opt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000050000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1721.301259] FAULT_INJECTION: forcing a failure. [ 1721.301259] name failslab, interval 1, probability 0, space 0, times 0 [ 1721.305235] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1721.312634] CPU: 1 PID: 2336 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1721.328540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1721.337909] Call Trace: [ 1721.340522] dump_stack+0x1b9/0x294 [ 1721.344170] ? dump_stack_print_info.cold.2+0x52/0x52 2018/05/15 14:02:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000002000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1721.349388] ? __lock_is_held+0xb5/0x140 [ 1721.353475] should_fail.cold.4+0xa/0x1a [ 1721.357554] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1721.362682] ? debug_check_no_locks_freed+0x310/0x310 [ 1721.367900] ? rcu_note_context_switch+0x710/0x710 [ 1721.372857] ? graph_lock+0x170/0x170 [ 1721.376697] ? __might_sleep+0x95/0x190 [ 1721.380695] ? _cond_resched+0x14/0x30 [ 1721.384603] ? __getblk_gfp+0x102/0xaf0 [ 1721.388602] ? __raw_spin_lock_init+0x1c/0x100 [ 1721.393205] ? __lock_is_held+0xb5/0x140 [ 1721.397292] ? check_same_owner+0x320/0x320 2018/05/15 14:02:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000070000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1721.401620] ? graph_lock+0x170/0x170 [ 1721.405431] ? rcu_note_context_switch+0x710/0x710 [ 1721.410379] ? __raw_spin_lock_init+0x1c/0x100 [ 1721.414981] __should_failslab+0x124/0x180 [ 1721.419236] should_failslab+0x9/0x14 [ 1721.423077] kmem_cache_alloc+0x2af/0x760 [ 1721.427267] jbd2__journal_start+0x1d3/0xa70 [ 1721.431706] ? jbd2_write_access_granted.part.8+0x420/0x420 [ 1721.437437] ? rcu_note_context_switch+0x710/0x710 [ 1721.442389] ? __might_sleep+0x95/0x190 [ 1721.446387] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1721.451953] __ext4_journal_start_sb+0x17a/0x5e0 [ 1721.456732] ? __ext4_new_inode+0x36c0/0x6030 [ 1721.461255] ? ext4_journal_abort_handle.isra.4+0x260/0x260 [ 1721.466978] ? find_next_zero_bit+0x111/0x140 [ 1721.471479] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1721.476498] ? find_inode_bit.isra.16+0x36f/0x510 [ 1721.481346] __ext4_new_inode+0x36c0/0x6030 [ 1721.485674] ? ext4_free_inode+0x1970/0x1970 [ 1721.490072] ? debug_check_no_locks_freed+0x310/0x310 [ 1721.495250] ? is_bpf_text_address+0xd7/0x170 [ 1721.499730] ? kernel_text_address+0x79/0xf0 [ 1721.504125] ? __unwind_start+0x166/0x330 [ 1721.508264] ? __kernel_text_address+0xd/0x40 [ 1721.512747] ? unwind_get_return_address+0x61/0xa0 [ 1721.517664] ? __save_stack_trace+0x7e/0xd0 [ 1721.521980] ? save_stack+0xa9/0xd0 [ 1721.525593] ? save_stack+0x43/0xd0 [ 1721.529208] ? __kasan_slab_free+0x11a/0x170 [ 1721.533604] ? kasan_slab_free+0xe/0x10 [ 1721.537566] ? kmem_cache_free+0x86/0x2d0 [ 1721.541712] ? putname+0xf2/0x130 [ 1721.545172] ? do_mknodat+0x1b1/0x4f0 [ 1721.548968] ? __x64_sys_mknodat+0x9a/0xf0 [ 1721.553193] ? graph_lock+0x170/0x170 [ 1721.556988] ? kasan_check_read+0x11/0x20 [ 1721.561143] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1721.565540] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1721.570106] ? print_usage_bug+0xc0/0xc0 [ 1721.574153] ? kasan_check_write+0x14/0x20 [ 1721.578380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1721.583903] ? __dquot_initialize+0x615/0xdc0 [ 1721.588391] ? dquot_get_next_dqblk+0x180/0x180 [ 1721.593091] ? kasan_check_read+0x11/0x20 [ 1721.597228] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1721.602405] ext4_mknod+0x2e6/0x630 [ 1721.606043] ? ext4_add_nondir+0x90/0x90 [ 1721.610095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1721.615618] ? security_inode_mknod+0xf0/0x120 [ 1721.620188] ? ns_capable_common+0x13f/0x170 [ 1721.624584] vfs_mknod+0x447/0x790 [ 1721.628114] do_mknodat+0x414/0x4f0 [ 1721.631735] ? do_file_open_root+0x4b0/0x4b0 [ 1721.636131] ? filp_open+0x80/0x80 [ 1721.639666] __x64_sys_mknodat+0x9a/0xf0 [ 1721.643719] do_syscall_64+0x1b1/0x800 [ 1721.647596] ? finish_task_switch+0x1ca/0x840 [ 1721.652079] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1721.657001] ? syscall_return_slowpath+0x30f/0x5c0 [ 1721.661925] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1721.667279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1721.672113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1721.677290] RIP: 0033:0x455a09 [ 1721.680465] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 1721.688160] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1721.695416] RDX: 0000000000006000 RSI: 00000000200008c0 RDI: 00000000ffffff9c 2018/05/15 14:02:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000ffffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:05 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f0000000240)={0xadfc, {{0xa, 0x4e23, 0x200, @empty, 0x3}}, {{0xa, 0x4e20, 0x6, @dev={0xfe, 0x80, [], 0x1d}, 0x6}}}, 0x108) syz_emit_ethernet(0xfdef, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6006000000000000000000cd00000000030000000000000000000000000000010000000000089078"], &(0x7f00000000c0)) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x23, &(0x7f0000000140)={@multicast2, @dev, 0x0}, &(0x7f0000000180)=0xc) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f00000001c0)={@mcast1={0xff, 0x1, [], 0x1}, @local={0xfe, 0x80, [], 0xaa}, @remote={0xfe, 0x80, [], 0xbb}, 0x1d9c, 0x6, 0x80, 0x400, 0x3, 0x40000000, r1}) [ 1721.702673] RBP: 00000000200008c0 R08: 0000000000000000 R09: 0000000000000000 [ 1721.709933] R10: 00000000000007c7 R11: 0000000000000246 R12: 000000000000a000 [ 1721.717186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1721.724619] EXT4-fs error (device sda1) in __ext4_new_inode:927: Out of memory 2018/05/15 14:02:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000020000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00feffffff00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:05 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:05 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0xfffffffffffffffe, @local={0xfe, 0x80, [], 0xaa}}}}, 0x108) syz_emit_ethernet(0x97, &(0x7f0000000340)={@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], {@generic={0x8bff, "23222093a0dc0fd75afe920a82330cd0d461219b78d9dad24a6b53c4b3bd34ae4b03363e0f156a00d7ba42b741dc3caf9c20bedfd0068631dec08d84fdb33799258badfd21c4592274f2b464c699fb7364da554da0b691b7875f8e58c879fae58100dbea061b677772cad5a316882ff435347c54e6544435956046f5f7a668b5fe211f2d1307e31a2b"}}}, &(0x7f0000000000)={0x0, 0x2, [0xb8a, 0x3cb, 0x6b1, 0x81]}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0xec546b26b08f65ab, 0x0) ioctl$TIOCCBRK(r1, 0x5428) syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [{[], {0x8100, 0x1fa5, 0x7}}], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x8, 0x11, 0x0, @empty={[0x30]}, @mcast2={0xff, 0x2, [], 0x1}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f0000000080)) [ 1721.842701] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1722.040725] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000400000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:05 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:05 executing program 4 (fault-call:0 fault-nth:8): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:05 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0xffffffffffffffff, 0xfffffffffffffffc, @local={0xfe, 0x80, [], 0xaa}}}}, 0x108) 2018/05/15 14:02:05 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:05 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000240)='/dev/input/mice\x00', 0x0, 0x100100005) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=0x0) fcntl$setownex(r0, 0xf, &(0x7f0000000080)={0x1, r1}) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0xfffffed7}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="e0"], 0x1) [ 1722.211334] FAULT_INJECTION: forcing a failure. [ 1722.211334] name failslab, interval 1, probability 0, space 0, times 0 [ 1722.222674] CPU: 1 PID: 2415 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1722.229885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1722.239263] Call Trace: [ 1722.241882] dump_stack+0x1b9/0x294 [ 1722.245525] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1722.250723] should_fail.cold.4+0xa/0x1a [ 1722.254787] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1722.259936] ? lock_downgrade+0x8e0/0x8e0 [ 1722.264082] ? find_held_lock+0x36/0x1c0 [ 1722.268147] ? check_same_owner+0x320/0x320 [ 1722.272456] ? rcu_note_context_switch+0x710/0x710 [ 1722.277378] __should_failslab+0x124/0x180 [ 1722.281606] should_failslab+0x9/0x14 [ 1722.285417] __kmalloc_track_caller+0x2c4/0x760 [ 1722.290078] ? strncpy_from_user+0x500/0x500 [ 1722.294495] ? strndup_user+0x77/0xd0 [ 1722.298295] memdup_user+0x2c/0xa0 [ 1722.301823] strndup_user+0x77/0xd0 [ 1722.305437] ksys_mount+0x3c/0x140 [ 1722.308968] __x64_sys_mount+0xbe/0x150 [ 1722.312932] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1722.317946] do_syscall_64+0x1b1/0x800 [ 1722.321819] ? finish_task_switch+0x1ca/0x840 [ 1722.326304] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1722.331225] ? syscall_return_slowpath+0x30f/0x5c0 [ 1722.336169] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1722.341526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1722.346360] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.351549] RIP: 0033:0x455a09 2018/05/15 14:02:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1722.354723] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1722.362417] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1722.369672] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1722.376929] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1722.384202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1722.391455] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:06 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x5) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x108) syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x8, 0x11, 0x0, @empty={[0x30]}, @mcast2={0xff, 0x2, [], 0x1}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f00000000c0)) 2018/05/15 14:02:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000500000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:06 executing program 2: rt_sigaction(0x4, &(0x7f0000000000)={0x5, {0x7}, 0x80000000}, &(0x7f0000000100), 0x8, &(0x7f0000000140)) r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000080)={0x3, 0xed5, 0x200, 0x7}, 0x6) [ 1722.439828] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:06 executing program 4 (fault-call:0 fault-nth:9): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:06 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d1e1900}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1722.602991] FAULT_INJECTION: forcing a failure. [ 1722.602991] name failslab, interval 1, probability 0, space 0, times 0 [ 1722.614364] CPU: 1 PID: 2448 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1722.621565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1722.630929] Call Trace: [ 1722.633544] dump_stack+0x1b9/0x294 [ 1722.637218] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1722.642443] should_fail.cold.4+0xa/0x1a [ 1722.646520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1722.651627] ? save_stack+0x43/0xd0 [ 1722.655265] ? kasan_kmalloc+0xc4/0xe0 [ 1722.659149] ? __kmalloc_track_caller+0x14a/0x760 [ 1722.663987] ? memdup_user+0x2c/0xa0 [ 1722.667696] ? strndup_user+0x77/0xd0 [ 1722.671485] ? graph_lock+0x170/0x170 [ 1722.675277] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.680631] ? lock_downgrade+0x8e0/0x8e0 [ 1722.684776] ? find_held_lock+0x36/0x1c0 [ 1722.688835] ? check_same_owner+0x320/0x320 [ 1722.693147] ? lock_release+0xa10/0xa10 [ 1722.697112] ? rcu_note_context_switch+0x710/0x710 [ 1722.702034] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1722.707045] ? __check_object_size+0x95/0x5d9 [ 1722.711531] __should_failslab+0x124/0x180 [ 1722.715757] should_failslab+0x9/0x14 [ 1722.719553] __kmalloc_track_caller+0x2c4/0x760 [ 1722.724216] ? strncpy_from_user+0x500/0x500 [ 1722.728616] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1722.734143] ? strndup_user+0x77/0xd0 [ 1722.737943] memdup_user+0x2c/0xa0 [ 1722.741471] strndup_user+0x77/0xd0 [ 1722.745091] ksys_mount+0x73/0x140 [ 1722.748626] __x64_sys_mount+0xbe/0x150 [ 1722.752588] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1722.757592] do_syscall_64+0x1b1/0x800 [ 1722.761465] ? finish_task_switch+0x1ca/0x840 [ 1722.765950] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1722.770868] ? syscall_return_slowpath+0x30f/0x5c0 [ 1722.775799] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1722.781151] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1722.785982] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1722.791157] RIP: 0033:0x455a09 [ 1722.794330] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:02:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00fffffffe00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000008800000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1722.802029] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1722.809286] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1722.816541] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1722.823796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1722.831053] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1722.884452] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000fffffffe00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:06 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x108) syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6006f52600081100300049954d98f253d78c3c495d4e49773d3b0000000000000000000000000000ff0200000000000000000000000000010000000000089078"], &(0x7f00000000c0)) 2018/05/15 14:02:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000004000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1723.021659] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:06 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:06 executing program 4 (fault-call:0 fault-nth:10): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:06 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1723.183335] FAULT_INJECTION: forcing a failure. [ 1723.183335] name failslab, interval 1, probability 0, space 0, times 0 [ 1723.194674] CPU: 0 PID: 2503 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1723.202024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1723.202522] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1723.211387] Call Trace: [ 1723.211416] dump_stack+0x1b9/0x294 [ 1723.211436] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1723.211460] should_fail.cold.4+0xa/0x1a [ 1723.211482] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1723.240782] ? kasan_kmalloc+0xc4/0xe0 [ 1723.244696] ? __kmalloc_track_caller+0x14a/0x760 [ 1723.249564] ? memdup_user+0x2c/0xa0 [ 1723.253307] ? strndup_user+0x77/0xd0 [ 1723.257132] ? graph_lock+0x170/0x170 [ 1723.260954] ? lock_downgrade+0x8e0/0x8e0 [ 1723.265129] ? find_held_lock+0x36/0x1c0 [ 1723.269231] ? check_same_owner+0x320/0x320 [ 1723.273573] ? lock_release+0xa10/0xa10 [ 1723.277562] ? check_same_owner+0x320/0x320 [ 1723.281898] ? rcu_note_context_switch+0x710/0x710 [ 1723.286845] ? __check_object_size+0x95/0x5d9 [ 1723.291363] __should_failslab+0x124/0x180 [ 1723.295626] should_failslab+0x9/0x14 [ 1723.299445] kmem_cache_alloc_trace+0x2cb/0x780 [ 1723.304143] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1723.309700] ? _copy_from_user+0xdf/0x150 [ 1723.313848] copy_mount_options+0x5f/0x380 [ 1723.318080] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1723.323615] ksys_mount+0xd0/0x140 [ 1723.327150] __x64_sys_mount+0xbe/0x150 [ 1723.331115] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1723.336120] do_syscall_64+0x1b1/0x800 [ 1723.339995] ? finish_task_switch+0x1ca/0x840 [ 1723.344483] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1723.349400] ? syscall_return_slowpath+0x30f/0x5c0 [ 1723.354331] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1723.359685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1723.364519] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1723.369694] RIP: 0033:0x455a09 [ 1723.372867] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1723.380562] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1723.387817] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1723.395071] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1723.402324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1723.409589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:07 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f0000000180)=0xe8) setfsuid(r1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:02:07 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:07 executing program 3: openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x80402, 0x0) r0 = open(&(0x7f0000000040)='/\x00', 0x8100, 0x100) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000080)={0x3b, @multicast2=0xe0000002, 0x4e20, 0x1, 'sed\x00', 0x1, 0x78, 0x31}, 