client_prepare_req.part.9+0x7eb/0xba0 [ 543.351481] ? idr_get_free+0xbfc/0x10c0 [ 543.355604] ? p9_free_req.isra.8+0x140/0x140 [ 543.360149] ? perf_trace_lock+0x49d/0x920 [ 543.364472] ? radix_tree_clear_tags+0xc0/0xc0 [ 543.369125] p9_client_rpc+0x1c2/0x1400 [ 543.373169] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 543.378733] ? find_held_lock+0x36/0x1c0 [ 543.382861] ? find_held_lock+0x36/0x1c0 [ 543.386999] ? _raw_spin_unlock_irq+0x27/0x70 [ 543.391544] ? _raw_spin_unlock_irq+0x27/0x70 [ 543.396089] ? lockdep_hardirqs_on+0x421/0x5c0 [ 543.400853] ? trace_hardirqs_on+0xbd/0x2c0 [ 543.405254] ? kasan_check_read+0x11/0x20 [ 543.409449] ? p9_fid_create+0x1e2/0x280 [ 543.413560] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 543.418716] ? kasan_check_write+0x14/0x20 02:39:52 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c7465720000000000000000007fffffff00", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 543.423001] ? do_raw_spin_lock+0xc1/0x200 [ 543.427472] p9_client_attach+0x18c/0x7c0 [ 543.431667] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 543.436824] ? p9_client_walk+0xaa0/0xaa0 [ 543.441028] ? lockdep_hardirqs_on+0x421/0x5c0 [ 543.445791] ? trace_hardirqs_on+0xbd/0x2c0 [ 543.450158] ? v9fs_session_init+0xd5b/0x1a80 [ 543.454725] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 543.459885] ? __kasan_slab_free+0x131/0x170 [ 543.464355] v9fs_session_init+0xf62/0x1a80 [ 543.468721] ? v9fs_session_init+0xf62/0x1a80 02:39:52 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x689, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfc40010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 543.473302] ? v9fs_show_options+0x7e0/0x7e0 [ 543.477765] ? kmem_cache_alloc_trace+0x275/0x730 [ 543.482659] ? rcu_is_watching+0x8c/0x150 [ 543.486935] ? trace_hardirqs_on+0xbd/0x2c0 [ 543.491295] ? rcu_pm_notify+0xc0/0xc0 [ 543.495291] ? v9fs_mount+0x61/0x900 [ 543.499062] ? rcu_read_lock_sched_held+0x108/0x120 [ 543.504145] v9fs_mount+0x7c/0x900 [ 543.507766] ? alloc_pages_current+0x114/0x210 [ 543.512624] mount_fs+0xae/0x328 [ 543.516149] vfs_kern_mount.part.33+0xdc/0x4e0 [ 543.520837] ? may_umount+0xb0/0xb0 [ 543.524629] ? _raw_read_unlock+0x22/0x30 [ 543.528952] ? __get_fs_type+0x97/0xc0 [ 543.532981] do_mount+0x581/0x30e0 [ 543.536580] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 543.542090] ? copy_mount_string+0x40/0x40 [ 543.546696] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 543.551516] ? retint_kernel+0x10/0x10 [ 543.555468] ? copy_mount_options+0x1f0/0x380 [ 543.560005] ? copy_mount_options+0x1fa/0x380 [ 543.564550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 543.570134] ? copy_mount_options+0x285/0x380 [ 543.574687] ksys_mount+0x12d/0x140 [ 543.578383] __x64_sys_mount+0xbe/0x150 [ 543.582415] do_syscall_64+0x1b9/0x820 [ 543.586360] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 543.591785] ? syscall_return_slowpath+0x5e0/0x5e0 [ 543.596794] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 543.601955] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 543.607019] ? recalc_sigpending_tsk+0x180/0x180 [ 543.611961] ? kasan_check_write+0x14/0x20 [ 543.616292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 543.621249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 543.626507] RIP: 0033:0x457089 [ 543.629736] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 543.637729] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 543.648766] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 543.648788] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 02:39:52 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88a8ffff00000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 543.648798] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 543.648808] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 543.648819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 543.648830] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001d [ 543.649592] 9pnet: Couldn't grow tag array [ 543.705382] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 543.802271] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:53 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216, 0x40000000}, {&(0x7f00000003c0)=""/217}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:53 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1900, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 1 (fault-call:7 fault-nth:30): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf4080000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000009000", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:53 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88a8ffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140ff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x140fa, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x15, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x800e0000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 544.613650] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 544.622568] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:53 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:53 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00?