0x2c) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000100)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x108) syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd8b6006f5260008110030000000000000000000000000000000ff0200000000000000000000000000010000000000089078"], &(0x7f00000000c0)) 2018/05/15 14:02:07 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000037800000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:07 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:07 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:07 executing program 4 (fault-call:0 fault-nth:11): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:07 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1724.122399] FAULT_INJECTION: forcing a failure. [ 1724.122399] name failslab, interval 1, probability 0, space 0, times 0 [ 1724.133704] CPU: 1 PID: 2530 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1724.140902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1724.150267] Call Trace: [ 1724.152879] dump_stack+0x1b9/0x294 [ 1724.156533] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1724.161741] ? find_held_lock+0x36/0x1c0 [ 1724.165830] should_fail.cold.4+0xa/0x1a [ 1724.169913] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1724.175047] ? kasan_check_read+0x11/0x20 [ 1724.179223] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1724.184437] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1724.189693] ? find_held_lock+0x36/0x1c0 [ 1724.193799] ? check_same_owner+0x320/0x320 [ 1724.198153] ? rcu_note_context_switch+0x710/0x710 [ 1724.203114] ? save_stack+0xa9/0xd0 [ 1724.206756] __should_failslab+0x124/0x180 [ 1724.211005] should_failslab+0x9/0x14 [ 1724.214824] kmem_cache_alloc+0x2af/0x760 [ 1724.219003] getname_flags+0xd0/0x5a0 [ 1724.222828] user_path_at_empty+0x2d/0x50 [ 1724.226990] do_mount+0x172/0x3070 [ 1724.230544] ? copy_mount_string+0x40/0x40 [ 1724.234777] ? rcu_pm_notify+0xc0/0xc0 [ 1724.238668] ? copy_mount_options+0x5f/0x380 [ 1724.243073] ? rcu_read_lock_sched_held+0x108/0x120 [ 1724.248089] ? kmem_cache_alloc_trace+0x616/0x780 [ 1724.252934] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1724.258459] ? _copy_from_user+0xdf/0x150 [ 1724.262595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1724.268122] ? copy_mount_options+0x285/0x380 [ 1724.272608] ksys_mount+0x12d/0x140 [ 1724.276228] __x64_sys_mount+0xbe/0x150 [ 1724.280189] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1724.285197] do_syscall_64+0x1b1/0x800 [ 1724.289071] ? finish_task_switch+0x1ca/0x840 [ 1724.293558] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1724.298479] ? syscall_return_slowpath+0x30f/0x5c0 [ 1724.303399] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1724.308750] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1724.313582] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1724.318762] RIP: 0033:0x455a09 2018/05/15 14:02:07 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000300000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:08 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000700000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:08 executing program 3 (fault-call:2 fault-nth:0): r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) [ 1724.321937] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1724.329631] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1724.336884] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1724.344136] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1724.351390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1724.358646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:08 executing program 4 (fault-call:0 fault-nth:12): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1724.397272] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:08 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000007fffffe0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:08 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9c}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:08 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000007fffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1724.522538] FAULT_INJECTION: forcing a failure. [ 1724.522538] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1724.534528] CPU: 1 PID: 2565 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1724.541729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1724.551100] Call Trace: [ 1724.553722] dump_stack+0x1b9/0x294 [ 1724.557377] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1724.562597] should_fail.cold.4+0xa/0x1a [ 1724.566687] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1724.571819] ? pcpu_balance_workfn+0x16d0/0x16d0 [ 1724.576611] ? find_held_lock+0x36/0x1c0 [ 1724.580719] ? check_same_owner+0x320/0x320 [ 1724.585062] ? __lockdep_init_map+0x105/0x590 [ 1724.589590] ? rcu_note_context_switch+0x710/0x710 [ 1724.594542] ? lockdep_init_map+0x9/0x10 [ 1724.598632] ? __might_sleep+0x95/0x190 [ 1724.602636] __alloc_pages_nodemask+0x34e/0xd70 [ 1724.607336] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1724.611250] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1724.612374] ? kasan_check_read+0x11/0x20 [ 1724.612396] ? rcu_pm_notify+0xc0/0xc0 [ 1724.612411] ? trace_hardirqs_off+0xd/0x10 [ 1724.612435] ? putname+0xf2/0x130 [ 1724.612464] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1724.612483] alloc_pages_current+0x10c/0x210 [ 1724.646882] __get_free_pages+0xf/0x40 [ 1724.650789] get_zeroed_page+0x11/0x20 [ 1724.654701] mount_fs+0x210/0x328 [ 1724.658177] ? mpi_free.cold.1+0x19/0x19 [ 1724.662262] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1724.666870] ? may_umount+0xb0/0xb0 [ 1724.670509] ? _raw_read_unlock+0x22/0x30 [ 1724.674661] ? __get_fs_type+0x97/0xc0 [ 1724.678568] do_mount+0x564/0x3070 [ 1724.682141] ? copy_mount_string+0x40/0x40 [ 1724.686395] ? rcu_pm_notify+0xc0/0xc0 [ 1724.690310] ? copy_mount_options+0x5f/0x380 [ 1724.694739] ? rcu_read_lock_sched_held+0x108/0x120 [ 1724.699776] ? kmem_cache_alloc_trace+0x616/0x780 [ 1724.704646] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1724.710219] ? _copy_from_user+0xdf/0x150 [ 1724.714395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1724.719955] ? copy_mount_options+0x285/0x380 [ 1724.724473] ksys_mount+0x12d/0x140 [ 1724.728125] __x64_sys_mount+0xbe/0x150 [ 1724.732119] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1724.737155] do_syscall_64+0x1b1/0x800 [ 1724.741068] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1724.745935] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1724.750883] ? syscall_return_slowpath+0x30f/0x5c0 [ 1724.755834] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1724.761224] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1724.766101] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1724.771306] RIP: 0033:0x455a09 [ 1724.774508] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1724.782366] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1724.789768] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1724.797037] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1724.804316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1724.811574] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:09 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:09 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:02:09 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000600000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:09 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:09 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x101000) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0xe6}], 0x1) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYPTR64], 0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x4, 0x5, 0x6}, &(0x7f0000000080)=0x10) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0x1d}, 0xffffffffffffff93) 2018/05/15 14:02:09 executing program 4 (fault-call:0 fault-nth:13): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1725.391517] FAULT_INJECTION: forcing a failure. [ 1725.391517] name failslab, interval 1, probability 0, space 0, times 0 [ 1725.402841] CPU: 0 PID: 2598 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1725.410048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1725.419412] Call Trace: [ 1725.422025] dump_stack+0x1b9/0x294 [ 1725.425688] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1725.430906] should_fail.cold.4+0xa/0x1a [ 1725.434998] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1725.440125] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1725.445350] ? is_bpf_text_address+0xd7/0x170 [ 1725.449870] ? find_held_lock+0x36/0x1c0 [ 1725.453965] ? check_same_owner+0x320/0x320 [ 1725.458303] ? kasan_slab_free+0xe/0x10 [ 1725.462290] ? kmem_cache_free+0x86/0x2d0 [ 1725.466446] ? putname+0xf2/0x130 [ 1725.469915] ? rcu_note_context_switch+0x710/0x710 [ 1725.474850] ? ksys_mount+0x12d/0x140 [ 1725.478659] ? __x64_sys_mount+0xbe/0x150 [ 1725.481451] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1725.482811] ? do_syscall_64+0x1b1/0x800 [ 1725.482832] __should_failslab+0x124/0x180 [ 1725.482852] should_failslab+0x9/0x14 [ 1725.482872] kmem_cache_alloc+0x2af/0x760 [ 1725.507822] ? kasan_check_write+0x14/0x20 [ 1725.512067] ? do_raw_spin_lock+0xc1/0x200 [ 1725.516310] alloc_vfsmnt+0xe0/0x9d0 [ 1725.520026] ? mnt_free_id.isra.27+0x60/0x60 [ 1725.524444] ? kasan_check_read+0x11/0x20 [ 1725.528596] ? graph_lock+0x170/0x170 [ 1725.532443] ? rcu_pm_notify+0xc0/0xc0 [ 1725.536338] ? trace_hardirqs_off+0xd/0x10 [ 1725.540584] ? putname+0xf2/0x130 [ 1725.544098] ? putname+0xf2/0x130 [ 1725.547567] ? find_held_lock+0x36/0x1c0 [ 1725.551639] ? lock_downgrade+0x8e0/0x8e0 [ 1725.555788] ? module_unload_free+0x5b0/0x5b0 [ 1725.560289] ? lock_release+0xa10/0xa10 [ 1725.564277] ? mpi_free.cold.1+0x19/0x19 [ 1725.568351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1725.573907] vfs_kern_mount.part.34+0x88/0x4d0 [ 1725.578503] ? may_umount+0xb0/0xb0 [ 1725.582133] ? _raw_read_unlock+0x22/0x30 [ 1725.586287] ? __get_fs_type+0x97/0xc0 [ 1725.590182] do_mount+0x564/0x3070 [ 1725.593732] ? copy_mount_string+0x40/0x40 [ 1725.597977] ? rcu_pm_notify+0xc0/0xc0 [ 1725.601880] ? copy_mount_options+0x5f/0x380 [ 1725.606403] ? rcu_read_lock_sched_held+0x108/0x120 [ 1725.611414] ? kmem_cache_alloc_trace+0x616/0x780 [ 1725.616245] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1725.621770] ? _copy_from_user+0xdf/0x150 [ 1725.625907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1725.631429] ? copy_mount_options+0x285/0x380 [ 1725.635909] ksys_mount+0x12d/0x140 [ 1725.639522] __x64_sys_mount+0xbe/0x150 [ 1725.643479] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1725.648496] do_syscall_64+0x1b1/0x800 [ 1725.652372] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1725.657205] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1725.662129] ? syscall_return_slowpath+0x30f/0x5c0 [ 1725.667053] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1725.672408] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1725.677236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1725.682406] RIP: 0033:0x455a09 [ 1725.685581] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1725.693289] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1725.700555] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1725.707815] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1725.715073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1725.722327] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:10 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:10 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000040000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:10 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000ffffffe400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:10 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:10 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:10 executing program 4 (fault-call:0 fault-nth:14): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:10 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x4000, 0x0) setsockopt$ipx_IPX_TYPE(r0, 0x100, 0x1, &(0x7f0000000080)=0x62, 0x4) 2018/05/15 14:02:10 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x3f000000) [ 1726.454892] FAULT_INJECTION: forcing a failure. [ 1726.454892] name failslab, interval 1, probability 0, space 0, times 0 [ 1726.466194] CPU: 1 PID: 2631 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1726.473392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1726.482180] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1726.482749] Call Trace: [ 1726.482776] dump_stack+0x1b9/0x294 [ 1726.482797] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1726.482821] should_fail.cold.4+0xa/0x1a [ 1726.482839] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1726.512174] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1726.517387] ? is_bpf_text_address+0xd7/0x170 [ 1726.521901] ? find_held_lock+0x36/0x1c0 [ 1726.525998] ? check_same_owner+0x320/0x320 [ 1726.530331] ? kasan_slab_free+0xe/0x10 [ 1726.534316] ? kmem_cache_free+0x86/0x2d0 [ 1726.538483] ? putname+0xf2/0x130 [ 1726.540429] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:10 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1726.541945] ? rcu_note_context_switch+0x710/0x710 [ 1726.541962] ? ksys_mount+0x12d/0x140 [ 1726.541977] ? __x64_sys_mount+0xbe/0x150 [ 1726.541993] ? do_syscall_64+0x1b1/0x800 [ 1726.542013] __should_failslab+0x124/0x180 [ 1726.571857] should_failslab+0x9/0x14 [ 1726.575671] kmem_cache_alloc+0x2af/0x760 [ 1726.579834] ? kasan_check_write+0x14/0x20 [ 1726.584081] ? do_raw_spin_lock+0xc1/0x200 [ 1726.588329] alloc_vfsmnt+0xe0/0x9d0 [ 1726.592049] ? mnt_free_id.isra.27+0x60/0x60 [ 1726.596469] ? kasan_check_read+0x11/0x20 [ 1726.600625] ? graph_lock+0x170/0x170 [ 1726.604433] ? rcu_pm_notify+0xc0/0xc0 [ 1726.608329] ? trace_hardirqs_off+0xd/0x10 [ 1726.612581] ? putname+0xf2/0x130 [ 1726.616051] ? putname+0xf2/0x130 [ 1726.619516] ? find_held_lock+0x36/0x1c0 [ 1726.623590] ? lock_downgrade+0x8e0/0x8e0 [ 1726.627748] ? module_unload_free+0x5b0/0x5b0 [ 1726.632254] ? lock_release+0xa10/0xa10 [ 1726.636240] ? mpi_free.cold.1+0x19/0x19 [ 1726.640319] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1726.645865] vfs_kern_mount.part.34+0x88/0x4d0 [ 1726.650465] ? may_umount+0xb0/0xb0 [ 1726.654096] ? _raw_read_unlock+0x22/0x30 [ 1726.658249] ? __get_fs_type+0x97/0xc0 [ 1726.662147] do_mount+0x564/0x3070 [ 1726.665692] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1726.670109] ? copy_mount_string+0x40/0x40 [ 1726.674350] ? rcu_pm_notify+0xc0/0xc0 [ 1726.678255] ? copy_mount_options+0x5f/0x380 [ 1726.682671] ? rcu_read_lock_sched_held+0x108/0x120 [ 1726.687695] ? kmem_cache_alloc_trace+0x616/0x780 [ 1726.692550] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1726.698102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1726.703644] ? copy_mount_options+0x285/0x380 [ 1726.708150] ksys_mount+0x12d/0x140 [ 1726.711791] __x64_sys_mount+0xbe/0x150 [ 1726.715776] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1726.720800] do_syscall_64+0x1b1/0x800 [ 1726.724690] ? finish_task_switch+0x1ca/0x840 [ 1726.729183] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1726.734114] ? syscall_return_slowpath+0x30f/0x5c0 [ 1726.739056] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1726.744434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1726.749295] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1726.754475] RIP: 0033:0x455a09 [ 1726.757648] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1726.765338] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1726.772596] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1726.779857] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1726.787110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1726.794367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:35 executing program 4 (fault-call:0 fault-nth:15): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:35 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530f4", 0x0) close(r0) 2018/05/15 14:02:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f00000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:35 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x40000020) 2018/05/15 14:02:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000780300000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:35 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) ioctl$DRM_IOCTL_IRQ_BUSID(r0, 0xc0106403, &(0x7f0000000080)={0x81, 0xe0000000000, 0x7, 0x8}) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='~'], 0x1) [ 1751.332057] FAULT_INJECTION: forcing a failure. [ 1751.332057] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1751.344051] CPU: 0 PID: 2677 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1751.351251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1751.360613] Call Trace: [ 1751.363222] dump_stack+0x1b9/0x294 [ 1751.366868] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1751.372079] should_fail.cold.4+0xa/0x1a [ 