\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 544.776890] FAULT_INJECTION: forcing a failure. [ 544.776890] name failslab, interval 1, probability 0, space 0, times 0 [ 544.788428] CPU: 1 PID: 29514 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 544.795484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.805045] Call Trace: [ 544.807683] dump_stack+0x1c9/0x2b4 [ 544.811362] ? dump_stack_print_info.cold.2+0x52/0x52 [ 544.816596] ? __kernel_text_address+0xd/0x40 [ 544.821149] ? unwind_get_return_address+0x61/0xa0 02:39:53 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x88640000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:53 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000001100", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 544.826167] should_fail.cold.4+0xa/0x11 [ 544.830332] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 544.835477] ? save_stack+0xa9/0xd0 [ 544.839145] ? save_stack+0x43/0xd0 [ 544.843044] ? kasan_kmalloc+0xc4/0xe0 [ 544.846979] ? __kmalloc+0x14e/0x720 [ 544.850749] ? p9_fcall_alloc+0x1e/0x90 [ 544.855128] ? p9_client_prepare_req.part.9+0x862/0xba0 [ 544.860729] ? p9_client_rpc+0x1c2/0x1400 [ 544.864929] ? v9fs_session_init+0xf62/0x1a80 [ 544.869463] ? v9fs_mount+0x7c/0x900 [ 544.873247] ? mount_fs+0xae/0x328 [ 544.876831] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 544.881615] ? do_mount+0x581/0x30e0 [ 544.885358] ? ksys_mount+0x12d/0x140 [ 544.889229] ? __x64_sys_mount+0xbe/0x150 [ 544.893504] ? do_syscall_64+0x1b9/0x820 [ 544.897733] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.903150] ? lock_downgrade+0x8f0/0x8f0 [ 544.907492] ? __kmalloc+0x272/0x720 [ 544.911273] ? check_same_owner+0x340/0x340 [ 544.915626] ? trace_hardirqs_on+0xbd/0x2c0 [ 544.919988] ? rcu_note_context_switch+0x680/0x680 [ 544.924965] __should_failslab+0x124/0x180 [ 544.929269] should_failslab+0x9/0x14 [ 544.933100] __kmalloc+0x2b2/0x720 [ 544.936678] ? idr_alloc_u32+0x3f0/0x3f0 [ 544.940789] ? p9_fcall_alloc+0x1e/0x90 [ 544.944812] p9_fcall_alloc+0x1e/0x90 [ 544.948766] p9_client_prepare_req.part.9+0x7eb/0xba0 [ 544.953987] ? idr_get_free+0xbfc/0x10c0 [ 544.958100] ? p9_free_req.isra.8+0x140/0x140 [ 544.962721] ? perf_trace_lock+0xde/0x920 [ 544.966891] ? radix_tree_clear_tags+0xc0/0xc0 [ 544.971501] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 544.977061] ? replace_slot+0x153/0x500 [ 544.981080] p9_client_rpc+0x1c2/0x1400 [ 544.985091] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 544.990485] ? find_held_lock+0x36/0x1c0 [ 544.994587] ? find_held_lock+0x36/0x1c0 [ 544.998694] ? _raw_spin_unlock_irq+0x27/0x70 [ 545.003246] ? _raw_spin_unlock_irq+0x27/0x70 [ 545.007910] ? lockdep_hardirqs_on+0x421/0x5c0 [ 545.012520] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.016862] ? kasan_check_read+0x11/0x20 [ 545.021032] ? p9_fid_create+0x1e2/0x280 [ 545.025119] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 545.030264] ? kasan_check_write+0x14/0x20 [ 545.034524] ? do_raw_spin_lock+0xc1/0x200 [ 545.038972] p9_client_attach+0x18c/0x7c0 [ 545.043168] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 545.048354] ? p9_client_walk+0xaa0/0xaa0 [ 545.052532] ? lockdep_hardirqs_on+0x421/0x5c0 [ 545.057260] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.061617] ? v9fs_session_init+0xd5b/0x1a80 [ 545.066138] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 545.071276] ? __kasan_slab_free+0x131/0x170 [ 545.075734] v9fs_session_init+0xf62/0x1a80 [ 545.080176] ? v9fs_session_init+0xf62/0x1a80 [ 545.084784] ? v9fs_show_options+0x7e0/0x7e0 [ 545.089253] ? kmem_cache_alloc_trace+0x275/0x730 [ 545.094249] ? rcu_is_watching+0x8c/0x150 [ 545.098428] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.102782] ? rcu_pm_notify+0xc0/0xc0 [ 545.106719] ? v9fs_mount+0x61/0x900 [ 545.110554] ? rcu_read_lock_sched_held+0x108/0x120 [ 545.115631] v9fs_mount+0x7c/0x900 [ 545.119232] ? alloc_pages_current+0x114/0x210 [ 545.123856] mount_fs+0xae/0x328 [ 545.127270] vfs_kern_mount.part.33+0xdc/0x4e0 [ 545.131980] ? may_umount+0xb0/0xb0 [ 545.135646] ? _raw_read_unlock+0x22/0x30 [ 545.139935] ? __get_fs_type+0x97/0xc0 [ 545.143927] do_mount+0x581/0x30e0 [ 545.147496] ? kmem_cache_alloc_trace+0x275/0x730 [ 545.152469] ? copy_mount_string+0x40/0x40 [ 545.156756] ? copy_mount_options+0x5f/0x380 [ 545.161238] ? rcu_read_lock_sched_held+0x108/0x120 [ 545.166284] ? kmem_cache_alloc_trace+0x324/0x730 [ 545.171168] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 545.176766] ? _copy_from_user+0xdf/0x150 [ 545.180952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.186515] ? copy_mount_options+0x285/0x380 [ 545.191155] ksys_mount+0x12d/0x140 [ 545.194844] __x64_sys_mount+0xbe/0x150 [ 545.198851] do_syscall_64+0x1b9/0x820 [ 545.202768] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 545.208161] ? syscall_return_slowpath+0x5e0/0x5e0 [ 545.213153] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 545.218264] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 545.223325] ? recalc_sigpending_tsk+0x180/0x180 [ 545.228117] ? kasan_check_write+0x14/0x20 [ 545.232391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 545.237284] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 545.242499] RIP: 0033:0x457089 [ 545.245723] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 545.264760] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 545.272509] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 545.279822] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 545.287118] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 545.294413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 545.301705] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001e [ 545.309404] 9pnet: Couldn't grow tag array [ 545.381925] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 545.460061] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:54 executing program 1 (fault-call:7 fault-nth:31): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:54 