1751.376162] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1751.381294] ? pcpu_balance_workfn+0x16d0/0x16d0 [ 1751.386081] ? find_held_lock+0x36/0x1c0 [ 1751.390187] ? check_same_owner+0x320/0x320 [ 1751.394531] ? __lockdep_init_map+0x105/0x590 [ 1751.399045] ? rcu_note_context_switch+0x710/0x710 [ 1751.403990] ? lockdep_init_map+0x9/0x10 [ 1751.408081] ? __might_sleep+0x95/0x190 [ 1751.412090] __alloc_pages_nodemask+0x34e/0xd70 [ 1751.416782] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1751.421815] ? retint_kernel+0x10/0x10 [ 1751.425723] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1751.430764] ? retint_kernel+0x10/0x10 [ 1751.434674] ? policy_nodemask+0x56/0x1b0 [ 1751.438841] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1751.444399] alloc_pages_current+0x10c/0x210 [ 1751.448832] __get_free_pages+0xf/0x40 [ 1751.452736] get_zeroed_page+0x11/0x20 [ 1751.456622] mount_fs+0x210/0x328 [ 1751.460069] ? mpi_free.cold.1+0x19/0x19 [ 1751.464126] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1751.468880] ? may_umount+0xb0/0xb0 [ 1751.472496] ? _raw_read_unlock+0x22/0x30 [ 1751.476630] ? __get_fs_type+0x97/0xc0 [ 1751.480508] do_mount+0x564/0x3070 [ 1751.484042] ? copy_mount_string+0x40/0x40 [ 1751.488264] ? rcu_pm_notify+0xc0/0xc0 [ 1751.492153] ? copy_mount_options+0x5f/0x380 [ 1751.496561] ? rcu_read_lock_sched_held+0x108/0x120 [ 1751.501565] ? kmem_cache_alloc_trace+0x616/0x780 [ 1751.506397] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1751.511922] ? _copy_from_user+0xdf/0x150 [ 1751.516060] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.521591] ? copy_mount_options+0x285/0x380 [ 1751.526085] ksys_mount+0x12d/0x140 [ 1751.529703] __x64_sys_mount+0xbe/0x150 [ 1751.533662] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1751.538667] do_syscall_64+0x1b1/0x800 [ 1751.542540] ? finish_task_switch+0x1ca/0x840 [ 1751.547026] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1751.551941] ? syscall_return_slowpath+0x30f/0x5c0 [ 1751.556860] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1751.562215] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1751.567048] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1751.572221] RIP: 0033:0x455a09 [ 1751.575394] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:02:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1751.583086] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1751.590346] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1751.597600] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1751.604854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1751.612109] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000880000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:02:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:35 executing program 4 (fault-call:0 fault-nth:16): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1751.673784] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1751.733905] FAULT_INJECTION: forcing a failure. [ 1751.733905] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1751.745896] CPU: 1 PID: 2705 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1751.753095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1751.762465] Call Trace: [ 1751.765076] dump_stack+0x1b9/0x294 [ 1751.768731] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1751.773956] should_fail.cold.4+0xa/0x1a [ 1751.778040] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1751.783169] ? pcpu_balance_workfn+0x16d0/0x16d0 [ 1751.787948] ? find_held_lock+0x36/0x1c0 [ 1751.792042] ? check_same_owner+0x320/0x320 [ 1751.796379] ? __lockdep_init_map+0x105/0x590 [ 1751.800893] ? rcu_note_context_switch+0x710/0x710 [ 1751.805842] ? lockdep_init_map+0x9/0x10 [ 1751.809918] ? __might_sleep+0x95/0x190 [ 1751.813911] __alloc_pages_nodemask+0x34e/0xd70 [ 1751.818600] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1751.823635] ? kasan_check_read+0x11/0x20 [ 1751.827811] ? rcu_pm_notify+0xc0/0xc0 2018/05/15 14:02:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b00000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1751.831712] ? trace_hardirqs_off+0xd/0x10 [ 1751.835973] ? putname+0xf2/0x130 [ 1751.839460] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1751.845022] alloc_pages_current+0x10c/0x210 [ 1751.849454] __get_free_pages+0xf/0x40 [ 1751.853361] get_zeroed_page+0x11/0x20 [ 1751.857266] mount_fs+0x210/0x328 [ 1751.860740] ? mpi_free.cold.1+0x19/0x19 [ 1751.864828] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1751.869428] ? may_umount+0xb0/0xb0 [ 1751.873067] ? _raw_read_unlock+0x22/0x30 [ 1751.877225] ? __get_fs_type+0x97/0xc0 [ 1751.881137] do_mount+0x564/0x3070 2018/05/15 14:02:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000880000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1751.884705] ? copy_mount_string+0x40/0x40 [ 1751.888959] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1751.893735] ? retint_kernel+0x10/0x10 [ 1751.897656] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 1751.903215] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1751.908764] ? copy_mount_options+0x285/0x380 [ 1751.913287] ksys_mount+0x12d/0x140 [ 1751.916936] __x64_sys_mount+0xbe/0x150 [ 1751.920929] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1751.925969] do_syscall_64+0x1b1/0x800 [ 1751.929878] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1751.934754] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1751.939707] ? syscall_return_slowpath+0x30f/0x5c0 [ 1751.944654] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1751.950044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1751.954906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1751.960091] RIP: 0033:0x455a09 [ 1751.963271] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1751.970979] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1751.978244] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1751.985496] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1751.992749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1752.000015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:02:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000400000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1752.055241] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:02:59 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:59 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000001a80)=ANY=[@ANYPTR, @ANYRES32=r0, @ANYRES64, @ANYRES64=r0, @ANYRES16=r0, @ANYRES16=r0, @ANYBLOB="adc401c42e5f10299b354743ae89ec22b797927cb28473d2daad823ef9107ceb16dd9adbe6e50a27877e89608366dad40426211ce7e192a81d8dd61ada84950cd5b273712887b2dc4d2286a6633f89695a1b44dc805df362d7a4db099ed015aa1438d8d293b74127d183e38a3f60802b540ad64aea246ca8e76ec157398a9af0fc71481ffe3669c86f61ad08e374eb526f29ceeb572914643ebab3483507c23c518b479acf1645", @ANYPTR=&(0x7f0000001840)=ANY=[@ANYRES32, @ANYPTR=&(0x7f0000000680)=ANY=[@ANYRES32=r0, @ANYPTR, @ANYRES32=r0, @ANYRES64, @ANYRES32=r0], @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRES32, @ANYRES64, @ANYPTR, @ANYRES16=r0, @ANYBLOB="8de777e7b2221ddd98b3a9df1927d62b720927f1e97bbf83fe6e28d931b9003ce0c8e44679ae68b90d0e260f39dd37a1d57cee9569402d34cd8229efe9f1bbcfc8626c2b22d4d86ce8b2e59a975718e0b7d4bcb2254cc6ab0b11dc8b5a557cd63847e24ecb1d3bee57c65e001b579e44fb46afe28e1e32cf4e0ed1132f12db9259fdc92f2066343172b07bab9f676865ab5b2871bd63f62299716d2bdad4a32e2a09645f9dc5e96d30615274b3904ba545e750ac4d2f5fae6f283082059711fc036b6d2567f18a88e95bd21c37d0b932a4c49b16dcf8ad348ed0e88fd4ec33acb74b984e6c6a7e3ab3ef3e9a5f3f0ae1012728ad7a3274b776eca6d0b06c0dd6398261b2d650c5494bada955542bd3804ae2ff218bbcfe95c6080ce8fed635bbc8fd6bf7058b2805b9831bd9eea3956e6fce24fb2e1eea20b19eb436f53908b02717105a3c33e6e9dc53b0f31dbe746ed7297871f1a54f759f3ded1eba728530b3272923f5ba565baca802a9370e3a476f64c16b72b79de3d091e23844a26b09b28ad06afc27d7069124b0c3cf1ade83401dfe8e5d80775ecda7f7be5928538b1c42eda52342d6c9fd46f4ab24eb508e4407a33f4682d010f5aeebb3f71a6b20a96b096d942ec108ccfdfe4a5d892d1ed1b5dfde4deea467d60ce27880775a228cbf09779639eb0f0b33acf12ea501dec1ef236be123aca50c36d3c8d9bfc036350cfd72989f9f1d9ee5aefd0a3a07fdd2aacb81b00db98eb8ad5bb138c81726f073b0eb79b4d163d481bb541e0599720c544506c61cd1f64e0cfb55e8a222a20fee92a57b995540cd047ae9e60d4897364b062e657d1762fa314e647778bf02564f112a930e82e828481c0746919ef739da18129eb43e55c9d5823362374b1b0f53ab3a1ada70aaf2f7a11b157c444185a01f3aab295ca589ba1499b58be9a6e5ad49216235ed5f10b2428f1572090a5fd9f413f2eaeee2dad9d24e00a1c288d626566f5d817127d653af070a965f6767584e978bc7fe10179e112e5c381c861b9be4ff458120161851b882dfe9dc057eb530c7db8d5c8580785f87c5d2d32ce8254fc030ca91dc075eab87592564051d86b94aa1f84d0f45ce67b3951c370a6940d032723b96a3ea8aca9382f2fabbeb8b8a8ce426e86034bc10904152b250bda5a2b171445684e58da65b94f38424c9379c0dd8f050cb2d74d52a56f4e3821998fddc7e2bc66210a386a2904bf90ae455719ce792a449f034301bdd7b4c67f5a5d11e9ec7baf8d8e5ae70d7f7a6bae9344eda5804fa2149a62d96551d2c6c5996fb5c6d911338f839ae31582af9c1d05e1e3ac6b1aa8c9dfed1fc029ba3bc3289fceace48459b8add82095d3be931ed9892c827fa6541b9b98bf3a9769f11f137c34abf63ce9034c761e0493bbc5ca41a294280bde0eebe101011ab3374f8486c5a540ab25759cb75248472166118338c65954300db868bf211a3a1c4460d7126f44e796300190d4418c53dc23b08c0481f1d2116a36cafcc024a0add14877af40321c6d036f493e0ae3e3543307440e01084d41de962bbb956801b5529ba31c6aa34ac780eefb0dc72e0655df1b62ce419aee937b97f106b55bf6aa772e97d9440ea51b9f578caac894f2177ed59bb3aac983a6fbd0804d43a9713f99ab5a97cdaca73ae45c826c38f14a49db563b75fc461d985f40d6a479e26aa182c4f10e188b1494999d3d5ba05178ea193dc964b9c9b9f0c9d0f710c11e441a857f98498d3ada297a457385bd4a16feeb825b211716e741b08574b4861176b33e2a109ed3b8b776d1df0a000a02684b43ed4d23c7f4c3ef89432329ec42525349f383f8afcc217b428b2d93af91c39002bad66bfbe7f15787317b71e7375fe594856a4a448659f422dbbbe674ee233e6e2933daabcdfae2255b76df2677311096f189a8fa1414f65faf0c16640afa5805a4640ea114b2dfa8754be188f07fd9c685bf6fd178be980daa309dafed7b165625d75082025113a192935da3ccaa1d4c8abff5eeb1ddd91f4a396aa30cf8a981e63ed458ab3bbc479733cfbeee509871fcffbb53c428ca0e804b0f0ea2e71a32310a5827e7044ed928a0805d5e393da08888268693a62590476f41f7de8dce863402dd3732bb29db8eefd66f229be9b5a11bbae6ddf0087540191f97aba4265f4b2ff2728023d22fabaef72fda3c12770705dce274d9583941f0fb4a721600e668cd0d15223bd7cf6e26b652da392d8121de429097ee2e308a7df19febcb1bab5ed71cde6c8227f30ebcccf79f915a8df2bff97fec691067b212c9176da8a7221a2a4ff25e5422beb86e3d309e174eb8ecc6d35398baf2d149598d7decdc938a528a3161a39a28cec8a6f0c2508b4c6eddd527929e6f5482fac0ae319720ed148088c10e2c03bc6f4af5cec2a4b24b3524f2a977a372bc9b32a4faedb5443fb3e4cb414632679461ff86f06b055d6e48da1a5e66dd0293a665c369154f65a8134c3c32e01a3aa1f62094a2fb791e2769d0cbd079de6daf765deb18d7a96c774fe11717f104765f494bf482f2024d36eb5059488d9714bd7f6cf74f48a8b44550407bbf969c7593392052c2199e9cab707eb25a37ff5ba62d32e3d40069d914bfdc52e56987d9aeb3b54f041316af0935bbfdaad595e363f70d1ec6cf5fdad537cb1677fe43dbf2638aebff0b69c0e29aa602ca0c23d9a6addc5c1ddef43e2a098f48b2bb44f032245ccb30c4cdc26128f4acdeb7bba7bcf48abf2bdef59ef97592b870e58d8094aff9c9f71562a7b7deae2982d51322535b7b5169c9cd0cb7ffa933a3ce3a731b31d7143dfb6d8f1ab563549cba04da654e929d26ede62bb384102a9c60b7e0a42649b36735cf6ca222c3322af4cde349ec2f8b37aff412900da8b5247bb59ab546ba2daa073841ee743fac6adc19ce74df945b0335e92c7f67f5b8713f81e5fdd61fed549d81d664cde866f2434cc205ea98725a90a76d12ef835be98cf31927350d1942f6ac538ec5cb9739c369805eeeccd4e6afb73d0e5465be703af968130f95f43e90fb7241ec3da808fcc79c053464863671217ab75b67b327fc37fb9904d492aee80821cf4bd7d1e95aa97320cca25e5b2c8fe96dcff0017b4b49d3aabba147a6cb70401cfc259c286d5eade856c2b2e164be09c9d208fe2bd13945d11bc9b88207e10bc5a4b67c874c792d54648b64821ac7f1197d3f94b640442d993df5835f8779328a916947bd2ad00c739ef6e7f4fe56ac8132bb844046f87a5284d1ee5dec624f57b500523cc7ee6225f7ebb51b6f5b67f5c33f70e2ad43be20645694b6088347654972541f4e32258c639988f2a40339f9b10a1b570c8deeb8368f4b6dc3aeced6f3bb53d5c7faa29f852025e0fc5323937fece3883e49b8d99ae34fc6e8ecfe185eadbe3c175fa6e77006e54cd75530c28257fd3ea5626ad5359726afc50dccfb360db1fb2747ee18dbf8a89308c12cd1ab9ecd4b71344826e61ba66161cb992f19cdaae7013eadcaa7ca6806f6964587e802ad8a7c3941116332b1be4b25a0a47fe4d2fa4fbaefe3ad67d79786360b1544fd7937dc3cbb51b12fbc295fdd392a0e1a1e5c61e8011223ed1162551672a82d49da2d4aab64bc6d68fdfd57a61e8b2f6c3e6953694bc5dde64bb81ae92a4f00e8a410674af9940d1c29a078fe662d5917dc3af777a90cc2f18d72ac2436db75740eb4d73ed65bc616f0cec200b56cbcf3250014efd7cae7c1c6fb61e63edc7fa8dfdf8b52afe949a2ca2d193e4197c32c57cfa20cbe886df5e675b0056c561e072eedcdfd4d8cf75d5b72debdca0eaaf94a307b6778556da7e1c7472210bc7e81e74eee307f1315e53b9f4f5c4fe2ad32d890b5018336e3baf246289ec9ed94d83dd5e07941bd60ac09090268e821c5800baa52184e7585f96922dfc5ecfc0c230ccf323b53f4b83016cf9fa7f556fd26e6d3d14f6d87f40f8ad8b9393b091a0f8559964582bcc37b83ecd295336eddb972477bf883bb7f104a52bb616fe0841d881fa2994a679f8668439926aecf057d7fe089849f6e2f71ae44787a07e36cedde1c8f1510d6f2465104fbdebec834cd313984e3b27542be0bff156e81f81831337bf88f426cacd61fa36da14df3dcc1d5a7bded7897d4fece3988812404d7441ef503603d22eef2bbef09076ab5d862267d1ff389a11680500f8608a77b08b65056ce5a2faed4b915b56605f91467d257af4980cff4433bd627f262ffcfdf80bb06da7ddb2e1a3381db3316b7289b431455259750c1c445f8e05e333b7a79b2beb10cbced740cac993e30acb11309ce1e341720542fed60d32f80cc8990f5ca72581829764393aa70eca4426854d6b4f6968844003a873b727a73282d1b618b43ee80cd19f6ee30de95886c15efc55717d7ca828cf7df671dfe79a44bf3cc7eb54c1d44d6508ddb9afe11b194060d7b3a3004803734c413b8a62b6e76dc121eea8be4e9a01fde30bb639533f9b15456aa96e544551042e88e2a9c87e04eec80d24ce2b78185b3fe9f3727feae7d2ca37f066cbc6cf0247c7558133fe2e039e7270dbbf64f5fc8074f12004b65646e3dc67546962507609ba477aba4e278bd47b1e301e97a09a70d68ff5633fac2fc27505d1399064923f0b941e0af7cd53fca30d2427314582f1fc8c7ae1841d673c3f33a1885024b2bfe63d05041693f94e11d0c6486436a1518f0128bd0bf26c3ce5b27599b506a0e95e0998b6e3ffd2d049ae70fda0170e6903484e36b59e29b7d2595f6df329ff05753be5b65581202d2265a031e874537e626bd967efb392aa352969b8accda5008b454375ccabe1582d4d085974d0aa047f09b4b5ecd54958466668478a51f30189366d505247dcedc764d202fabe496bb3c27514b56e5cc5c616bc18215a0f7523317b12fd20b6b0ac00e2b8d936f3675716126c20817ad6b10abf16e6b920dd406648092337da591a9bf0488f2c1dd804f0228e998bf3a92ff6fc08a814ef86536e1708a48c2170b1c53cd40cbe54bdfefb2495b654547563740c5dc242ad87f2f5ec055935a9cd42ab1943823e70441a3d9e65955c111fc90569d247a86a5fb40f2757b908eb78ed535a534c96a9d807123b04286cb303169c07e50abc5b6df7092b81ee5d3955a2e3242d4434f4c8985845b1c7861e021163d7a674e64a60b15a78a101ff0f3acfb6ab011ce6074c0f558a69fa191731c295d2485d1c43622c273c3686a3eefd962e7239e6f93400eae2bc2fae4f9d4e6a440dfbd178b5bb4a9b5db9d4f136471a88eb0a7d2938c925054d95535df86a53ac48e52c25772ff2bacdfadae1a3697f6f595918e39c2b9479ba87a4387d440288f03699945ba6bbadb9a192885301cefd2275200353d97ac6ee02ef77565960189102a30e051b137f2f22c3b9f2c6e63f347152bec3227912f9a25b9f18853496157b93f9482a8c94f7ec8d21318c3df9240073e11940eeaa726704e9ca607ebe8deab8ded6b56c251d32d17b6856113ac4392a8cae58fa72ebb09f569a7989446b7552f7f4da069e5d5c45c1d42fd3d7ac3cdc1638da62d91783946e3bf5ec45506007bccf6656a70c6d68cdea61df329372606b8546aa7a5ef2d4b05bc057f59b6663e6feaa3cd09812b1cf7dbfb40b75f57024f7172624024d6d669b6c71834098d7232ac40e697a194134b625b75b06bcb5d729f739a66fbacf2439e9d0e7b6e3ab0be5266202c90ccf812644a8d58bebf4e3ff0e6930c26e10ef4d1a18"], @ANYRES16=r0, @ANYRES32=r0, @ANYPTR=&(0x7f00000006c0)=ANY=[@ANYRES16=r0, @ANYRES64, @ANYBLOB="97765d3225ec4fa43e90a4d0a5561a2a729c0388c11c1dda35f9332124dea4a8b1d14c1bae23917881cb60833a01cc1463686caf06b217f3"], @ANYRES64=r0, @ANYRES32], @ANYBLOB="9cd4b091bad38726f1cccb1e", @ANYBLOB="3caaf4e44675edea8a31d18b7fe6284947989cf7b195d67892ac35d91cd100fee7189d2ebcd97d50d6fc4c4f0e06fea47b23e09b57"], 0x110) 2018/05/15 14:02:59 executing program 4 (fault-call:0 fault-nth:17): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:02:59 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:02:59 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:02:59 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x40000000) 2018/05/15 14:02:59 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:02:59 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000004000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1776.220268] FAULT_INJECTION: forcing a failure. [ 1776.220268] name failslab, interval 1, probability 0, space 0, times 0 [ 1776.231730] CPU: 0 PID: 2756 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1776.238036] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1776.238930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1776.257050] Call Trace: [ 1776.259668] dump_stack+0x1b9/0x294 [ 1776.263317] ? dump_stack_print_info.cold.2+0x52/0x52 2018/05/15 14:03:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1776.268533] should_fail.cold.4+0xa/0x1a [ 1776.272612] ? should_fail+0x21b/0xbcd [ 1776.276522] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1776.281660] ? pcpu_balance_workfn+0x16d0/0x16d0 [ 1776.286444] ? find_held_lock+0x36/0x1c0 [ 1776.290547] ? check_same_owner+0x320/0x320 [ 1776.294896] ? rcu_note_context_switch+0x710/0x710 [ 1776.299851] __should_failslab+0x124/0x180 [ 1776.304113] should_failslab+0x9/0x14 [ 1776.307935] kmem_cache_alloc+0x2af/0x760 [ 1776.312103] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1776.317148] getname_kernel+0x54/0x370 [ 1776.321061] kern_path+0x1e/0x40 [ 1776.324443] lookup_bdev+0xfa/0x240 [ 1776.328061] ? blkdev_open+0x280/0x280 [ 1776.331945] blkdev_get_by_path+0x1f/0xe0 [ 1776.336084] mount_bdev+0x5d/0x3e0 [ 1776.339619] ? fuse_get_root_inode+0x190/0x190 [ 1776.344211] fuse_mount_blk+0x34/0x40 [ 1776.348001] mount_fs+0xae/0x328 [ 1776.351363] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1776.355932] ? may_umount+0xb0/0xb0 [ 1776.359545] ? _raw_read_unlock+0x22/0x30 [ 1776.363678] ? __get_fs_type+0x97/0xc0 [ 1776.367555] do_mount+0x564/0x3070 [ 1776.371088] ? copy_mount_string+0x40/0x40 [ 1776.375309] ? rcu_pm_notify+0xc0/0xc0 [ 1776.379190] ? copy_mount_options+0x5f/0x380 [ 1776.383589] ? rcu_read_lock_sched_held+0x108/0x120 [ 1776.388593] ? kmem_cache_alloc_trace+0x616/0x780 [ 1776.393440] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1776.398970] ? _copy_from_user+0xdf/0x150 [ 1776.403125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.408650] ? copy_mount_options+0x285/0x380 [ 1776.413131] ksys_mount+0x12d/0x140 [ 1776.416746] __x64_sys_mount+0xbe/0x150 [ 1776.420706] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1776.425714] do_syscall_64+0x1b1/0x800 [ 1776.429591] ? finish_task_switch+0x1ca/0x840 [ 1776.434080] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1776.439000] ? syscall_return_slowpath+0x30f/0x5c0 [ 1776.443934] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1776.449305] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1776.454145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1776.459335] RIP: 0033:0x455a09 [ 1776.462509] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1776.470338] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1776.477591] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1776.484845] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1776.492104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1776.499361] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:00 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x79000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:00 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000020000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:00 executing program 4 (fault-call:0 fault-nth:18): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1776.542358] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:00 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1776.648839] FAULT_INJECTION: forcing a failure. [ 1776.648839] name failslab, interval 1, probability 0, space 0, times 0 [ 1776.660583] CPU: 1 PID: 2782 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1776.667798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1776.677166] Call Trace: [ 1776.679785] dump_stack+0x1b9/0x294 [ 1776.683443] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1776.688661] ? rcu_note_context_switch+0x710/0x710 [ 1776.693624] should_fail.cold.4+0xa/0x1a [ 1776.697719] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1776.702856] ? lock_acquire+0x1dc/0x520 [ 1776.706861] ? graph_lock+0x170/0x170 [ 1776.710698] ? find_held_lock+0x36/0x1c0 [ 1776.714797] ? __lock_is_held+0xb5/0x140 [ 1776.718895] ? check_same_owner+0x320/0x320 [ 1776.721897] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1776.723236] ? rcu_note_context_switch+0x710/0x710 [ 1776.723277] __should_failslab+0x124/0x180 [ 1776.741186] should_failslab+0x9/0x14 [ 1776.745006] kmem_cache_alloc_trace+0x2cb/0x780 [ 1776.749697] ? kasan_check_write+0x14/0x20 [ 1776.753954] ? do_raw_spin_lock+0xc1/0x200 [ 1776.758204] sget_userns+0x1c7/0xf00 [ 1776.761921] ? kill_litter_super+0x90/0x90 [ 1776.766170] ? ns_test_super+0x50/0x50 [ 1776.770071] ? destroy_unused_super.part.11+0x110/0x110 [ 1776.775451] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1776.780053] ? kasan_check_write+0x14/0x20 [ 1776.784308] ? do_raw_spin_lock+0xc1/0x200 [ 1776.788568] ? blkdev_get+0xc0/0xb30 [ 1776.792306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 2018/05/15 14:03:00 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1776.797860] ? cap_capable+0x1f9/0x260 [ 1776.801784] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.807342] ? security_capable+0x99/0xc0 [ 1776.811516] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.817074] ? ns_capable_common+0x13f/0x170 [ 1776.821504] ? kill_litter_super+0x90/0x90 [ 1776.825758] sget+0x10b/0x150 [ 1776.828878] ? ns_test_super+0x50/0x50 [ 1776.832784] mount_bdev+0x111/0x3e0 [ 1776.836421] ? fuse_get_root_inode+0x190/0x190 [ 1776.841024] fuse_mount_blk+0x34/0x40 [ 1776.844853] mount_fs+0xae/0x328 [ 1776.848235] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1776.852815] ? may_umount+0xb0/0xb0 [ 1776.856432] ? _raw_read_unlock+0x22/0x30 [ 1776.860568] ? __get_fs_type+0x97/0xc0 [ 1776.864450] do_mount+0x564/0x3070 [ 1776.867985] ? copy_mount_string+0x40/0x40 [ 1776.872215] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1776.876965] ? retint_kernel+0x10/0x10 [ 1776.880854] ? copy_mount_options+0x1e3/0x380 [ 1776.885339] ? write_comp_data+0x70/0x70 [ 1776.889388] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1776.894914] ? copy_mount_options+0x285/0x380 [ 1776.899402] ksys_mount+0x12d/0x140 [ 1776.903027] __x64_sys_mount+0xbe/0x150 [ 1776.906989] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1776.911994] do_syscall_64+0x1b1/0x800 [ 1776.915873] ? finish_task_switch+0x1ca/0x840 [ 1776.920359] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1776.925283] ? syscall_return_slowpath+0x30f/0x5c0 [ 1776.930203] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1776.935570] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1776.940402] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1776.945576] RIP: 0033:0x455a09 [ 1776.948769] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1776.956466] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1776.963754] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1776.971014] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1776.978276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1776.985530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:24 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00b00200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:24 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:24 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:24 executing program 4 (fault-call:0 fault-nth:19): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:24 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:24 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530ff", 0x0) close(r0) 2018/05/15 14:03:24 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x3f00) 2018/05/15 14:03:24 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x4, 0x40000) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x0}) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x1) ioctl(r1, 0x10001, &(0x7f0000000080)="719fc5034c7ca06b221c845d7ede70391a98d37532586579bb89a463d9f839561f75dcf65ebe22d01843219ddddf0cd0081f31785b6ccf9188b5d15c63aa9e4aa9c6e9965f463767a30495946d09f99e7d588b2b491b0f7bafa128fd8fb0c66817ff20c63147a80f142aff6efec79e317d4249c0555879fcbb115a783803588cfad44fb619cb83995ea5b022d0683de2329d09a18e4a7eba94b7bd35a8ae27af54dfb37e8d79ecd8") [ 1801.230674] FAULT_INJECTION: forcing a failure. [ 1801.230674] name failslab, interval 1, probability 0, space 0, times 0 [ 1801.241997] CPU: 0 PID: 2813 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1801.249202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1801.258602] Call Trace: [ 1801.261236] dump_stack+0x1b9/0x294 [ 1801.264885] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1801.270106] ? rcu_note_context_switch+0x710/0x710 [ 1801.275050] should_fail.cold.4+0xa/0x1a [ 1801.279129] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1801.284254] ? lock_acquire+0x1dc/0x520 [ 1801.288246] ? graph_lock+0x170/0x170 [ 1801.292066] ? find_held_lock+0x36/0x1c0 [ 1801.296141] ? __lock_is_held+0xb5/0x140 [ 1801.300276] ? check_same_owner+0x320/0x320 [ 1801.304613] ? rcu_note_context_switch+0x710/0x710 [ 1801.309564] __should_failslab+0x124/0x180 [ 1801.313816] should_failslab+0x9/0x14 [ 1801.317629] kmem_cache_alloc_trace+0x2cb/0x780 [ 1801.322311] ? kasan_check_write+0x14/0x20 [ 1801.326574] ? do_raw_spin_lock+0xc1/0x200 [ 1801.330849] sget_userns+0x1c7/0xf00 [ 1801.334573] ? kill_litter_super+0x90/0x90 [ 1801.338819] ? ns_test_super+0x50/0x50 [ 1801.342721] ? destroy_unused_super.part.11+0x110/0x110 [ 1801.348104] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1801.352706] ? kasan_check_write+0x14/0x20 [ 1801.356962] ? do_raw_spin_lock+0xc1/0x200 [ 1801.361218] ? blkdev_get+0xc0/0xb30 [ 1801.364950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.370490] ? cap_capable+0x1f9/0x260 [ 1801.374384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.379914] ? security_capable+0x99/0xc0 [ 1801.384058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.389587] ? ns_capable_common+0x13f/0x170 [ 1801.393985] ? kill_litter_super+0x90/0x90 [ 1801.398227] sget+0x10b/0x150 [ 1801.401320] ? ns_test_super+0x50/0x50 [ 1801.405197] mount_bdev+0x111/0x3e0 [ 1801.408809] ? fuse_get_root_inode+0x190/0x190 [ 1801.413380] fuse_mount_blk+0x34/0x40 [ 1801.417170] mount_fs+0xae/0x328 [ 1801.420526] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1801.425092] ? may_umount+0xb0/0xb0 [ 1801.428717] ? _raw_read_unlock+0x22/0x30 [ 1801.432846] ? __get_fs_type+0x97/0xc0 [ 1801.436721] do_mount+0x564/0x3070 [ 1801.440247] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1801.444644] ? copy_mount_string+0x40/0x40 [ 1801.448862] ? rcu_pm_notify+0xc0/0xc0 [ 1801.452737] ? copy_mount_options+0x5f/0x380 [ 1801.457132] ? rcu_read_lock_sched_held+0x108/0x120 [ 1801.462133] ? kmem_cache_alloc_trace+0x616/0x780 [ 1801.466963] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1801.472488] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.478025] ? copy_mount_options+0x285/0x380 [ 1801.482506] ksys_mount+0x12d/0x140 [ 1801.486118] __x64_sys_mount+0xbe/0x150 [ 1801.490077] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1801.495082] do_syscall_64+0x1b1/0x800 [ 1801.498962] ? finish_task_switch+0x1ca/0x840 [ 1801.503445] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1801.508359] ? syscall_return_slowpath+0x30f/0x5c0 [ 1801.513275] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1801.518625] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1801.523455] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1801.528627] RIP: 0033:0x455a09 2018/05/15 14:03:25 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000008800000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:25 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9cffffff00000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:25 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000020000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1801.531798] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1801.539493] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1801.546746] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1801.554011] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1801.561268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1801.568519] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1801.615292] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:25 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:25 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:25 executing program 4 (fault-call:0 fault-nth:20): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:25 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1801.736198] FAULT_INJECTION: forcing a failure. [ 1801.736198] name failslab, interval 1, probability 0, space 0, times 0 [ 1801.747573] CPU: 1 PID: 2854 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1801.754767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1801.764133] Call Trace: [ 1801.766735] dump_stack+0x1b9/0x294 [ 1801.770379] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1801.775586] ? rcu_note_context_switch+0x710/0x710 [ 1801.780530] should_fail.cold.4+0xa/0x1a [ 1801.784608] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1801.789728] ? lock_acquire+0x1dc/0x520 [ 1801.793723] ? graph_lock+0x170/0x170 [ 1801.797540] ? find_held_lock+0x36/0x1c0 [ 1801.801614] ? __lock_is_held+0xb5/0x140 [ 1801.805710] ? check_same_owner+0x320/0x320 [ 1801.810047] ? rcu_note_context_switch+0x710/0x710 [ 1801.813372] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1801.814985] __should_failslab+0x124/0x180 [ 1801.815007] should_failslab+0x9/0x14 [ 1801.815026] kmem_cache_alloc_trace+0x2cb/0x780 [ 1801.815044] ? kasan_check_write+0x14/0x20 [ 1801.815058] ? do_raw_spin_lock+0xc1/0x200 [ 1801.815076] sget_userns+0x1c7/0xf00 [ 1801.848678] ? kill_litter_super+0x90/0x90 [ 1801.852927] ? ns_test_super+0x50/0x50 [ 1801.856828] ? destroy_unused_super.part.11+0x110/0x110 [ 1801.862201] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1801.866794] ? kasan_check_write+0x14/0x20 [ 1801.871042] ? do_raw_spin_lock+0xc1/0x200 [ 1801.875292] ? blkdev_get+0xc0/0xb30 [ 1801.879020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.884566] ? cap_capable+0x1f9/0x260 [ 1801.888472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.894018] ? security_capable+0x99/0xc0 [ 1801.898183] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.903733] ? ns_capable_common+0x13f/0x170 [ 1801.908145] ? kill_litter_super+0x90/0x90 [ 1801.912367] sget+0x10b/0x150 [ 1801.915466] ? ns_test_super+0x50/0x50 [ 1801.919347] mount_bdev+0x111/0x3e0 [ 1801.922988] ? fuse_get_root_inode+0x190/0x190 [ 1801.927577] fuse_mount_blk+0x34/0x40 [ 1801.931363] mount_fs+0xae/0x328 [ 1801.934714] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1801.939282] ? may_umount+0xb0/0xb0 [ 1801.942899] ? _raw_read_unlock+0x22/0x30 [ 1801.947045] ? __get_fs_type+0x97/0xc0 [ 1801.950921] do_mount+0x564/0x3070 [ 1801.954450] ? copy_mount_string+0x40/0x40 [ 1801.958669] ? rcu_pm_notify+0xc0/0xc0 [ 1801.962567] ? copy_mount_options+0x5f/0x380 [ 1801.966971] ? rcu_read_lock_sched_held+0x108/0x120 [ 1801.971972] ? kmem_cache_alloc_trace+0x616/0x780 [ 1801.976801] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1801.982322] ? _copy_from_user+0xdf/0x150 [ 1801.986469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1801.992000] ? copy_mount_options+0x285/0x380 [ 1801.996488] ksys_mount+0x12d/0x140 [ 1802.000102] __x64_sys_mount+0xbe/0x150 [ 1802.004064] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1802.009073] do_syscall_64+0x1b1/0x800 [ 1802.012949] ? finish_task_switch+0x1ca/0x840 [ 1802.017435] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1802.022434] ? syscall_return_slowpath+0x30f/0x5c0 [ 1802.027350] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1802.032702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1802.037530] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1802.042719] RIP: 0033:0x455a09 [ 1802.045900] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1802.053611] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1802.060881] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1802.068155] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1802.075426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1802.082693] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:25 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:25 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x40, 0x0) fcntl$setsig(r1, 0xa, 0x17) ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x2) 2018/05/15 14:03:25 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:25 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:25 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000003780000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:25 executing program 4 (fault-call:0 fault-nth:21): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:25 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x4000) 2018/05/15 14:03:25 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) [ 1802.216671] FAULT_INJECTION: forcing a failure. [ 1802.216671] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.228458] CPU: 1 PID: 2873 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1802.235664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1802.245033] Call Trace: [ 1802.247651] dump_stack+0x1b9/0x294 [ 1802.251302] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1802.256526] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1802.261752] should_fail.cold.4+0xa/0x1a [ 1802.263188] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1802.265823] ? is_bpf_text_address+0xd7/0x170 [ 1802.279152] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1802.284271] ? unwind_get_return_address+0x61/0xa0 [ 1802.289224] ? __save_stack_trace+0x7e/0xd0 [ 1802.293561] ? graph_lock+0x170/0x170 [ 1802.297374] ? find_held_lock+0x36/0x1c0 [ 1802.301442] ? __lock_is_held+0xb5/0x140 [ 1802.305530] ? check_same_owner+0x320/0x320 [ 1802.309882] ? rcu_note_context_switch+0x710/0x710 [ 1802.314836] __should_failslab+0x124/0x180 [ 1802.319085] should_failslab+0x9/0x14 [ 1802.322894] kmem_cache_alloc_trace+0x2cb/0x780 [ 1802.327573] ? __kmalloc_node+0x33/0x70 [ 