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe4ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:54 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe4ffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:54 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217, 0xffc99a3b}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:54 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x6000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:54 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) 02:39:54 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x14101, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:54 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c7465720000000007fffffe00", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) [ 545.618618] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 545.648356] FAULT_INJECTION: forcing a failure. [ 545.648356] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 545.660274] CPU: 0 PID: 29569 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 545.667327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.676711] Call Trace: [ 545.679344] dump_stack+0x1c9/0x2b4 [ 545.683049] ? dump_stack_print_info.cold.2+0x52/0x52 [ 545.688439] ? radix_tree_node_alloc.constprop.19+0x1bf/0x310 [ 545.694469] should_fail.cold.4+0xa/0x11 [ 545.698912] ? radix_tree_extend+0x53c/0x650 [ 545.703374] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 545.708681] ? radix_tree_node_alloc.constprop.19+0x310/0x310 [ 545.714705] ? perf_tp_event+0x91b/0xc40 [ 545.718931] ? perf_trace_run_bpf_submit+0x269/0x3b0 [ 545.724270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.729857] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 545.735516] ? delete_node+0x311/0xce0 [ 545.739460] ? perf_trace_run_bpf_submit+0x269/0x3b0 [ 545.744771] ? perf_trace_run_bpf_submit+0x270/0x3b0 [ 545.749938] ? perf_tp_event+0xc40/0xc40 [ 545.754048] ? radix_tree_clear_tags+0xc0/0xc0 [ 545.758685] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.764276] ? replace_slot+0x153/0x500 [ 545.768390] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 545.773982] ? should_fail+0x246/0xd86 [ 545.777927] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 545.783098] __alloc_pages_nodemask+0x365/0xd10 [ 545.787990] ? zap_class+0x740/0x740 [ 545.791830] ? __alloc_pages_slowpath+0x2cb0/0x2cb0 [ 545.796892] ? graph_lock+0x170/0x170 [ 545.800739] ? node_tag_clear+0xc0/0x1c0 [ 545.804897] ? trace_hardirqs_off+0xb8/0x2b0 [ 545.809355] cache_grow_begin+0x91/0x710 [ 545.813476] __kmalloc+0x641/0x720 [ 545.817136] ? idr_alloc_u32+0x3f0/0x3f0 [ 545.821278] ? p9_fcall_alloc+0x1e/0x90 [ 545.825311] p9_fcall_alloc+0x1e/0x90 [ 545.829148] p9_client_prepare_req.part.9+0x862/0xba0 [ 545.834404] ? idr_get_free+0xbfc/0x10c0 [ 545.838519] ? p9_free_req.isra.8+0x140/0x140 [ 545.843055] ? perf_trace_lock+0x49d/0x920 [ 545.847324] ? radix_tree_clear_tags+0xc0/0xc0 [ 545.851966] p9_client_rpc+0x1c2/0x1400 [ 545.855996] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 545.861401] ? find_held_lock+0x36/0x1c0 [ 545.865522] ? find_held_lock+0x36/0x1c0 [ 545.869650] ? _raw_spin_unlock_irq+0x27/0x70 [ 545.874176] ? _raw_spin_unlock_irq+0x27/0x70 [ 545.878831] ? lockdep_hardirqs_on+0x421/0x5c0 [ 545.883449] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.887803] ? kasan_check_read+0x11/0x20 [ 545.891985] ? p9_fid_create+0x1e2/0x280 [ 545.896088] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 545.901321] ? kasan_check_write+0x14/0x20 [ 545.905594] ? do_raw_spin_lock+0xc1/0x200 [ 545.909891] p9_client_attach+0x18c/0x7c0 [ 545.914084] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 545.919266] ? p9_client_walk+0xaa0/0xaa0 [ 545.923538] ? lockdep_hardirqs_on+0x421/0x5c0 [ 545.928159] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.932557] ? v9fs_session_init+0xd5b/0x1a80 [ 545.937086] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 545.942267] ? __kasan_slab_free+0x131/0x170 [ 545.947002] v9fs_session_init+0xf62/0x1a80 [ 545.951366] ? v9fs_session_init+0xf62/0x1a80 [ 545.955997] ? v9fs_show_options+0x7e0/0x7e0 [ 545.960463] ? kmem_cache_alloc_trace+0x275/0x730 [ 545.965364] ? rcu_is_watching+0x8c/0x150 [ 545.969545] ? trace_hardirqs_on+0xbd/0x2c0 [ 545.973897] ? rcu_pm_notify+0xc0/0xc0 [ 545.977840] ? v9fs_mount+0x61/0x900 [ 545.981588] ? rcu_read_lock_sched_held+0x108/0x120 [ 545.986750] v9fs_mount+0x7c/0x900 [ 545.990324] ? alloc_pages_current+0x114/0x210 [ 545.994955] mount_fs+0xae/0x328 [ 545.998371] vfs_kern_mount.part.33+0xdc/0x4e0 [ 546.002995] ? may_umount+0xb0/0xb0 [ 546.006661] ? _raw_read_unlock+0x22/0x30 [ 546.010933] ? __get_fs_type+0x97/0xc0 [ 546.014874] do_mount+0x581/0x30e0 [ 546.018448] ? kmem_cache_alloc_trace+0x275/0x730 [ 546.023449] ? copy_mount_string+0x40/0x40 [ 546.027738] ? retint_kernel+0x10/0x10 [ 546.031720] ? copy_mount_options+0x213/0x380 [ 546.036282] ? write_comp_data+0xa/0x70 [ 546.040461] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 546.046031] ? copy_mount_options+0x285/0x380 [ 546.050659] ksys_mount+0x12d/0x140 [ 546.054332] __x64_sys_mount+0xbe/0x150 [ 546.058354] do_syscall_64+0x1b9/0x820 [ 546.062285] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 546.067700] ? syscall_return_slowpath+0x5e0/0x5e0 [ 546.072672] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 546.077729] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 546.082778] ? recalc_sigpending_tsk+0x180/0x180 [ 546.087571] ? kasan_check_write+0x14/0x20 [ 546.091857] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 546.096854] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.102077] RIP: 0033:0x457089 02:39:55 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xd000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 546.105308] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 546.124360] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 546.132126] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 546.139439] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 546.146812] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 546.154120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 546.161428] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 000000000000001f 02:39:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf5ffffff00000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7ffffffffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 546.277568] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:55 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8906, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f00000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffff1f00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 1 (fault-call:7 fault-nth:32): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000500", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 546.411701] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:55 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:55 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00@\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:55 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217, 0x288}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:55 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x2, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) [ 546.599789] FAULT_INJECTION: forcing a failure. [ 546.599789] name failslab, interval 1, probability 0, space 0, times 0 [ 546.611368] CPU: 1 PID: 29627 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 546.612528] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 546.618580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.618589] Call Trace: [ 546.618616] dump_stack+0x1c9/0x2b4 [ 546.618644] ? dump_stack_print_info.cold.2+0x52/0x52 02:39:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x200000000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 546.618665] ? __kernel_text_address+0xd/0x40 [ 546.618682] ? unwind_get_return_address+0x61/0xa0 [ 546.618709] should_fail.cold.4+0xa/0x11 [ 546.618743] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 546.666154] ? save_stack+0xa9/0xd0 [ 546.669871] ? save_stack+0x43/0xd0 [ 546.673664] ? kasan_kmalloc+0xc4/0xe0 [ 546.677583] ? __kmalloc+0x14e/0x720 [ 546.681323] ? p9_fcall_alloc+0x1e/0x90 [ 546.685419] ? p9_client_prepare_req.part.9+0x862/0xba0 [ 546.690815] ? p9_client_rpc+0x1c2/0x1400 [ 546.694989] ? v9fs_session_init+0xf62/0x1a80 02:39:55 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f00, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 546.699631] ? v9fs_mount+0x7c/0x900 [ 546.703376] ? mount_fs+0xae/0x328 [ 546.706947] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 546.711741] ? do_mount+0x581/0x30e0 [ 546.715482] ? ksys_mount+0x12d/0x140 [ 546.719323] ? __x64_sys_mount+0xbe/0x150 [ 546.723496] ? do_syscall_64+0x1b9/0x820 [ 546.727594] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.733012] ? lock_downgrade+0x8f0/0x8f0 [ 546.737256] ? __kmalloc+0x272/0x720 [ 546.741007] ? check_same_owner+0x340/0x340 [ 546.745360] ? trace_hardirqs_on+0xbd/0x2c0 02:39:55 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000000000600", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 546.749728] ? rcu_note_context_switch+0x680/0x680 [ 546.754701] __should_failslab+0x124/0x180 [ 546.758972] should_failslab+0x9/0x14 [ 546.762802] __kmalloc+0x2b2/0x720 [ 546.766385] ? idr_alloc_u32+0x3f0/0x3f0 [ 546.770483] ? p9_fcall_alloc+0x1e/0x90 [ 546.774582] p9_fcall_alloc+0x1e/0x90 [ 546.778418] p9_client_prepare_req.part.9+0x7eb/0xba0 [ 546.783640] ? idr_get_free+0xbfc/0x10c0 [ 546.787757] ? p9_free_req.isra.8+0x140/0x140 [ 546.792305] ? perf_trace_lock+0xde/0x920 [ 546.796503] ? radix_tree_clear_tags+0xc0/0xc0 [ 546.801152] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 546.806771] ? replace_slot+0x153/0x500 [ 546.810925] p9_client_rpc+0x1c2/0x1400 [ 546.814945] ? p9_client_prepare_req.part.9+0xba0/0xba0 [ 546.820430] ? find_held_lock+0x36/0x1c0 [ 546.824545] ? find_held_lock+0x36/0x1c0 [ 546.828661] ? _raw_spin_unlock_irq+0x27/0x70 [ 546.833281] ? _raw_spin_unlock_irq+0x27/0x70 [ 546.837903] ? lockdep_hardirqs_on+0x421/0x5c0 [ 546.842526] ? trace_hardirqs_on+0xbd/0x2c0 [ 546.846888] ? kasan_check_read+0x11/0x20 [ 546.851070] ? p9_fid_create+0x1e2/0x280 [ 546.855282] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 546.860423] ? kasan_check_write+0x14/0x20 [ 546.864688] ? do_raw_spin_lock+0xc1/0x200 [ 546.868974] p9_client_attach+0x18c/0x7c0 [ 546.873156] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 546.878337] ? p9_client_walk+0xaa0/0xaa0 [ 546.882602] ? lockdep_hardirqs_on+0x421/0x5c0 [ 546.887267] ? trace_hardirqs_on+0xbd/0x2c0 [ 546.891655] ? v9fs_session_init+0xd5b/0x1a80 [ 546.896227] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 546.901377] ? __kasan_slab_free+0x131/0x170 [ 546.905926] v9fs_session_init+0xf62/0x1a80 [ 546.910283] ? v9fs_session_init+0xf62/0x1a80 [ 546.914862] ? v9fs_show_options+0x7e0/0x7e0 [ 546.919324] ? kmem_cache_alloc_trace+0x275/0x730 [ 546.924241] ? rcu_is_watching+0x8c/0x150 [ 546.928455] ? trace_hardirqs_on+0xbd/0x2c0 [ 546.932814] ? rcu_pm_notify+0xc0/0xc0 [ 546.936765] ? v9fs_mount+0x61/0x900 [ 546.940655] ? rcu_read_lock_sched_held+0x108/0x120 [ 546.945730] v9fs_mount+0x7c/0x900 [ 546.949318] ? alloc_pages_current+0x114/0x210 [ 546.953936] mount_fs+0xae/0x328 [ 546.957553] vfs_kern_mount.part.33+0xdc/0x4e0 [ 546.962178] ? may_umount+0xb0/0xb0 [ 546.965875] ? _raw_read_unlock+0x22/0x30 [ 546.970059] ? __get_fs_type+0x97/0xc0 [ 546.971412] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 546.973989] do_mount+0x581/0x30e0 [ 546.974007] ? kmem_cache_alloc_trace+0x275/0x730 [ 546.974029] ? copy_mount_string+0x40/0x40 [ 546.974060] ? retint_kernel+0x10/0x10 [ 546.974083] ? copy_mount_options+0x1e3/0x380 [ 546.974104] ? write_comp_data+0x1/0x70 [ 546.974127] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 546.974141] ? copy_mount_options+0x285/0x380 [ 546.974167] ksys_mount+0x12d/0x140 [ 547.021236] __x64_sys_mount+0xbe/0x150 [ 547.025440] do_syscall_64+0x1b9/0x820 [ 547.029380] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 547.034915] ? syscall_return_slowpath+0x5e0/0x5e0 [ 547.040004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.044891] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 547.049956] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 547.055181] ? prepare_exit_to_usermode+0x291/0x3b0 [ 547.060291] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.061437] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 547.065303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 547.065319] RIP: 0033:0x457089 [ 547.065336] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:39:55 executing program 7: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0xfffffffffffffffc, 0x0) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)={0x0, 0x101}) fcntl$setlease(r0, 0x400, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000400)={"66696c74657200000000000000000000000000000006f000", 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000380), 0x0, [{}, {}]}, 0x98) [ 547.065346] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 547.065365] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 547.065376] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 547.065386] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 547.065395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 547.065405] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000020 [ 547.065773] 9pnet: Couldn't grow tag array 02:39:56 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 547.102117] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:56 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x58000000, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:56 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c746572000000000200", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x17000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:56 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1800, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:56 executing program 1 (fault-call:7 fault-nth:33): perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 547.354664] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 547.443315] FAULT_INJECTION: forcing a failure. [ 547.443315] name failslab, interval 1, probability 0, space 0, times 0 [ 547.455296] CPU: 0 PID: 29700 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 547.462356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.471842] Call Trace: [ 547.474482] dump_stack+0x1c9/0x2b4 [ 547.478167] ? dump_stack_print_info.cold.2+0x52/0x52 [ 547.483455] ? perf_trace_lock+0x49d/0x920 [ 547.487936] should_fail.cold.4+0xa/0x11 [ 547.492085] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 547.497297] ? save_stack+0x43/0xd0 [ 547.500985] ? kasan_slab_alloc+0x12/0x20 [ 547.505287] ? kmem_cache_alloc+0x12e/0x710 [ 547.509667] ? fscache_alloc_cookie+0xcb/0x880 [ 547.514305] ? __fscache_acquire_cookie+0x230/0xa50 [ 547.519392] ? v9fs_session_init+0x1013/0x1a80 [ 547.524034] ? v9fs_mount+0x7c/0x900 [ 547.527932] ? vfs_kern_mount.part.33+0xdc/0x4e0 [ 547.529748] kernel msg: ebtables bug: please report to author: Wrong nr of counters 02:39:56 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={"66696c74657200000000000000000000000600", 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:56 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0x8dffffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:56 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x9, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 547.532728] ? do_mount+0x581/0x30e0 [ 547.532750] ? ksys_mount+0x12d/0x140 [ 547.532772] ? __x64_sys_mount+0xbe/0x150 [ 547.532807] ? find_held_lock+0x36/0x1c0 [ 547.532878] ? check_same_owner+0x340/0x340 [ 547.561169] ? rcu_is_watching+0x8c/0x150 [ 547.565395] ? trace_hardirqs_on+0xbd/0x2c0 [ 547.569759] ? rcu_note_context_switch+0x680/0x680 [ 547.574750] __should_failslab+0x124/0x180 [ 547.579095] should_failslab+0x9/0x14 [ 547.582940] __kmalloc+0x2b2/0x720 [ 547.586520] ? kmem_cache_alloc+0x30b/0x710 [ 547.591029] ? fscache_alloc_cookie+0x701/0x880 [ 547.595939] fscache_alloc_cookie+0x701/0x880 [ 547.600498] ? fscache_cookie_init_once+0x80/0x80 [ 547.605396] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 547.610542] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 547.615693] ? lockdep_hardirqs_on+0x421/0x5c0 [ 547.620448] ? trace_hardirqs_on+0xbd/0x2c0 [ 547.624810] ? kasan_check_read+0x11/0x20 [ 547.629002] ? p9_idpool_put+0x36/0x40 [ 547.632934] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 547.638083] ? kasan_check_write+0x14/0x20 [ 547.642372] __fscache_acquire_cookie+0x230/0xa50 [ 