1802.331558] ? __kmalloc_node+0x33/0x70 [ 1802.335539] ? rcu_read_lock_sched_held+0x108/0x120 [ 1802.340585] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1802.345617] ? kvfree_rcu+0x20/0x20 [ 1802.349251] ? __kmalloc_node+0x47/0x70 [ 1802.353234] __list_lru_init+0x456/0x790 [ 1802.357301] ? list_lru_destroy+0x4c0/0x4c0 [ 1802.361634] ? mark_held_locks+0xc9/0x160 2018/05/15 14:03:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:26 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1802.365793] ? __raw_spin_lock_init+0x1c/0x100 [ 1802.370382] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1802.373116] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1802.375399] ? __lockdep_init_map+0x105/0x590 [ 1802.375417] ? lockdep_init_map+0x9/0x10 [ 1802.375437] sget_userns+0x73a/0xf00 [ 1802.375452] ? kill_litter_super+0x90/0x90 [ 1802.375470] ? ns_test_super+0x50/0x50 [ 1802.375487] ? destroy_unused_super.part.11+0x110/0x110 [ 1802.375504] ? do_raw_spin_trylock+0x1b0/0x1b0 2018/05/15 14:03:26 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1802.375520] ? kasan_check_write+0x14/0x20 [ 1802.375538] ? do_raw_spin_lock+0xc1/0x200 [ 1802.423415] ? blkdev_get+0xc0/0xb30 [ 1802.427179] ? cap_capable+0x1f9/0x260 [ 1802.431078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1802.436626] ? security_capable+0x99/0xc0 [ 1802.440784] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1802.446328] ? ns_capable_common+0x13f/0x170 [ 1802.450747] ? kill_litter_super+0x90/0x90 [ 1802.454988] sget+0x10b/0x150 [ 1802.458102] ? ns_test_super+0x50/0x50 [ 1802.461998] mount_bdev+0x111/0x3e0 2018/05/15 14:03:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1802.465636] ? fuse_get_root_inode+0x190/0x190 [ 1802.470230] fuse_mount_blk+0x34/0x40 [ 1802.474038] mount_fs+0xae/0x328 [ 1802.477421] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1802.482011] ? may_umount+0xb0/0xb0 [ 1802.485645] ? _raw_read_unlock+0x22/0x30 [ 1802.489801] ? __get_fs_type+0x97/0xc0 [ 1802.493707] do_mount+0x564/0x3070 [ 1802.497266] ? copy_mount_string+0x40/0x40 [ 1802.501508] ? rcu_pm_notify+0xc0/0xc0 [ 1802.505410] ? copy_mount_options+0x5f/0x380 [ 1802.509833] ? rcu_read_lock_sched_held+0x108/0x120 [ 1802.514862] ? kmem_cache_alloc_trace+0x616/0x780 [ 1802.519715] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1802.525261] ? _copy_from_user+0xdf/0x150 [ 1802.529420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1802.534962] ? copy_mount_options+0x285/0x380 [ 1802.539467] ksys_mount+0x12d/0x140 [ 1802.543101] __x64_sys_mount+0xbe/0x150 [ 1802.547080] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1802.552102] do_syscall_64+0x1b1/0x800 [ 1802.556046] ? finish_task_switch+0x1ca/0x840 2018/05/15 14:03:26 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:26 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1802.557957] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1802.560543] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1802.560561] ? syscall_return_slowpath+0x30f/0x5c0 [ 1802.560582] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1802.560607] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1802.560628] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1802.560640] RIP: 0033:0x455a09 [ 1802.560648] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1802.605949] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1802.613223] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1802.620502] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1802.627783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1802.635052] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:26 executing program 4 (fault-call:0 fault-nth:22): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:26 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7100}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1802.744085] FAULT_INJECTION: forcing a failure. [ 1802.744085] name failslab, interval 1, probability 0, space 0, times 0 [ 1802.755384] CPU: 1 PID: 2924 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1802.762583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1802.771946] Call Trace: [ 1802.774550] dump_stack+0x1b9/0x294 [ 1802.778213] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1802.783424] ? __save_stack_trace+0x7e/0xd0 [ 1802.787766] should_fail.cold.4+0xa/0x1a [ 1802.791845] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1802.796971] ? save_stack+0x43/0xd0 [ 1802.800616] ? kasan_kmalloc+0xc4/0xe0 [ 1802.804527] ? kmem_cache_alloc_trace+0x152/0x780 [ 1802.809379] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1802.814583] ? __list_lru_init+0x456/0x790 [ 1802.818826] ? sget_userns+0x73a/0xf00 [ 1802.822726] ? graph_lock+0x170/0x170 [ 1802.826536] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1802.831307] ? do_mount+0x564/0x3070 [ 1802.835029] ? ksys_mount+0x12d/0x140 [ 1802.838841] ? __x64_sys_mount+0xbe/0x150 [ 1802.842989] ? do_syscall_64+0x1b1/0x800 [ 1802.847051] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1802.852402] ? find_held_lock+0x36/0x1c0 [ 1802.856453] ? __lock_is_held+0xb5/0x140 [ 1802.860508] ? check_same_owner+0x320/0x320 [ 1802.864820] ? rcu_note_context_switch+0x710/0x710 [ 1802.869745] __should_failslab+0x124/0x180 [ 1802.873993] should_failslab+0x9/0x14 [ 1802.877790] kmem_cache_alloc_trace+0x2cb/0x780 [ 1802.882455] ? __kmalloc_node+0x33/0x70 [ 1802.886419] ? __kmalloc_node+0x33/0x70 [ 1802.890380] ? rcu_read_lock_sched_held+0x108/0x120 [ 1802.895388] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1802.900398] ? kvfree_rcu+0x20/0x20 [ 1802.904036] ? __kmalloc_node+0x47/0x70 [ 1802.908002] __list_lru_init+0x456/0x790 [ 1802.912062] ? list_lru_destroy+0x4c0/0x4c0 [ 1802.916369] ? mark_held_locks+0xc9/0x160 [ 1802.920502] ? __raw_spin_lock_init+0x1c/0x100 [ 1802.925070] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1802.930080] ? __lockdep_init_map+0x105/0x590 [ 1802.934573] ? lockdep_init_map+0x9/0x10 [ 1802.938621] sget_userns+0x73a/0xf00 [ 1802.942326] ? kill_litter_super+0x90/0x90 [ 1802.946562] ? ns_test_super+0x50/0x50 [ 1802.950436] ? destroy_unused_super.part.11+0x110/0x110 [ 1802.955783] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1802.960355] ? kasan_check_write+0x14/0x20 [ 1802.964575] ? do_raw_spin_lock+0xc1/0x200 [ 1802.968807] ? blkdev_get+0xc0/0xb30 [ 1802.972518] ? cap_capable+0x1f9/0x260 [ 1802.976414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1802.981936] ? security_capable+0x99/0xc0 [ 1802.986075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1802.991598] ? ns_capable_common+0x13f/0x170 [ 1802.995996] ? kill_litter_super+0x90/0x90 [ 1803.000227] sget+0x10b/0x150 [ 1803.003323] ? ns_test_super+0x50/0x50 [ 1803.007193] mount_bdev+0x111/0x3e0 [ 1803.010804] ? fuse_get_root_inode+0x190/0x190 [ 1803.015643] fuse_mount_blk+0x34/0x40 [ 1803.019448] mount_fs+0xae/0x328 [ 1803.022823] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1803.027404] ? may_umount+0xb0/0xb0 [ 1803.031033] ? _raw_read_unlock+0x22/0x30 [ 1803.035183] ? __get_fs_type+0x97/0xc0 [ 1803.039082] do_mount+0x564/0x3070 [ 1803.042632] ? copy_mount_string+0x40/0x40 [ 1803.046866] ? rcu_pm_notify+0xc0/0xc0 [ 1803.050761] ? copy_mount_options+0x5f/0x380 [ 1803.055169] ? rcu_read_lock_sched_held+0x108/0x120 [ 1803.060192] ? kmem_cache_alloc_trace+0x616/0x780 [ 1803.065055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1803.070605] ? copy_mount_options+0x285/0x380 [ 1803.075108] ksys_mount+0x12d/0x140 [ 1803.078724] __x64_sys_mount+0xbe/0x150 [ 1803.082686] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1803.087705] do_syscall_64+0x1b1/0x800 [ 1803.091602] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1803.096538] ? syscall_return_slowpath+0x30f/0x5c0 [ 1803.101487] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1803.106847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1803.111676] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1803.116853] RIP: 0033:0x455a09 [ 1803.120032] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1803.127730] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1803.134993] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1803.142268] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1803.149527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1803.156783] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1803.171359] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:26 executing program 4 (fault-call:0 fault-nth:23): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:26 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x3f00000000000000) 2018/05/15 14:03:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:26 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:03:26 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, {0x1, @random="828922597287"}, 0x10, {0x2, 0x4e21, @multicast2=0xe0000002}, 'erspan0\x00'}) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:03:26 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:26 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:26 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000300000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1803.278378] FAULT_INJECTION: forcing a failure. [ 1803.278378] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.289740] CPU: 0 PID: 2948 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1803.296942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1803.306318] Call Trace: [ 1803.308935] dump_stack+0x1b9/0x294 [ 1803.312587] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1803.317796] ? __save_stack_trace+0x7e/0xd0 [ 1803.322152] should_fail.cold.4+0xa/0x1a [ 1803.323966] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1803.326230] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1803.326251] ? save_stack+0x43/0xd0 [ 1803.326267] ? kasan_kmalloc+0xc4/0xe0 [ 1803.326283] ? kmem_cache_alloc_trace+0x152/0x780 [ 1803.326298] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1803.326315] ? __list_lru_init+0x456/0x790 [ 1803.361887] ? sget_userns+0x73a/0xf00 [ 1803.365791] ? graph_lock+0x170/0x170 [ 1803.369621] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1803.374385] ? do_mount+0x564/0x3070 [ 1803.378105] ? ksys_mount+0x12d/0x140 [ 1803.381913] ? __x64_sys_mount+0xbe/0x150 [ 1803.386068] ? do_syscall_64+0x1b1/0x800 [ 1803.390138] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1803.395504] ? find_held_lock+0x36/0x1c0 [ 1803.399568] ? __lock_is_held+0xb5/0x140 [ 1803.403645] ? check_same_owner+0x320/0x320 [ 1803.407977] ? rcu_note_context_switch+0x710/0x710 [ 1803.412913] __should_failslab+0x124/0x180 [ 1803.417152] should_failslab+0x9/0x14 [ 1803.420963] kmem_cache_alloc_trace+0x2cb/0x780 [ 1803.425638] ? __kmalloc_node+0x33/0x70 [ 1803.429614] ? __kmalloc_node+0x33/0x70 [ 1803.433596] ? rcu_read_lock_sched_held+0x108/0x120 [ 1803.438635] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1803.443663] ? kvfree_rcu+0x20/0x20 [ 1803.447297] ? __kmalloc_node+0x47/0x70 [ 1803.451285] __list_lru_init+0x456/0x790 [ 1803.455353] ? list_lru_destroy+0x4c0/0x4c0 [ 1803.459854] ? mark_held_locks+0xc9/0x160 [ 1803.464015] ? __raw_spin_lock_init+0x1c/0x100 [ 1803.468614] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1803.473653] ? __lockdep_init_map+0x105/0x590 [ 1803.478155] ? lockdep_init_map+0x9/0x10 [ 1803.482221] sget_userns+0x73a/0xf00 [ 1803.485945] ? kill_litter_super+0x90/0x90 [ 1803.490186] ? ns_test_super+0x50/0x50 [ 1803.494085] ? destroy_unused_super.part.11+0x110/0x110 [ 1803.499450] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1803.504033] ? kasan_check_write+0x14/0x20 [ 1803.508260] ? do_raw_spin_lock+0xc1/0x200 [ 1803.512486] ? blkdev_get+0xc0/0xb30 [ 1803.516188] ? cap_capable+0x1f9/0x260 [ 1803.520072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1803.525596] ? security_capable+0x99/0xc0 [ 1803.529739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1803.535259] ? ns_capable_common+0x13f/0x170 [ 1803.539654] ? kill_litter_super+0x90/0x90 [ 1803.543959] sget+0x10b/0x150 [ 1803.547058] ? ns_test_super+0x50/0x50 [ 1803.550936] mount_bdev+0x111/0x3e0 [ 1803.554549] ? fuse_get_root_inode+0x190/0x190 [ 1803.559118] fuse_mount_blk+0x34/0x40 [ 1803.562935] mount_fs+0xae/0x328 [ 1803.566289] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1803.570860] ? may_umount+0xb0/0xb0 [ 1803.574475] ? _raw_read_unlock+0x22/0x30 [ 1803.578609] ? __get_fs_type+0x97/0xc0 [ 1803.582484] do_mount+0x564/0x3070 [ 1803.586029] ? interrupt_entry+0xb1/0xf0 [ 1803.590085] ? copy_mount_string+0x40/0x40 [ 1803.594310] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1803.599055] ? retint_kernel+0x10/0x10 [ 1803.602949] ? copy_mount_options+0x1f0/0x380 [ 1803.607438] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 1803.612281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1803.617801] ? copy_mount_options+0x285/0x380 [ 1803.622284] ksys_mount+0x12d/0x140 [ 1803.625902] __x64_sys_mount+0xbe/0x150 [ 1803.629864] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1803.634869] do_syscall_64+0x1b1/0x800 [ 1803.638766] ? finish_task_switch+0x1ca/0x840 [ 1803.643254] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1803.648170] ? syscall_return_slowpath+0x30f/0x5c0 [ 1803.653088] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1803.658438] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1803.663268] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1803.668440] RIP: 0033:0x455a09 [ 1803.671613] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:03:27 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000feffff070000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:27 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000ecf400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:27 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:27 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000030000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1803.679317] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1803.686569] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1803.693832] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1803.701085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1803.708353] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:27 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:27 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000100000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:27 executing program 4 (fault-call:0 fault-nth:24): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1803.728256] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:27 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:27 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1803.851283] FAULT_INJECTION: forcing a failure. [ 1803.851283] name failslab, interval 1, probability 0, space 0, times 0 [ 1803.862682] CPU: 1 PID: 2987 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1803.869881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1803.879241] Call Trace: [ 1803.881850] dump_stack+0x1b9/0x294 [ 1803.885509] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1803.890721] ? __save_stack_trace+0x7e/0xd0 [ 1803.895109] should_fail.cold.4+0xa/0x1a [ 1803.899199] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1803.904324] ? save_stack+0x43/0xd0 [ 1803.907966] ? kasan_kmalloc+0xc4/0xe0 [ 1803.911870] ? kmem_cache_alloc_trace+0x152/0x780 [ 1803.916729] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1803.921937] ? __list_lru_init+0x456/0x790 [ 1803.926191] ? sget_userns+0x73a/0xf00 [ 1803.930090] ? graph_lock+0x170/0x170 [ 1803.933891] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1803.938678] ? do_mount+0x564/0x3070 [ 1803.942407] ? ksys_mount+0x12d/0x140 [ 1803.946217] ? __x64_sys_mount+0xbe/0x150 [ 1803.950381] ? do_syscall_64+0x1b1/0x800 [ 1803.951271] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1803.954447] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1803.954473] ? find_held_lock+0x36/0x1c0 [ 1803.954494] ? __lock_is_held+0xb5/0x140 [ 1803.954528] ? check_same_owner+0x320/0x320 [ 1803.981131] ? rcu_note_context_switch+0x710/0x710 [ 1803.986079] __should_failslab+0x124/0x180 [ 1803.990330] should_failslab+0x9/0x14 [ 1803.994142] kmem_cache_alloc_trace+0x2cb/0x780 [ 1803.998819] ? __kmalloc_node+0x33/0x70 [ 1804.002788] ? __kmalloc_node+0x33/0x70 [ 1804.006752] ? rcu_read_lock_sched_held+0x108/0x120 [ 1804.011762] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1804.016768] ? kvfree_rcu+0x20/0x20 [ 1804.020382] ? __kmalloc_node+0x47/0x70 [ 1804.024343] __list_lru_init+0x456/0x790 [ 1804.028391] ? list_lru_destroy+0x4c0/0x4c0 [ 1804.032697] ? mark_held_locks+0xc9/0x160 [ 1804.036832] ? __raw_spin_lock_init+0x1c/0x100 [ 1804.041401] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1804.046402] ? __lockdep_init_map+0x105/0x590 [ 1804.050883] ? lockdep_init_map+0x9/0x10 [ 1804.054939] sget_userns+0x73a/0xf00 [ 1804.058637] ? kill_litter_super+0x90/0x90 [ 1804.062875] ? ns_test_super+0x50/0x50 [ 1804.066748] ? destroy_unused_super.part.11+0x110/0x110 [ 1804.072096] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1804.076664] ? kasan_check_write+0x14/0x20 [ 1804.080884] ? do_raw_spin_lock+0xc1/0x200 [ 1804.085110] ? blkdev_get+0xc0/0xb30 [ 1804.088813] ? cap_capable+0x1f9/0x260 [ 1804.092693] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1804.098215] ? security_capable+0x99/0xc0 [ 1804.102367] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1804.107892] ? ns_capable_common+0x13f/0x170 [ 1804.112284] ? kill_litter_super+0x90/0x90 [ 1804.116505] sget+0x10b/0x150 [ 1804.119597] ? ns_test_super+0x50/0x50 [ 1804.123472] mount_bdev+0x111/0x3e0 [ 1804.127086] ? fuse_get_root_inode+0x190/0x190 [ 1804.131655] fuse_mount_blk+0x34/0x40 [ 1804.135471] mount_fs+0xae/0x328 [ 1804.138834] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1804.143487] ? may_umount+0xb0/0xb0 [ 1804.147115] ? _raw_read_unlock+0x22/0x30 [ 1804.151246] ? __get_fs_type+0x97/0xc0 [ 1804.155120] do_mount+0x564/0x3070 [ 1804.158649] ? copy_mount_string+0x40/0x40 [ 1804.162870] ? rcu_pm_notify+0xc0/0xc0 [ 1804.166754] ? copy_mount_options+0x5f/0x380 [ 1804.171149] ? rcu_read_lock_sched_held+0x108/0x120 [ 1804.176154] ? kmem_cache_alloc_trace+0x616/0x780 [ 1804.181005] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1804.186537] ? _copy_from_user+0xdf/0x150 [ 1804.190674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1804.196194] ? copy_mount_options+0x285/0x380 [ 1804.200678] ksys_mount+0x12d/0x140 [ 1804.204291] __x64_sys_mount+0xbe/0x150 [ 1804.208254] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1804.213279] do_syscall_64+0x1b1/0x800 [ 1804.217157] ? finish_task_switch+0x1ca/0x840 [ 1804.221648] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1804.226581] ? syscall_return_slowpath+0x30f/0x5c0 [ 1804.231501] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1804.236855] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1804.241687] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1804.246859] RIP: 0033:0x455a09 2018/05/15 14:03:28 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x4000000000000000) 2018/05/15 14:03:28 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000200000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1804.250036] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1804.257728] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1804.264980] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1804.272234] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1804.279487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1804.286739] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:29 executing program 4 (fault-call:0 fault-nth:25): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:29 executing program 2: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f0000000240)={'filter\x00', 0x0, 0x4, 0xb5, [], 0x6, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000180)=""/181}, &(0x7f00000002c0)=0x78) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000080)={0x6, 0xfffffffffffffff7, 0x401, 0x4, 0x9, 0x1f, 0x7ff}, 0xc) 2018/05/15 14:03:29 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:03:29 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:29 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:29 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x100000000000000) 2018/05/15 14:03:29 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000001100000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000007fffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1805.450588] FAULT_INJECTION: forcing a failure. [ 1805.450588] name failslab, interval 1, probability 0, space 0, times 0 [ 1805.462072] CPU: 0 PID: 3030 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1805.469275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1805.475444] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1805.478640] Call Trace: [ 1805.478669] dump_stack+0x1b9/0x294 [ 1805.478690] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1805.478708] ? __save_stack_trace+0x7e/0xd0 [ 1805.478730] should_fail.cold.4+0xa/0x1a [ 1805.478746] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1805.478770] ? save_stack+0x43/0xd0 [ 1805.516380] ? kasan_kmalloc+0xc4/0xe0 [ 1805.520311] ? kmem_cache_alloc_trace+0x152/0x780 [ 1805.525176] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1805.530391] ? __list_lru_init+0x456/0x790 [ 1805.534643] ? sget_userns+0x73a/0xf00 [ 1805.538548] ? graph_lock+0x170/0x170 [ 1805.542362] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1805.547130] ? do_mount+0x564/0x3070 [ 1805.550866] ? ksys_mount+0x12d/0x140 [ 1805.554681] ? __x64_sys_mount+0xbe/0x150 [ 1805.558852] ? do_syscall_64+0x1b1/0x800 [ 1805.562927] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1805.568311] ? find_held_lock+0x36/0x1c0 [ 1805.572395] ? __lock_is_held+0xb5/0x140 [ 1805.576492] ? check_same_owner+0x320/0x320 [ 1805.580850] ? rcu_note_context_switch+0x710/0x710 [ 1805.585810] __should_failslab+0x124/0x180 [ 1805.590076] should_failslab+0x9/0x14 [ 1805.593894] kmem_cache_alloc_trace+0x2cb/0x780 2018/05/15 14:03:29 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4300000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:29 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000300000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1805.598583] ? __kmalloc_node+0x33/0x70 [ 1805.602576] ? __kmalloc_node+0x33/0x70 [ 1805.606571] ? rcu_read_lock_sched_held+0x108/0x120 [ 1805.611605] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1805.616645] ? kvfree_rcu+0x20/0x20 [ 1805.620288] ? __kmalloc_node+0x47/0x70 [ 1805.624284] __list_lru_init+0x456/0x790 [ 1805.628372] ? list_lru_destroy+0x4c0/0x4c0 [ 1805.632716] ? mark_held_locks+0xc9/0x160 [ 1805.636893] ? __raw_spin_lock_init+0x1c/0x100 [ 1805.641484] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1805.646495] ? __lockdep_init_map+0x105/0x590 [ 1805.650982] ? lockdep_init_map+0x9/0x10 [ 1805.655040] sget_userns+0x73a/0xf00 [ 1805.658743] ? kill_litter_super+0x90/0x90 [ 1805.662969] ? ns_test_super+0x50/0x50 [ 1805.666846] ? destroy_unused_super.part.11+0x110/0x110 [ 1805.672195] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1805.676765] ? kasan_check_write+0x14/0x20 [ 1805.680984] ? do_raw_spin_lock+0xc1/0x200 [ 1805.685210] ? blkdev_get+0xc0/0xb30 [ 1805.688920] ? cap_capable+0x1f9/0x260 [ 1805.692797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1805.698336] ? security_capable+0x99/0xc0 [ 1805.702472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1805.707998] ? ns_capable_common+0x13f/0x170 [ 1805.712398] ? kill_litter_super+0x90/0x90 [ 1805.716618] sget+0x10b/0x150 [ 1805.719714] ? ns_test_super+0x50/0x50 [ 1805.723587] mount_bdev+0x111/0x3e0 [ 1805.727220] ? fuse_get_root_inode+0x190/0x190 [ 1805.731789] fuse_mount_blk+0x34/0x40 [ 1805.735611] mount_fs+0xae/0x328 [ 1805.738986] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1805.743560] ? may_umount+0xb0/0xb0 [ 1805.747205] ? _raw_read_unlock+0x22/0x30 [ 1805.751337] ? __get_fs_type+0x97/0xc0 [ 1805.755229] do_mount+0x564/0x3070 [ 1805.758759] ? copy_mount_string+0x40/0x40 [ 1805.762982] ? rcu_pm_notify+0xc0/0xc0 [ 1805.766871] ? copy_mount_options+0x5f/0x380 [ 1805.771266] ? rcu_read_lock_sched_held+0x108/0x120 [ 1805.776269] ? kmem_cache_alloc_trace+0x616/0x780 [ 1805.781104] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1805.786627] ? _copy_from_user+0xdf/0x150 [ 1805.790763] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1805.796284] ? copy_mount_options+0x285/0x380 [ 1805.800767] ksys_mount+0x12d/0x140 [ 1805.804380] __x64_sys_mount+0xbe/0x150 [ 1805.808344] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1805.813348] do_syscall_64+0x1b1/0x800 [ 1805.817219] ? finish_task_switch+0x1ca/0x840 [ 1805.821712] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1805.826628] ? syscall_return_slowpath+0x30f/0x5c0 [ 1805.831547] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1805.836902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1805.841733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1805.846907] RIP: 0033:0x455a09 [ 1805.850080] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1805.857776] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1805.865031] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1805.872295] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1805.879561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1805.886824] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:29 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:29 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000400000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:29 executing program 4 (fault-call:0 fault-nth:26): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1805.939575] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1805.997638] FAULT_INJECTION: forcing a failure. [ 1805.997638] name failslab, interval 1, probability 0, space 0, times 0 [ 1806.009010] CPU: 0 PID: 3054 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1806.016208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1806.025572] Call Trace: [ 1806.028185] dump_stack+0x1b9/0x294 [ 1806.031840] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1806.037050] ? __save_stack_trace+0x7e/0xd0 [ 1806.041393] should_fail.cold.4+0xa/0x1a 2018/05/15 14:03:29 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000007000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1806.045476] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1806.050600] ? save_stack+0x43/0xd0 [ 1806.054254] ? kasan_kmalloc+0xc4/0xe0 [ 1806.058160] ? kmem_cache_alloc_trace+0x152/0x780 [ 1806.063013] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1806.068214] ? __list_lru_init+0x456/0x790 [ 1806.072463] ? sget_userns+0x73a/0xf00 [ 1806.076365] ? graph_lock+0x170/0x170 [ 1806.080174] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1806.084940] ? do_mount+0x564/0x3070 [ 1806.088663] ? ksys_mount+0x12d/0x140 [ 1806.092475] ? __x64_sys_mount+0xbe/0x150 [ 1806.096636] ? do_syscall_64+0x1b1/0x800 [ 1806.098968] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1806.100706] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1806.100724] ? find_held_lock+0x36/0x1c0 [ 1806.100744] ? __lock_is_held+0xb5/0x140 [ 1806.122975] ? check_same_owner+0x320/0x320 [ 1806.127316] ? rcu_note_context_switch+0x710/0x710 [ 1806.132267] __should_failslab+0x124/0x180 [ 1806.136518] should_failslab+0x9/0x14 [ 1806.140333] kmem_cache_alloc_trace+0x2cb/0x780 2018/05/15 14:03:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1806.145007] ? __kmalloc_node+0x33/0x70 [ 1806.148989] ? __kmalloc_node+0x33/0x70 [ 1806.152989] ? rcu_read_lock_sched_held+0x108/0x120 [ 1806.158035] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1806.163063] ? kvfree_rcu+0x20/0x20 [ 1806.166703] ? __kmalloc_node+0x47/0x70 [ 1806.170689] __list_lru_init+0x456/0x790 [ 1806.174766] ? list_lru_destroy+0x4c0/0x4c0 [ 1806.179100] ? mark_held_locks+0xc9/0x160 [ 1806.183278] ? __raw_spin_lock_init+0x1c/0x100 [ 1806.187874] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1806.192899] ? __lockdep_init_map+0x105/0x590 [ 1806.197405] ? lockdep_init_map+0x9/0x10 [ 1806.201476] sget_userns+0x73a/0xf00 [ 1806.201656] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1806.205189] ? kill_litter_super+0x90/0x90 [ 1806.205208] ? ns_test_super+0x50/0x50 [ 1806.205225] ? destroy_unused_super.part.11+0x110/0x110 [ 1806.205241] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1806.205261] ? kasan_check_write+0x14/0x20 [ 1806.205276] ? do_raw_spin_lock+0xc1/0x200 [ 1806.205299] ? blkdev_get+0xc0/0xb30 [ 1806.205317] ? cap_capable+0x1f9/0x260 [ 1806.248107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.253661] ? security_capable+0x99/0xc0 [ 1806.257826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.263379] ? ns_capable_common+0x13f/0x170 [ 1806.267808] ? kill_litter_super+0x90/0x90 [ 1806.272059] sget+0x10b/0x150 [ 1806.275175] ? ns_test_super+0x50/0x50 [ 1806.279079] mount_bdev+0x111/0x3e0 [ 1806.282722] ? fuse_get_root_inode+0x190/0x190 [ 1806.287321] fuse_mount_blk+0x34/0x40 [ 1806.291135] mount_fs+0xae/0x328 [ 1806.294522] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1806.299252] ? may_umount+0xb0/0xb0 [ 1806.302893] ? _raw_read_unlock+0x22/0x30 [ 1806.307049] ? __get_fs_type+0x97/0xc0 [ 1806.310955] do_mount+0x564/0x3070 [ 1806.314511] ? interrupt_entry+0xb1/0xf0 [ 1806.318598] ? copy_mount_string+0x40/0x40 [ 1806.322846] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1806.327618] ? retint_kernel+0x10/0x10 [ 1806.331524] ? copy_mount_options+0x213/0x380 [ 1806.336037] ? write_comp_data+0x11/0x70 [ 1806.340119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.345677] ? copy_mount_options+0x285/0x380 [ 1806.350189] ksys_mount+0x12d/0x140 [ 1806.353824] __x64_sys_mount+0xbe/0x150 [ 1806.357810] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1806.362845] do_syscall_64+0x1b1/0x800 [ 1806.366747] ? finish_task_switch+0x1ca/0x840 [ 1806.371258] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1806.376202] ? syscall_return_slowpath+0x30f/0x5c0 [ 1806.381167] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1806.386556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1806.391417] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1806.396614] RIP: 0033:0x455a09 [ 1806.399804] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1806.407510] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1806.414784] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1806.422048] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1806.429308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1806.436570] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:30 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000fffffffe00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:30 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:03:30 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000080), 0x4) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="98"], 0x1) 2018/05/15 14:03:30 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0xffffffff00000000) 2018/05/15 14:03:30 executing program 4 (fault-call:0 fault-nth:27): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:30 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000378000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:30 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:30 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1806.564739] FAULT_INJECTION: forcing a failure. [ 1806.564739] name failslab, interval 1, probability 0, space 0, times 0 [ 1806.576731] CPU: 0 PID: 3085 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1806.583933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1806.593286] Call Trace: [ 1806.595880] dump_stack+0x1b9/0x294 [ 1806.599511] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1806.604698] ? __save_stack_trace+0x7e/0xd0 [ 1806.609021] should_fail.cold.4+0xa/0x1a [ 1806.613085] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1806.618177] ? save_stack+0x43/0xd0 [ 1806.621791] ? kasan_kmalloc+0xc4/0xe0 [ 1806.625667] ? kmem_cache_alloc_trace+0x152/0x780 [ 1806.630494] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1806.635679] ? __list_lru_init+0x456/0x790 [ 1806.639901] ? sget_userns+0x73a/0xf00 [ 1806.643781] ? graph_lock+0x170/0x170 [ 1806.647574] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1806.652322] ? do_mount+0x564/0x3070 [ 1806.656027] ? ksys_mount+0x12d/0x140 [ 1806.659815] ? __x64_sys_mount+0xbe/0x150 [ 1806.663949] ? do_syscall_64+0x1b1/0x800 [ 1806.667994] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1806.673349] ? find_held_lock+0x36/0x1c0 [ 1806.677399] ? __lock_is_held+0xb5/0x140 [ 1806.681457] ? check_same_owner+0x320/0x320 [ 1806.685774] ? rcu_note_context_switch+0x710/0x710 [ 1806.690693] __should_failslab+0x124/0x180 [ 1806.694947] should_failslab+0x9/0x14 [ 1806.698737] kmem_cache_alloc_trace+0x2cb/0x780 [ 1806.703393] ? __kmalloc_node+0x33/0x70 [ 1806.707355] ? __kmalloc_node+0x33/0x70 [ 1806.711318] ? rcu_read_lock_sched_held+0x108/0x120 [ 1806.716323] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1806.721327] ? kvfree_rcu+0x20/0x20 [ 1806.724942] ? __kmalloc_node+0x47/0x70 [ 1806.728913] __list_lru_init+0x456/0x790 [ 1806.732961] ? list_lru_destroy+0x4c0/0x4c0 [ 1806.737270] ? mark_held_locks+0xc9/0x160 [ 1806.741412] ? __raw_spin_lock_init+0x1c/0x100 [ 1806.745978] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1806.750979] ? __lockdep_init_map+0x105/0x590 [ 1806.755460] ? lockdep_init_map+0x9/0x10 [ 1806.759508] sget_userns+0x73a/0xf00 [ 1806.763206] ? kill_litter_super+0x90/0x90 [ 1806.767426] ? ns_test_super+0x50/0x50 [ 1806.771301] ? destroy_unused_super.part.11+0x110/0x110 [ 1806.776650] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1806.781223] ? kasan_check_write+0x14/0x20 [ 1806.785448] ? do_raw_spin_lock+0xc1/0x200 [ 1806.789685] ? blkdev_get+0xc0/0xb30 [ 1806.793386] ? cap_capable+0x1f9/0x260 [ 1806.797263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.802786] ? security_capable+0x99/0xc0 [ 1806.806925] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.812480] ? ns_capable_common+0x13f/0x170 [ 1806.816874] ? kill_litter_super+0x90/0x90 [ 1806.821095] sget+0x10b/0x150 [ 1806.824184] ? ns_test_super+0x50/0x50 [ 