547.647289] ? fscache_cookie_put+0x790/0x790 [ 547.652076] ? p9_client_attach+0x1f3/0x7c0 [ 547.656448] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 547.661600] ? p9_client_walk+0xaa0/0xaa0 [ 547.665793] ? trace_hardirqs_on+0xbd/0x2c0 [ 547.670162] ? v9fs_session_init+0xd5b/0x1a80 [ 547.674739] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 547.679991] v9fs_cache_session_get_cookie+0xc4/0x270 [ 547.685305] v9fs_session_init+0x1013/0x1a80 [ 547.689978] ? v9fs_show_options+0x7e0/0x7e0 [ 547.694449] ? kmem_cache_alloc_trace+0x275/0x730 [ 547.699699] ? rcu_is_watching+0x8c/0x150 [ 547.703912] ? trace_hardirqs_on+0xbd/0x2c0 [ 547.708468] ? rcu_pm_notify+0xc0/0xc0 [ 547.712420] ? v9fs_mount+0x61/0x900 [ 547.716182] ? rcu_read_lock_sched_held+0x108/0x120 [ 547.721338] v9fs_mount+0x7c/0x900 [ 547.724926] ? alloc_pages_current+0x114/0x210 [ 547.729574] mount_fs+0xae/0x328 [ 547.733224] vfs_kern_mount.part.33+0xdc/0x4e0 [ 547.737873] ? may_umount+0xb0/0xb0 [ 547.741549] ? _raw_read_unlock+0x22/0x30 [ 547.745753] ? __get_fs_type+0x97/0xc0 [ 547.749719] do_mount+0x581/0x30e0 [ 547.753314] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 547.758826] ? copy_mount_string+0x40/0x40 [ 547.763116] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 547.767940] ? retint_kernel+0x10/0x10 [ 547.771897] ? copy_mount_options+0x1f0/0x380 [ 547.776437] ? copy_mount_options+0x1fa/0x380 [ 547.780984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 547.786569] ? copy_mount_options+0x285/0x380 [ 547.791376] ksys_mount+0x12d/0x140 [ 547.795051] __x64_sys_mount+0xbe/0x150 [ 547.799165] do_syscall_64+0x1b9/0x820 [ 547.803138] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 547.808551] ? syscall_return_slowpath+0x5e0/0x5e0 [ 547.813621] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 547.818684] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 547.823741] ? recalc_sigpending_tsk+0x180/0x180 [ 547.828561] ? kasan_check_write+0x14/0x20 [ 547.832939] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.838027] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 547.843273] RIP: 0033:0x457089 [ 547.846505] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 547.865750] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 547.873506] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 547.881164] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 02:39:56 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) sendto$inet(r0, &(0x7f00000000c0)="cf", 0x1, 0x0, &(0x7f0000a04000)={0x2, 0x4e24, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x4) recvmmsg(r1, &(0x7f0000008180)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)=""/13}, {&(0x7f0000000080)=""/31}, {&(0x7f0000000100)=""/34}, {&(0x7f0000000580)=""/216}, {&(0x7f00000003c0)=""/217, 0xcc20000000000000}, {&(0x7f00000004c0)=""/175}], 0x0, &(0x7f00000007c0)=""/160, 0xa0}}], 0x234, 0x8802, &(0x7f00000083c0)={0x77359400}) writev(r1, &(0x7f000051c000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560284470080ffe00600000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1) 02:39:56 executing program 0: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4641010000000000, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) 02:39:56 executing program 2: perf_event_open(&(0x7f0000000280)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_INTERRUPT(0xffffffffffffffff, 0x4004ae86, &(0x7f0000000040)) ioctl$KDGETKEYCODE(0xffffffffffffffff, 0x4b4c, &(0x7f00000000c0)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000580)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, &(0x7f0000000000), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, 'ip6gre0\x00', 'team0\x00', 'veth0_to_bond\x00', 'veth0_to_bond\x00', @dev, [], @broadcast, [], 0xf0, 0xf0, 0x120, [@limit={'limit\x00', 0x20, {{0x0, 0x2}}}, @cluster={'cluster\x00', 0x10}]}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x11, 0x0, 0x0, 'vlan0\x00', 'lo\x00', 'rose0\x00', 'bridge0\x00', @broadcast, [], @dev, [], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8}}]}]}, 0x2c8) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000400)={"66696c746572000000000000000200", 0x0, 0x0, 0x0, [], 0x1, &(0x7f0000000380), 0x0, [{}]}, 0x88) 02:39:56 executing program 3: r0 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0x2000000c8, &(0x7f0000000000), 0x4) syz_emit_ethernet(0x66, &(0x7f00000000c0)={@random="2fd6b1be27a3", @remote, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x30, 0x3a, 0xffffa888, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0xffffff89}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "0a07ec", 0x0, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @ipv4={[0xf5ffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [], @dev}}}}}}}}, &(0x7f0000000040)) 02:39:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="2a0000002901000004000000000000001d0000000000000008000000000000000007002e2f66696c44301da71d28f9f442d34bc8d5a77432740c2c7739dc5fddc2685c8841a51c2ac8adad3959abaebf91ca52f09999f3fef50918617dd5dda6c165ea3828b40038821f8a6e1f907e605661f8df49151d343a95957e853a434fb711b004d3c77b5c3b8a00"], 0x8b) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfdffffff, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cachetag={'cachetag', 0x3d, 'GPL!cpusetmd5sumposix_acl_access-lo$mime_type!selinux^/wlan0'}}]}}) [ 547.888513] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 547.895952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 547.903266] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000021 [ 547.911162] ================================================================== [ 547.919081] BUG: KASAN: double-free or invalid-free in fscache_free_cookie+0x230/0x280 [ 547.927775] [ 547.929445] CPU: 0 PID: 29700 Comm: syz-executor1 Not tainted 4.18.0+ #206 [ 547.936489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.946031] Call Trace: [ 547.948670] dump_stack+0x1c9/0x2b4 [ 547.952354] ? dump_stack_print_info.cold.2+0x52/0x52 [ 547.957596] ? printk+0xa7/0xcf [ 547.960917] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 547.965724] ? fscache_free_cookie+0x230/0x280 [ 547.970381] ? fscache_free_cookie+0x230/0x280 [ 547.975040] print_address_description+0x6c/0x20b [ 547.980015] ? fscache_free_cookie+0x230/0x280 [ 547.984672] ? fscache_free_cookie+0x230/0x280 [ 547.989395] kasan_report_invalid_free+0x64/0xa0 [ 547.994244] __kasan_slab_free+0x150/0x170 [ 547.998643] ? fscache_free_cookie+0x230/0x280 [ 548.003274] kasan_slab_free+0xe/0x10 [ 548.007383] kfree+0xd9/0x210 [ 548.010537] fscache_free_cookie+0x230/0x280 [ 548.015000] ? __fscache_check_consistency+0xb50/0xb50 [ 548.020332] ? fscache_alloc_cookie+0x701/0x880 [ 548.025364] fscache_alloc_cookie+0x74c/0x880 [ 548.029927] ? fscache_cookie_init_once+0x80/0x80 [ 548.035024] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 548.040226] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 548.045469] ? lockdep_hardirqs_on+0x421/0x5c0 [ 548.050099] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.054725] ? kasan_check_read+0x11/0x20 [ 548.058993] ? p9_idpool_put+0x36/0x40 [ 548.062921] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 548.068095] ? kasan_check_write+0x14/0x20 [ 548.072379] __fscache_acquire_cookie+0x230/0xa50 [ 548.077453] ? fscache_cookie_put+0x790/0x790 [ 548.082005] ? p9_client_attach+0x1f3/0x7c0 [ 548.086374] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 548.091617] ? p9_client_walk+0xaa0/0xaa0 [ 548.096011] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.100499] ? v9fs_session_init+0xd5b/0x1a80 [ 548.105253] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 548.110504] v9fs_cache_session_get_cookie+0xc4/0x270 [ 548.115761] v9fs_session_init+0x1013/0x1a80 [ 548.120274] ? v9fs_show_options+0x7e0/0x7e0 [ 548.124722] ? kmem_cache_alloc_trace+0x275/0x730 [ 548.129610] ? rcu_is_watching+0x8c/0x150 [ 548.133801] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.138156] ? rcu_pm_notify+0xc0/0xc0 [ 548.142128] ? v9fs_mount+0x61/0x900 [ 548.145880] ? rcu_read_lock_sched_held+0x108/0x120 [ 548.150960] v9fs_mount+0x7c/0x900 [ 548.154551] ? alloc_pages_current+0x114/0x210 [ 548.159181] mount_fs+0xae/0x328 [ 548.162635] vfs_kern_mount.part.33+0xdc/0x4e0 [ 548.167355] ? may_umount+0xb0/0xb0 [ 548.171017] ? _raw_read_unlock+0x22/0x30 [ 548.175245] ? __get_fs_type+0x97/0xc0 [ 548.179229] do_mount+0x581/0x30e0 [ 548.182819] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 548.188329] ? copy_mount_string+0x40/0x40 [ 548.192608] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 548.197420] ? retint_kernel+0x10/0x10 [ 548.201490] ? copy_mount_options+0x1f0/0x380 [ 548.206110] ? copy_mount_options+0x1fa/0x380 [ 548.210876] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.216607] ? copy_mount_options+0x285/0x380 [ 548.221283] ksys_mount+0x12d/0x140 [ 548.224959] __x64_sys_mount+0xbe/0x150 [ 548.229182] do_syscall_64+0x1b9/0x820 [ 548.233143] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 548.238638] ? syscall_return_slowpath+0x5e0/0x5e0 [ 548.243609] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 548.248861] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 548.254056] ? recalc_sigpending_tsk+0x180/0x180 [ 548.258849] ? kasan_check_write+0x14/0x20 [ 548.263130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 548.268031] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.273283] RIP: 0033:0x457089 [ 548.276550] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.295488] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 548.303265] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 548.310567] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 548.317873] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 548.325179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 548.332518] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000021 [ 548.339853] [ 548.341511] Allocated by task 6547: [ 548.345230] save_stack+0x43/0xd0 [ 548.348720] kasan_kmalloc+0xc4/0xe0 [ 548.352462] __kmalloc+0x14e/0x720 [ 548.356035] inotify_handle_event+0x1ff/0x5c0 [ 548.360570] inotify_ignored_and_remove_idr+0x10d/0x1b0 [ 548.366045] inotify_freeing_mark+0x1d/0x30 [ 548.370505] fsnotify_free_mark+0xf2/0x150 [ 548.374792] fsnotify_destroy_mark+0x3e/0x50 [ 548.379275] __x64_sys_inotify_rm_watch+0x121/0x1a0 [ 548.384329] do_syscall_64+0x1b9/0x820 [ 548.388269] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.393491] [ 548.395218] Freed by task 2293: [ 548.398536] save_stack+0x43/0xd0 [ 548.402021] __kasan_slab_free+0x11a/0x170 [ 548.406482] kasan_slab_free+0xe/0x10 [ 548.410319] kfree+0xd9/0x210 [ 548.413718] inotify_free_event+0x15/0x20 [ 548.417904] fsnotify_destroy_event.part.1+0x1ad/0x280 [ 548.423251] fsnotify_destroy_event+0x69/0x80 [ 548.427875] inotify_read+0x5c2/0x9d0 [ 548.431721] __vfs_read+0x117/0x9b0 [ 548.435383] vfs_read+0x17f/0x3c0 [ 548.438893] ksys_read+0x101/0x260 [ 548.442473] __x64_sys_read+0x73/0xb0 [ 548.446411] do_syscall_64+0x1b9/0x820 [ 548.450341] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.455555] [ 548.457243] The buggy address belongs to the object at ffff8801840c5600 [ 548.457243] which belongs to the cache kmalloc-64 of size 64 [ 548.469773] The buggy address is located 0 bytes inside of [ 548.469773] 64-byte region [ffff8801840c5600, ffff8801840c5640) [ 548.481532] The buggy address belongs to the page: [ 548.486502] page:ffffea0006103140 count:1 mapcount:0 mapping:ffff8801dac00340 index:0x0 [ 548.494696] flags: 0x2fffc0000000100(slab) [ 548.499037] raw: 02fffc0000000100 ffffea0006bedc08 ffffea00074d4208 ffff8801dac00340 [ 548.507123] raw: 0000000000000000 ffff8801840c5000 0000000100000020 0000000000000000 [ 548.515028] page dumped because: kasan: bad access detected [ 548.520764] [ 548.522413] Memory state around the buggy address: [ 548.527371] ffff8801840c5500: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 548.534900] ffff8801840c5580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 548.542297] >ffff8801840c5600: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 548.549689] ^ [ 548.553089] ffff8801840c5680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 548.560758] ffff8801840c5700: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 548.568599] ================================================================== [ 548.575990] Disabling lock debugging due to kernel taint [ 548.581600] Kernel panic - not syncing: panic_on_warn set ... [ 548.581600] [ 548.590524] CPU: 0 PID: 29700 Comm: syz-executor1 Tainted: G B 4.18.0+ #206 [ 548.598962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.608348] Call Trace: [ 548.611090] dump_stack+0x1c9/0x2b4 [ 548.614760] ? dump_stack_print_info.cold.2+0x52/0x52 [ 548.620000] ? lock_downgrade+0x8f0/0x8f0 [ 548.624227] ? fscache_free_cookie+0x230/0x280 [ 548.628848] panic+0x238/0x4e7 [ 548.632079] ? add_taint.cold.5+0x16/0x16 [ 548.636290] ? add_taint.cold.5+0x5/0x16 [ 548.640391] ? trace_hardirqs_off+0xaf/0x2b0 [ 548.644843] ? fscache_free_cookie+0x230/0x280 [ 548.649462] ? fscache_free_cookie+0x230/0x280 [ 548.654081] kasan_end_report+0x47/0x4f [ 548.658089] kasan_report_invalid_free+0x81/0xa0 [ 548.663006] __kasan_slab_free+0x150/0x170 [ 548.667279] ? fscache_free_cookie+0x230/0x280 [ 548.671892] kasan_slab_free+0xe/0x10 [ 548.675721] kfree+0xd9/0x210 [ 548.679917] fscache_free_cookie+0x230/0x280 [ 548.684358] ? __fscache_check_consistency+0xb50/0xb50 [ 548.689670] ? fscache_alloc_cookie+0x701/0x880 [ 548.694427] fscache_alloc_cookie+0x74c/0x880 [ 548.698967] ? fscache_cookie_init_once+0x80/0x80 [ 548.703928] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 548.709155] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 548.714322] ? lockdep_hardirqs_on+0x421/0x5c0 [ 548.719072] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.723428] ? kasan_check_read+0x11/0x20 [ 548.727673] ? p9_idpool_put+0x36/0x40 [ 548.731736] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 548.736875] ? kasan_check_write+0x14/0x20 [ 548.741147] __fscache_acquire_cookie+0x230/0xa50 [ 548.746060] ? fscache_cookie_put+0x790/0x790 [ 548.750654] ? p9_client_attach+0x1f3/0x7c0 [ 548.755097] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 548.760266] ? p9_client_walk+0xaa0/0xaa0 [ 548.764453] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.768803] ? v9fs_session_init+0xd5b/0x1a80 [ 548.773341] ? trace_hardirqs_off_caller+0x2b0/0x2b0 [ 548.778540] v9fs_cache_session_get_cookie+0xc4/0x270 [ 548.783778] v9fs_session_init+0x1013/0x1a80 [ 548.788292] ? v9fs_show_options+0x7e0/0x7e0 [ 548.792741] ? kmem_cache_alloc_trace+0x275/0x730 [ 548.797751] ? rcu_is_watching+0x8c/0x150 [ 548.801930] ? trace_hardirqs_on+0xbd/0x2c0 [ 548.806287] ? rcu_pm_notify+0xc0/0xc0 [ 548.810257] ? v9fs_mount+0x61/0x900 [ 548.814008] ? rcu_read_lock_sched_held+0x108/0x120 [ 548.819096] v9fs_mount+0x7c/0x900 [ 548.822760] ? alloc_pages_current+0x114/0x210 [ 548.827392] mount_fs+0xae/0x328 [ 548.830804] vfs_kern_mount.part.33+0xdc/0x4e0 [ 548.835430] ? may_umount+0xb0/0xb0 [ 548.839092] ? _raw_read_unlock+0x22/0x30 [ 548.843339] ? __get_fs_type+0x97/0xc0 [ 548.847428] do_mount+0x581/0x30e0 [ 548.851059] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 548.856549] ? copy_mount_string+0x40/0x40 [ 548.860945] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 548.865745] ? retint_kernel+0x10/0x10 [ 548.869678] ? copy_mount_options+0x1f0/0x380 [ 548.874233] ? copy_mount_options+0x1fa/0x380 [ 548.878761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.884343] ? copy_mount_options+0x285/0x380 [ 548.888878] ksys_mount+0x12d/0x140 [ 548.892601] __x64_sys_mount+0xbe/0x150 [ 548.896612] do_syscall_64+0x1b9/0x820 [ 548.900537] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 548.905937] ? syscall_return_slowpath+0x5e0/0x5e0 [ 548.910898] ? trace_hardirqs_on_caller+0x2b0/0x2b0 [ 548.915978] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 548.921028] ? recalc_sigpending_tsk+0x180/0x180 [ 548.925820] ? kasan_check_write+0x14/0x20 [ 548.930099] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 548.935055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.940413] RIP: 0033:0x457089 [ 548.943633] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.962698] RSP: 002b:00007f2a74c99c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 548.970439] RAX: ffffffffffffffda RBX: 00007f2a74c9a6d4 RCX: 0000000000457089 [ 548.977860] RDX: 0000000020000380 RSI: 00000000200002c0 RDI: 0000000000000000 [ 548.985154] RBP: 00000000009300a0 R08: 0000000020000740 R09: 0000000000000000 [ 548.992488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 548.999926] R13: 00000000004d2768 R14: 00000000004c7be5 R15: 0000000000000021 [ 549.007829] Dumping ftrace buffer: [ 549.011390] (ftrace buffer empty) [ 549.015174] Kernel Offset: disabled [ 549.019003] Rebooting in 86400 seconds..