1806.828095] mount_bdev+0x111/0x3e0 [ 1806.831732] ? fuse_get_root_inode+0x190/0x190 [ 1806.836318] fuse_mount_blk+0x34/0x40 [ 1806.840109] mount_fs+0xae/0x328 [ 1806.843465] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1806.848038] ? may_umount+0xb0/0xb0 [ 1806.851652] ? _raw_read_unlock+0x22/0x30 [ 1806.855788] ? __get_fs_type+0x97/0xc0 [ 1806.859668] do_mount+0x564/0x3070 [ 1806.863198] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1806.867601] ? copy_mount_string+0x40/0x40 [ 1806.871829] ? rcu_pm_notify+0xc0/0xc0 [ 1806.875711] ? copy_mount_options+0x5f/0x380 [ 1806.880107] ? rcu_read_lock_sched_held+0x108/0x120 [ 1806.885113] ? kmem_cache_alloc_trace+0x616/0x780 [ 1806.889943] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1806.895469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1806.900992] ? copy_mount_options+0x285/0x380 [ 1806.905510] ksys_mount+0x12d/0x140 [ 1806.909146] __x64_sys_mount+0xbe/0x150 [ 1806.913117] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1806.918123] do_syscall_64+0x1b1/0x800 [ 1806.922000] ? finish_task_switch+0x1ca/0x840 [ 1806.926503] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1806.931419] ? syscall_return_slowpath+0x30f/0x5c0 [ 1806.936339] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1806.941694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1806.946526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1806.951700] RIP: 0033:0x455a09 [ 1806.954877] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1806.962571] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1806.969826] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1806.977083] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1806.984337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1806.991595] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:30 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000002b000", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1807.023870] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:30 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000006000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:30 executing program 4 (fault-call:0 fault-nth:28): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:30 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:30 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1807.149516] FAULT_INJECTION: forcing a failure. [ 1807.149516] name failslab, interval 1, probability 0, space 0, times 0 [ 1807.160990] CPU: 0 PID: 3115 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1807.168201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1807.176199] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1807.177732] Call Trace: [ 1807.177759] dump_stack+0x1b9/0x294 [ 1807.177780] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1807.177800] ? __save_stack_trace+0x7e/0xd0 [ 1807.177829] should_fail.cold.4+0xa/0x1a [ 1807.206342] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1807.211465] ? save_stack+0x43/0xd0 [ 1807.215107] ? kasan_kmalloc+0xc4/0xe0 [ 1807.219013] ? kmem_cache_alloc_trace+0x152/0x780 [ 1807.223869] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1807.229070] ? __list_lru_init+0x456/0x790 [ 1807.233318] ? sget_userns+0x73a/0xf00 [ 1807.237252] ? graph_lock+0x170/0x170 [ 1807.241082] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1807.245847] ? do_mount+0x564/0x3070 [ 1807.249567] ? ksys_mount+0x12d/0x140 [ 1807.253380] ? __x64_sys_mount+0xbe/0x150 [ 1807.257544] ? do_syscall_64+0x1b1/0x800 [ 1807.261615] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1807.266969] ? find_held_lock+0x36/0x1c0 [ 1807.271031] ? __lock_is_held+0xb5/0x140 [ 1807.275093] ? check_same_owner+0x320/0x320 [ 1807.279423] ? rcu_note_context_switch+0x710/0x710 [ 1807.284345] __should_failslab+0x124/0x180 [ 1807.288574] should_failslab+0x9/0x14 [ 1807.292363] kmem_cache_alloc_trace+0x2cb/0x780 [ 1807.297025] ? __kmalloc_node+0x33/0x70 [ 1807.300985] ? __kmalloc_node+0x33/0x70 [ 1807.304948] ? rcu_read_lock_sched_held+0x108/0x120 [ 1807.309952] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1807.314954] ? kvfree_rcu+0x20/0x20 [ 1807.318570] ? __kmalloc_node+0x47/0x70 [ 1807.322541] __list_lru_init+0x456/0x790 [ 1807.326588] ? list_lru_destroy+0x4c0/0x4c0 [ 1807.330910] ? mark_held_locks+0xc9/0x160 [ 1807.335048] ? __raw_spin_lock_init+0x1c/0x100 [ 1807.339616] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1807.344617] ? __lockdep_init_map+0x105/0x590 [ 1807.349099] ? lockdep_init_map+0x9/0x10 [ 1807.353150] sget_userns+0x73a/0xf00 [ 1807.356850] ? kill_litter_super+0x90/0x90 [ 1807.361071] ? ns_test_super+0x50/0x50 [ 1807.364946] ? destroy_unused_super.part.11+0x110/0x110 [ 1807.370297] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1807.374867] ? kasan_check_write+0x14/0x20 [ 1807.379088] ? do_raw_spin_lock+0xc1/0x200 [ 1807.383312] ? blkdev_get+0xc0/0xb30 [ 1807.387016] ? cap_capable+0x1f9/0x260 [ 1807.390898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1807.396422] ? security_capable+0x99/0xc0 [ 1807.400565] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1807.406092] ? ns_capable_common+0x13f/0x170 [ 1807.410488] ? kill_litter_super+0x90/0x90 [ 1807.414715] sget+0x10b/0x150 [ 1807.417806] ? ns_test_super+0x50/0x50 [ 1807.421684] mount_bdev+0x111/0x3e0 [ 1807.425310] ? fuse_get_root_inode+0x190/0x190 [ 1807.429879] fuse_mount_blk+0x34/0x40 [ 1807.433666] mount_fs+0xae/0x328 [ 1807.437031] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1807.441605] ? may_umount+0xb0/0xb0 [ 1807.445228] ? _raw_read_unlock+0x22/0x30 [ 1807.449360] ? __get_fs_type+0x97/0xc0 [ 1807.453237] do_mount+0x564/0x3070 [ 1807.456767] ? copy_mount_string+0x40/0x40 [ 1807.460997] ? rcu_pm_notify+0xc0/0xc0 [ 1807.464893] ? copy_mount_options+0x5f/0x380 [ 1807.469290] ? rcu_read_lock_sched_held+0x108/0x120 [ 1807.474295] ? kmem_cache_alloc_trace+0x616/0x780 [ 1807.479129] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1807.484654] ? _copy_from_user+0xdf/0x150 [ 1807.488798] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1807.494320] ? copy_mount_options+0x285/0x380 [ 1807.498810] ksys_mount+0x12d/0x140 [ 1807.502428] __x64_sys_mount+0xbe/0x150 [ 1807.506389] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1807.511395] do_syscall_64+0x1b1/0x800 [ 1807.515268] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1807.520099] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1807.525025] ? syscall_return_slowpath+0x30f/0x5c0 [ 1807.529943] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1807.535295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1807.540128] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1807.545300] RIP: 0033:0x455a09 2018/05/15 14:03:31 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:31 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1807.548472] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1807.556193] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1807.563458] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1807.570713] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1807.577967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1807.585225] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:31 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530f0", 0x0) close(r0) 2018/05/15 14:03:31 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000500000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:31 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="af0b892c47954dd7"], 0x1) [ 1807.681123] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:32 executing program 4 (fault-call:0 fault-nth:29): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:32 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:32 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:32 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000007fffffe00000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:32 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x4000002000000000) 2018/05/15 14:03:32 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:32 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:03:32 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080)=0x20, 0x4) openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x200, 0x0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) [ 1808.668074] FAULT_INJECTION: forcing a failure. [ 1808.668074] name failslab, interval 1, probability 0, space 0, times 0 [ 1808.679405] CPU: 0 PID: 3171 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1808.685867] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1808.686602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1808.686609] Call Trace: [ 1808.686635] dump_stack+0x1b9/0x294 [ 1808.686657] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1808.686678] ? __save_stack_trace+0x7e/0xd0 [ 1808.720456] should_fail.cold.4+0xa/0x1a [ 1808.724524] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1808.729619] ? save_stack+0x43/0xd0 [ 1808.733232] ? kasan_kmalloc+0xc4/0xe0 [ 1808.737108] ? kmem_cache_alloc_trace+0x152/0x780 [ 1808.741943] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1808.747124] ? __list_lru_init+0x456/0x790 [ 1808.751343] ? sget_userns+0x73a/0xf00 [ 1808.755231] ? graph_lock+0x170/0x170 [ 1808.759024] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1808.763781] ? do_mount+0x564/0x3070 [ 1808.767483] ? ksys_mount+0x12d/0x140 [ 1808.771269] ? __x64_sys_mount+0xbe/0x150 [ 1808.775402] ? do_syscall_64+0x1b1/0x800 [ 1808.779464] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1808.784815] ? find_held_lock+0x36/0x1c0 [ 1808.788862] ? __lock_is_held+0xb5/0x140 [ 1808.792915] ? check_same_owner+0x320/0x320 [ 1808.797232] ? rcu_note_context_switch+0x710/0x710 [ 1808.802154] __should_failslab+0x124/0x180 [ 1808.806377] should_failslab+0x9/0x14 [ 1808.810164] kmem_cache_alloc_trace+0x2cb/0x780 [ 1808.814825] ? __kmalloc_node+0x33/0x70 [ 1808.818785] ? __kmalloc_node+0x33/0x70 [ 1808.822753] ? rcu_read_lock_sched_held+0x108/0x120 [ 1808.827756] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1808.832761] ? kvfree_rcu+0x20/0x20 [ 1808.836373] ? __kmalloc_node+0x47/0x70 [ 1808.840338] __list_lru_init+0x456/0x790 [ 1808.844385] ? list_lru_destroy+0x4c0/0x4c0 [ 1808.848691] ? mark_held_locks+0xc9/0x160 [ 1808.852838] ? __raw_spin_lock_init+0x1c/0x100 [ 1808.857405] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1808.862406] ? __lockdep_init_map+0x105/0x590 [ 1808.866887] ? lockdep_init_map+0x9/0x10 [ 1808.870935] sget_userns+0x73a/0xf00 [ 1808.874644] ? kill_litter_super+0x90/0x90 [ 1808.878866] ? ns_test_super+0x50/0x50 [ 1808.882739] ? destroy_unused_super.part.11+0x110/0x110 [ 1808.888092] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1808.892664] ? kasan_check_write+0x14/0x20 [ 1808.896884] ? do_raw_spin_lock+0xc1/0x200 [ 1808.901110] ? blkdev_get+0xc0/0xb30 [ 1808.904811] ? cap_capable+0x1f9/0x260 [ 1808.908699] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1808.914225] ? security_capable+0x99/0xc0 [ 1808.918363] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1808.923891] ? ns_capable_common+0x13f/0x170 [ 1808.928291] ? kill_litter_super+0x90/0x90 [ 1808.932516] sget+0x10b/0x150 [ 1808.935608] ? ns_test_super+0x50/0x50 [ 1808.939485] mount_bdev+0x111/0x3e0 [ 1808.943101] ? fuse_get_root_inode+0x190/0x190 [ 1808.947668] fuse_mount_blk+0x34/0x40 [ 1808.951456] mount_fs+0xae/0x328 [ 1808.954812] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1808.959381] ? may_umount+0xb0/0xb0 [ 1808.962993] ? _raw_read_unlock+0x22/0x30 [ 1808.967127] ? __get_fs_type+0x97/0xc0 [ 1808.971003] do_mount+0x564/0x3070 [ 1808.974541] ? copy_mount_string+0x40/0x40 [ 1808.978775] ? rcu_pm_notify+0xc0/0xc0 [ 1808.982655] ? copy_mount_options+0x5f/0x380 [ 1808.987051] ? rcu_read_lock_sched_held+0x108/0x120 [ 1808.992055] ? kmem_cache_alloc_trace+0x616/0x780 [ 1808.996892] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.002418] ? copy_mount_options+0x285/0x380 [ 1809.006903] ksys_mount+0x12d/0x140 [ 1809.010523] __x64_sys_mount+0xbe/0x150 [ 1809.014488] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1809.019520] do_syscall_64+0x1b1/0x800 [ 1809.023411] ? finish_task_switch+0x1ca/0x840 [ 1809.027912] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1809.032830] ? syscall_return_slowpath+0x30f/0x5c0 [ 1809.037750] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1809.043104] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1809.047936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1809.053110] RIP: 0033:0x455a09 [ 1809.056283] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:03:32 executing program 4 (fault-call:0 fault-nth:30): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1809.063980] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1809.071233] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1809.078486] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1809.085742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1809.093001] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:32 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000b00200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1809.166861] FAULT_INJECTION: forcing a failure. [ 1809.166861] name failslab, interval 1, probability 0, space 0, times 0 [ 1809.178237] CPU: 1 PID: 3182 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1809.185441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1809.194809] Call Trace: [ 1809.197427] dump_stack+0x1b9/0x294 [ 1809.201090] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1809.206305] ? __save_stack_trace+0x7e/0xd0 [ 1809.210674] should_fail.cold.4+0xa/0x1a [ 1809.214759] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1809.219886] ? save_stack+0x43/0xd0 [ 1809.223532] ? kasan_kmalloc+0xc4/0xe0 [ 1809.227446] ? kmem_cache_alloc_trace+0x152/0x780 [ 1809.232312] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1809.237522] ? __list_lru_init+0x456/0x790 [ 1809.241779] ? sget_userns+0x73a/0xf00 [ 1809.245689] ? graph_lock+0x170/0x170 [ 1809.249509] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1809.254283] ? do_mount+0x564/0x3070 [ 1809.258018] ? ksys_mount+0x12d/0x140 2018/05/15 14:03:33 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:33 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:33 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000088000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1809.260733] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1809.261835] ? __x64_sys_mount+0xbe/0x150 [ 1809.261855] ? do_syscall_64+0x1b1/0x800 [ 1809.261871] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1809.261891] ? find_held_lock+0x36/0x1c0 [ 1809.288265] ? __lock_is_held+0xb5/0x140 [ 1809.292357] ? check_same_owner+0x320/0x320 [ 1809.296706] ? rcu_note_context_switch+0x710/0x710 [ 1809.301659] __should_failslab+0x124/0x180 [ 1809.305914] should_failslab+0x9/0x14 [ 1809.309737] kmem_cache_alloc_trace+0x2cb/0x780 2018/05/15 14:03:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000e4ffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1809.314427] ? __kmalloc_node+0x33/0x70 [ 1809.318423] ? __kmalloc_node+0x33/0x70 [ 1809.322413] ? rcu_read_lock_sched_held+0x108/0x120 [ 1809.327449] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1809.332487] ? kvfree_rcu+0x20/0x20 [ 1809.336133] ? __kmalloc_node+0x47/0x70 [ 1809.340154] __list_lru_init+0x456/0x790 [ 1809.344243] ? list_lru_destroy+0x4c0/0x4c0 [ 1809.348585] ? mark_held_locks+0xc9/0x160 [ 1809.352757] ? __raw_spin_lock_init+0x1c/0x100 [ 1809.357365] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1809.362411] ? __lockdep_init_map+0x105/0x590 [ 1809.366931] ? lockdep_init_map+0x9/0x10 [ 1809.371015] sget_userns+0x73a/0xf00 [ 1809.374753] ? kill_litter_super+0x90/0x90 [ 1809.379024] ? ns_test_super+0x50/0x50 [ 1809.382933] ? destroy_unused_super.part.11+0x110/0x110 [ 1809.388295] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1809.392877] ? kasan_check_write+0x14/0x20 [ 1809.397107] ? do_raw_spin_lock+0xc1/0x200 [ 1809.401337] ? blkdev_get+0xc0/0xb30 [ 1809.405049] ? cap_capable+0x1f9/0x260 [ 1809.408950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.414486] ? security_capable+0x99/0xc0 [ 1809.418622] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.424146] ? ns_capable_common+0x13f/0x170 [ 1809.428544] ? kill_litter_super+0x90/0x90 [ 1809.432762] sget+0x10b/0x150 [ 1809.435853] ? ns_test_super+0x50/0x50 [ 1809.439728] mount_bdev+0x111/0x3e0 [ 1809.443342] ? fuse_get_root_inode+0x190/0x190 [ 1809.447913] fuse_mount_blk+0x34/0x40 [ 1809.451703] mount_fs+0xae/0x328 [ 1809.455058] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1809.459628] ? may_umount+0xb0/0xb0 [ 1809.463241] ? _raw_read_unlock+0x22/0x30 [ 1809.467375] ? __get_fs_type+0x97/0xc0 [ 1809.471256] do_mount+0x564/0x3070 [ 1809.474790] ? copy_mount_string+0x40/0x40 [ 1809.479016] ? rcu_pm_notify+0xc0/0xc0 [ 1809.482900] ? copy_mount_options+0x5f/0x380 [ 1809.487294] ? rcu_read_lock_sched_held+0x108/0x120 [ 1809.492298] ? kmem_cache_alloc_trace+0x616/0x780 [ 1809.497136] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1809.502658] ? copy_mount_options+0x285/0x380 [ 1809.507141] ksys_mount+0x12d/0x140 [ 1809.510759] __x64_sys_mount+0xbe/0x150 [ 1809.514720] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1809.519725] do_syscall_64+0x1b1/0x800 [ 1809.523601] ? finish_task_switch+0x1ca/0x840 [ 1809.528083] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1809.533002] ? syscall_return_slowpath+0x30f/0x5c0 [ 1809.537931] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1809.543288] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1809.548123] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1809.553313] RIP: 0033:0x455a09 [ 1809.556489] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1809.564185] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1809.571443] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1809.578698] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1809.585964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1809.593219] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1809.613130] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:33 executing program 4 (fault-call:0 fault-nth:31): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:33 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000003000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:33 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000080)="a30f3f00d2489c1b3d7d62b9677f6ce4c6c6ac32caffa539139e4a5a3a54971d030c34e110c3acd576028071b35aaed958b0bcd4490f753daf25be588d5cdf58141db72cc4ec2bc1a7dd8fbbcdcab7bfacb823f5ea9545dc32738dca2302cbb218674f0f4fe987fc0503336433af60d39d66d5c570411b4c27d1e8a0da6da424c679fc517b1937d60d10c775eb7d17ae0d3b49bc1868eb8987b4f61f65beaa85110e25d7", 0xa4}, {&(0x7f0000000140)="61f9f982bb89a753a3a6dcce899fba0857894ce85da16337d2475730fd792562b1a693872358f507619f662d32e77cd21a81fb12c0c6988fbabc81d8ec01d6c917ca264744dec57dbbd5967ba90b0abcf6bbbe209dd473eb0330d9ce67bdddaf1a8884c6f6f64635f7c5917b1c3f90bd8edb16ca30a94339626ab21d39e651e6e8a226da425aeccb6a810022a48e1e2e99aa5cda99dd63e91504b9be9793069a8a42a4", 0xa3}, {&(0x7f0000000200)="541d0b0e22ccf6577a4c071508d57bcdca42696da1473cfb34e6606dd40fe8a8ee", 0x21}, {&(0x7f0000000240)="2439b2bdcd1ed8ddea9c93ed85bc878d22e8462b164742fc5b6a91eeb20fa616b0c1de0b254a4d81e79716f2e144dd9d23d12d8602fe669decc714cf559752470583b195ab2483e424bcbbbff0679dfe509e5984ba6d3c28c0ef5754ef55132f98d3881e08b3d703366b4e9397aa12e5f2cdd0df25fdf6264cfe6efc460615b1d13659a4aa34ff262550dce8040121252222bb31a01ef48a0f409b07f7a85da032b87db1cbcdded37c3994dd9b37259ef215e44ef97f5a4a1a701f9919000da7423f9ba2998ac518b3a2ec305009fcf5de4bcc667c3eb470afd7149344e251494429d7bfde1105e0f7a1", 0xea}, {&(0x7f0000000800)="43d8be69afb1320bf72ac2e82353863734344aae4d3368f46fc5348c9980735a42e3433f082845e79edde284b2609e135f391735677a9802005f56b73a0a8f4f463f6b866fc4de9637ea3778428f74a5aeaf0e955dd089517bec93ab7a1f3aa19a789a1dfa1eea00a5fa0d0ae12abfee232417fdd2ee042e4a2aaf5774e7c03ff5cac3b8535e4d857083cc0fd9447b150983272993ff081a9b3d66e1b0d3b3651babc5c036e3447f7c4dd760201ed29872ac55c4ccfef045d15b264c145b28f9a85ae030e88ae97b2af02f90790fc1b836913e873d58431636765174cb1583df60b28fc764c41888a47054dde3daea300e1686b7cb75c6757286fbab2b6df7b167b8ce54791ef73e7cbbc01f697b68dbb1890db52e402c4e4a88e851c43a1eb6e1786ead190050a1dac0ab1c2fc05ab5b52fafadc1094bea75bd0b7c2f0f3a38f0c2222c3a2039309606f9e1fadebbb1a3644a79a83bbb361084f24d81180a4170f0187b37a40d8485624c00808a08e3904363be56acdcb71f7dd8f7a7741745ababb239e6181a1b768c260ac106d5724e9be07479326a73cfbd05b4a6ef375d59e6204bfac0860b1902db52a8c5a308fd6df3cb43e779f0a3ff32fc1cdbdec3ff0faaa6622683aab20e83e73b6caf184fbc8a780370a8f12e01f366fcc7a35862487631540e3768132c9c9d733a11c9e5756361febe68c3bca397792dc0c3ef322f3ca9d986a7669367110aecc775ef5ac558010df7cfc20c5b8e3c59fd590413d72700cb138f25cda5d202c1e3d338b6ee20b0ecb4a3ea2ca0d85fbf1bf1abbeb1248ef88d70c8292a2dba5343a37e1b420c675511e017419ce7f182df99fe8962cdfa2bda46b361d36c16a007503f75ba9f66ae9f987c4ab9efe681f3e44bc6d3826be79b947a9502028a584688777ec2e019b47e1b1b7acd44601451561cb2ba21503958c8a15d073647441a95e50c687c7d1c841201f7acad5672e2663d81978bedea2ee81eebb10a1426dbca02e8170d7c956755cdd46165f8cefcaba4e31374ded751f51975fb11cdab77ddacdb8a720a315d29d3a57a0e4d71269f2d75ab359a45433de4119403b7980058359b88f308a8cacc78c2bab3256515c11d4a3bf6408bf772f9b33bec074c1ab59095525e65590e29c69b1e1a9d1844c333eb46b68474053d475b817dbc39a94cffc14569f003bf03e24e24d659284bf50a36e99785854c505cd301bc506ceabb4a889718fc3b5729913b49243150bfbe31b8e367b867ff41733cf5d51ea7dba89a7a7580447432860a38a07e319a927e783aa1ef1a39edaeb22174ae3f3ed002fa80fd34ca8bf48ed8255054b85f4f5b05d525e4b3222908976344ad2ee07ac5f780e556e19ac6e6079bc3a9b1893e2176ad9a50f395b082cc5afb6c27fea46ffa40c487ed1041c4c5d67aafb7bde2d53793fbd56dcbb76842d581ccb612142f9c9b68777981be33e1e34390209276c45845452e562f2c757e8645a1ef91152e10dad4b4fab134e9a1fba6a2e8cfef7318d90c83b27490763df238bc8dd72a0ea9a94ea8b442dcc8f9eaf2faab7cfc987f2efdee4276aa26974a5f2fc2219d3b50d08feaa57c540f5cb8613d154dc6eece21b098e30fcb7df6370d4ce61524f7751fd894546d0aea6e131555943a9887674c9f0379d2e5faaf34665bd2753d1099bb4608442c1905f04f0965311fd8cf8c5c4df85fa5d2a7f0ac9266f5bfaf8fd1bf758c9353baa65250522b2e21c5c58cca03503d7d2f417b0a9d4d01f711b59f388db30572b0cbfd9a9f5b817854c021b56214c045d9e321cd0dc2f3d252c8e19f0f79f1f1ddb95fef83d73f997952b134265661a76adc1e93ed58b6fc5d79ac6f53c2c4bd84fa4ae0ec3d70eb3dba11234eb28b4ba74d5f9c0c744d60ac9c4ea24b16b50f9d641bb701862eb377588354dee9eef780c1d98deea993acd43234082206960d4223e851fd8594d8e2bb858bc6cf769cef4dc298a4698930035684208016f1f13891181551ab642bd857e2bcd55c0859aa5145ef91d18e3e879849adb58f0638d5c749d30abf831d6a48478252cc8d917d76d8f10b59d21cda225724744a33b7ce64e239d0c4b6b47ee047b4272df393942ee2482671d30aca6040014a47c5700339791b88cfe793758af04127a8edf32163ed7148de9a517a4e411fea2ca0b4d4b2087121c521422d589d0784c39b1bf9751da49db1b8ba5f70d2968a08f1278e7278e13d9fe2f51dd32647c0465774405054454c133c145a38fad5ab3bc3cd0f6c24da4bc4313035e3304a78b8e26d78e03a9d84b89943e314f4ebcb586bac2b62a51d1d0f3c09712c7779367836c283c1a92df3ed17aa06f3955a40c080ab869049693a8d3979a41c2f90a4328a8267768351d2df838e39810131648a9fe522a33c38ea3d4d8bd706c6469bf806b05e6c11a902cde12158bb18d76df748e2a0d92f3a2f21a7980aa94408bc5759ff34c59bf085b7d9daacf3001f487b9bfd7d0342f89dbbac6b9231acdf05c319aa6bb36ddf775a4425a40e4536496cd507f811b2f6d77afd722007ab8f174ad2725cc45e9bd81685d1d2ff181393171656c14cc570cfcbd37d80eb3bd6e6c8852068097c162f3f96f3abbd0cb4fac5b9073f3deaf4a1cd8b91d57ced5dea6b819cb0313a329c3f9684f816833fc36aa9bf26d7cfbd74c351129594481a422c00d58949f59275d40b9a831e9bca3bfb36bbbccda2966b64d854641717e30dcc0b27f8e52c55dd88ede615f2be7aa7594227e6832d85d70092fae7bcd6e01b528120a7fb312be27dea22bd0b0ee84d320648d346be0f2f97a5c4ddde47dea6e494382f6372d4a4b952aaef8ecac41ead4892904ddaed9ceae2b2328fafd67c51d4454fc3f3d3ca2cfa3303dbde626e0bfcef72b487789ffa78af6dec919702d7fe527ed102bd4fa996d895782b1fd94b02a0d73ffd2f5f8eca04b219b33f4086abaa84a494ece1a2d69ddec0ed851eac398959e22504e517d30c7e9bfe345de8b8da6b2caf33d23c1f06e0169bd8898a20564eb9a35bf8be82c4dc961d07025f85a334447b6d6e2d7db183682ad22333548e47012b323257ca286daa655b11936f760c1113eea9a879338d5fedc21fd0991b941dbf771a0eb822c9463d363389c7ba072020b23d7144760fdba8a13886ffad824c194f3a1f875b4e3584456184f5890a7d74b2fc4642acb87238879f278f1ac878ccac61dd32f6c61e1e6ef7a82fb009149fadcc1f791b3433c014601c37f6e98bfcdd1117b8d13aca217a5a74bc5a5c845e8a46801bd16a85c3fe8f4bb99e2cad0c32dff642a181d980e776334a3666732f83e6396977f7b339fcbadb8328aec69d32a88d0e68cf8a9ff2493856a43cc7c19c5f293c771ac3d248a032efb1eb1d2386aed0af400d8ba5b2225cfc7c1aac557b717e8f54c3f5a9b11f18b547effab44b3942abfd9dbe3f119ba953bd98c3185b71c84b75e6795e5f21cb9aafb4f606b5bc35394eb07abcd72da16d4a4cce4f5bb7b093b0394d8501a1dd49ed92d7dd95758e83d90a57f6eace385c88f777df8e2446b90a79ea00c041983fb257ac14df16d59ba7c3cf564653ab4e88fff4cea9354ec448e98599c6c83ad01533369977ae5f1a60d80a13dc67e23cdef21bb7de5bfb3976dc48b36fad61bd90a01a948d21eb45f8afb1646ae22383e9029e81b0eb31a1312f4c9e9f94bfc6da844160cc6dc8ec9b06a789b54e8f21d2eca19a675fa2c11243aeec0efd4627c959c3406197d8d8a964ac5bd41f9e846d82eedb723044a844b838aa7ffe24fdd4bc18dbb5093c82426d7734e937cac33aec84e796ed0fdf89be8a445dbdd432ad9fbec8fd7344d4ca11e4adbc47d9a506dc632ad8f1db3b19654c5246614ef7bb04ef2a481a397570465754886027807e310e444cc2f3400742352a191e23c6a38a22aa11e6ee6e26b4de461153b00f4bc46a9bbd888f092807b1927616edc6e3a5bf6ce8b8ed708d8e26bccd4f90f5d83654e9d6e8f2d5293b81ac4b626690be2a0b6af1fde25788ab618e15f3a2eac80e15cc90d36497fd6be8380391713e4c62ce4be38e1e2868504ebb9547c46fcfee24ee2debe6e420cfc6bbead185860b5ee87eac7f1873fbdc65294782baa0834db74d86e1b3a9432f28aaeb20d93db01b8e20ba6973e52a1e391f21b2485b6347ec9cc2ef72b379f5a673efc5bbf3710189b78f24fb78ae145d7c8e9514786e75615b2827afbcef8de32d4eee378a9123ffead9a9a01b49a40bfe75a35eca12685a6a9bc6aa8d3965f00874a1166f7079e65a7d8f6ef1ddc58146c5c272e15f67a27e1cd9326455a0133e67dcee60c342ca2058f3c1deb9a3c488c018833812b2f51b24994c9eaadb14285daa987d87af14e95e656ccce080316b7b84beef8735099a8f37b6edd172ab22d0ad3355417422f5e2666f0b5bccc22e8cafe0f93d4130788031526711eeea1484d017daa306889b9d8c0647bc2be3a323cd0d63782615c6d9a8b88e504490d5d6a9404a419ee1456f7126ac58f494938d0ea4c23f4f9c3f0cec0ba51577bcd8b4e17822e0a4a7b8098adb0eba217f5cc17fe78edf129cf11732e50ebc5d006b7ad4bdded232b5c2f2000059219be9b84ced73a40d7ffe711b1d52e5d4814f8afc9aa032862a440f74d848ecfbb09ad93f3e65515bf5607c478d6ef7af670adf0499f41f801d309ff161aefc753a4ecf864182f43c276da312332edb4305f60bea0e0f3f3d01dc3d355d0fbce501309d88852b17af96f461ac52a5730f15ab4a8a9e4a6279a9e01a817ea6dda2b0b8bd7580bd7e19ac10e07d726f97120c5e39457a75c49ffdad19306ea2e0f638aab76414c5f010f7ef5e848f622f823dd72f05895dcc8d849107c4bcff413ab1d3a5c978930859566a7218d3092318402d9725ff4cf0240e9a7fcd2a1473f664325220785148110493d5a3f06efcde81dd692e4705f2edc89148702fa5e0eb218648ee3475412b89803ba4a6a943894a46d4d8262a24bf9ca0b8db8e037d030da1703d45f5037972c606ffe68cc2e1a2248a9ffb32d652e5adf0a043061d0b0de3987519126395e27859c7a01d9e8a58679dbebdcc13183b11464cb24f77804e046bae48d822a7976c7803dfeb4822d509a43e9ff49c9095f072f01b448239915c700cfc7faaca1b28fcf4b3e2fb7eb5ee209a64e181c0e3cd68d33e50293ad7951f51c8b287769418d2b37c0c4cbb0b600862fc924d9f25e14ec3f05c42b0b3a952b3c478e402961e203f7ba9d1b3e5d3a353fcced57d7b4b4dd987df65f0da6fba4706f98a3155861ab120922561e078b6223853f44e99a03061a9382b27c12400373caa7e18028f6bf029bdf5257bf75cf12f7fb6e00dcfefadcb5202381dded4e37de86a735cdbaca4e63418f4c0e65652b668d6a8212ad091dbf546e361fee609878911e9eed6c4228651c27a0c795d6d33f7e4964aa56b59c7fa3f3a7410b48a3162d99316ad2c639e9824f9cfd901054e7b5f4ceca7e0514bcbe6f8bcaf49e3a4f05091f11238005f12f4ea4470610a011c00c7fabb195da2b05735cc8575611c591da82d86df9c0219942f30e2802d6108f08953d14d2fc239f24deba8e98d8d1441e394868ea069646c585bfe33f1fe26f18ee2b19f9ee5584c816ca34924107be7828d5cc8bf491ff2724f14b434bcca9987df6fb7895300885d0c98dccae72863ec3df824c0c4d9ba69fff0298994083702aa0a5327f06af7a7f820c1", 0x1000}, {&(0x7f0000000340)="37d80d4b80e7c3b7ef6a4265b403d4306d0d780ddca9d7b95a2a7c261306cfa3fe7adb3cf6cec100d7d3c7c1ca2c2d0e7976da7b3647f3c8673ce401556892e274236e16864911030a838a8148e9dab456217534cf88bb671c9c329a401647fb52f5d213f2a6c7dd0ead891d464f44157a43353fe1b37c067c1e01cddde57a1d65b1e34053", 0x85}, {&(0x7f0000001800)="7b413ab09d6944322d307258ba74d392ec7a99e2349c90c80683b087f6cbd52c1b0a5bc85790e7888229a4d7d40777a9e5ec9efdb4cc0b2f71a8f00db6dea55281e1d702708d3dae05913bca4ff52f07107259c9076e657de744412d9fb1223496a0bc94be15fbd95d35c889ce8bbc151d068a6e1252a3ed02790ace20ca49cfd1c11ddd7a9b74bda35bb4545998596fa21cdf45b11ffc09cebb9f63fe288dc969debc0bf5dd353e22984c137b6c5878f92bff94ebc10268d78d927969e62770b1be8cb8db5d4797129955313d053414640542a068562c66c21fc97e51e1746fef7f105c19f192ccafd2fb16fde38481bd24f20e870350d6ce2764310c030439cec8f72a7b2b4a197201fbfc88abad49b4ba7baec051f4769407c48805e6d7722a107369bc36a1df4465d09c2fd61c21f801031777a0738b79d2bb95ea0d07d6bcd9d6e26e15d70d4c7170ebc8d03c4802d817a487e5ee5a08223a69512e923221a4a289ab879bc785d7cd95ffede1e56d88eda83ca7a288ee9e185c0f5c2c2579895ee66c4643a214f408ec80c0692f281d438a81c4bf84388ade42b02258a28e948e2f596654b8d467427fd2b5b1e1caf23cc8a3d2a81d678584890ca02d1c52b394ff85154b97700f8f3c83bd0e18daa96584d99c33ccceeba6a0b225c8ec03cf48a8556b2a5cd4d097d75afab82dc919fc376f1fc035ca29ad370dcca5845990ecb3d9b4315f504501df6853f7cda00badf880e3be2d8e96701283d2bdb0543845fdf7aa2ba8ccb67df8588ea23f8ec6430ea9d27d9d313938e38fd69efa2fa68b215ec7e58906bc07fa779d890e52dadba4bf5490f472fd55b03f4a8ab78a3d89b40dcc181c8a7a7af4dd24c17eacbb87d6253b50a24a355fc460d51afcf0c8504538242f24b29276ed6486061111178613b27776b54a0501becb2513eb10ff20b417be72c41674552d38e02a6915e85d969dbfe33cfc1695e230f4e947818686fadd9eac05532f0e5215c8b54a23dc22a75129034d107bdeb007cd8cdfdaf886e01f4d5ad628833f00380b956b09e314fac85175f817733395ffe8c4220c8525f115a55ee2cd173d29a466449eaf5925d774dc1d09ece3bf6bc590c3a88b2cc38956c77bd0c6e3c8ae17b8e621b597d8ad532311eec89535ced9cdfd91bf9f235cff3c9f2c702d5035c713575b1e22b51224ae9eb4b16aee14fd7cd757d74a0557cf0a6d02f66ef9dd5cec943f7205eb4a060142ad234e0380dbb596eb8f2024430cc71b95071ad28f9b7df612fef3e0c8e5acafa9f76d2861fa6c5cc2eae8faf4288a84c227baf0ca8e076e16c428a3a89906187ae651dea75cca124b0db872091e39866814caab94d012da56d06f2ec3a280279aa46c8c1eaf41ee2ed482c28eee95cb174218685e7071fcb4fd1d8208a4ded2936106c6f02291ae24ff97126e601c09495f5af3054bb0c98e15494ec8c4bdc3c56852a149c9d18396524458abedbf738e187b204328d3a89e51f1b19c2689934abb6d837ad4e0a4eaf0fd3f2e187d80e6be5f6d8fc992fac7abbbd6937cc0726a551d645e016c97b1ec0bd58fc7560deef9b34a5767f44978628442853a8d38fb9967807daf199de977b703e3f431aa0e64a0465b0e7df425b2d22fce1689654cce3ffd6165397826b989143f90cb36b665fe68a0ff847aaf9dc68cba48b97ef7c07c6b301519bff8534dddb174b222a3f46145bccb1d49be06958e98456fdbd19e738e0c6aea0eca1f21b467e7d1a5d92d1b59f0a5b55300465b957506654a161c43d73384835c0db31dd19ac617a3e808b734fed04cfac40c5d2eb02e4358065ff43d23fa34f84b149c442c6770c216f577a5b6127e1ca67274eca9d4f00d8309f72c2810b4b38396d8d2d0e98060bccdfb6ebb85694cadce05f8087f8e76975af2f56c778db4074dd0adec38dba24081934609c4460b470a11e24a6be45ffad2b91e10e72b9dd5a5260d984cb65effde61159835963b538050645606061f72a4996e20280c0fb3c4d52e2f0ab6b6d57a1f75c475bd9597486e9c39ed2e7fe7215413661cd6db52f9a31d5bc4b6bc7466ba5ac71da95831fe3f97e3b3b65f45f1f8e120716209d8df2bd89b5f6004e3eb7103298960fd0dbe00e99a13977a9c47557c545c02783ee84050beff8b2771d10d0e663bf299203557c56ba0df928a39e65e91c9e398087c7e674deab4ac6cd00b890d36d58bc8ba435fe6ad8f0a6782819554f800adf0283503db3ea0074f9c71569c9a0c68b1a019e077afbb14c2c294eb904d348d4c45e174582489d7d6f24df8401d411bca509b9971a9fca10a9222dc10da47dc5e8c62bccf0ade727875f2fc46e490caeec756c23322e000196c61dbe979d9812c51c07f7dd486ecded2112838b223d3bb6f9b68abef7d210cf3df7d77310c6f81a21efd648ffb1d799a6bab7b5b664f3ed63c2858e9fcb155dce7370ae1ba92d0e901228c145ec5c3e53853f09e6687bbab0efaef25c5add323e9d368630287b696d33f7a65494de09baff57bd8d7b1160474fa98777d82e8ee3c3e237ffaeaed6e13083a1dc38387eb7fa32aae12a29f9d0a16acbcc6864ae05f17f3f7449fabe96faa47b852683782dc713b0a4b01f34bbeaa094089b6249373a5da20f7191ccf72b4a68e53a41c79f692bcdd48f899a97391a29b7d9037cb2f71f375168c306695c801e26c13968137d9ef8ef6ee4fd2790c91bf17627c6fa11b0cfb971360c69926acb4829cce14da1d6153c5864f3249c8ff0b4a1e46d0c77ea0c5662a208c1c87a18691bda29f3ae842bd3c54799385686948eff5ef32b97b93a7f83bf464e4d5750e47fb8fb7f17f6ca01c0d13214e58299234d0695c54597cfcae1a4b91da3e05a6db9b27f299ae4826f899cf24330c2da8e5316e34ae161252b42aabb921d0bf4f33f2e8a248045bccd82ce92d05f6bbf07d08757fcda0158cb8eb81ca76a6760cc0aa72bbe489a154f4525dabd309bdde33efb08dfe30ce3d8289e9349b7ca99468fb8831a1dae0ccba184f7394de548621ddde03d8875ca07550741810c07c5747ea6043543ca7c801de4673c57b7590edd39617178cd1f03be71684d6544b31c767ffedc53eb5196449b47aa611d667c9455e62006b6a96e011cc30a6a1ed89e3201093c8089be1e0307bbc268e309d279c50c57c4ac2899a9ae0dc50547248bb676be22eff602371e6034a2718f7550e6168f092dbf94522495fd4a0cb2caf7e12a37b858c0b9fcf6a89e7f9852d82c7e88f066f10df55957a3bee22979c29c55fcbdadf2a7178a1f201e7e17ab9bc0089ced0d952e5165fa916ea4f910b19b540eeaed3bd3f7b14749690c565cb3cb993cd5c8f4deda3dbabe830eb4d6f072c138b60837a09a6ef998e5d2f34f3271750e9c46fc459dbb7a886627ccefb170aa8c85da702366f4214ee7f2fbc7d43de92cac05a4834ec67acc8b51d0d33c7f92555728952961df12f32d42fe095d4e7ebfa7292a05fac338018272e4da0290ce5be55f4bd49b28e7abb40c2493d6a191beb3f04bb7eb16e1097108427719db1bd1d889f6bd9b977e96d5ae8e1148aaa37d60dfd3bfbf737d1ad9d71d3cd7af2dc76430ef42ebfcc717ba89c9fd777cdc5e26bf9265272caf0f6a66e9b0bbf406a87c9eeb1cd1ca90f0dc0568ce08c1eb591845672d169b49556e5bd578801b88f40c05046f3022473ca644278243fea1f9d43074fbaed96600570ceca0ba7d7e085670ad773e63cabd01c3d18f655389b48397695cdbdd09a52b02dee83271a00f331c9cb913207a0d58b5937bf79207f2796fdbc8fef5ac3df6425a5c93eed504eaf49fb9d293ec4589bbfdbeb66b7a9b254a3588f19a7da63ce50d974fdcf701d9c4d736d19c482f4ad0583d4c106eae996dd515dbe030393cc013fa18554795e407cab837f90b4835c8cf9b75e7047d53514715c15a08e6e43ae3312dcf1a9249c4cb3545f41eb4b53ae473b96bf513e76af798a0fd199a2224a8928ba98de58ab74950832a246ad1c359f39335b902f0314b13b67b68aeb5e15c9d49bf38a97c084b6964250b7e07dfeb4ad97622080d39b498b154c83476b2f6f28a3528e9b23d012ef89572047fff5fb4cd38f66e7f577ea2d09607899f2b3da41bbb404762863e70e6eafd182342ae7aa83b0e8d0cc84afe1f1dc1d8b241d645175b90f2dfa533c37a463f154a4caf1e182d1bbacddfc369f78d427f543e92ee2187a420a35cfacff7eb23538920244008c4eb9348d60a74e24c14ae5707b019bde69cf47909914c0a0d3f182c2897e827f171f39b889b197eb2c586aa169c0c1b184c6ba5e87aa8e4d44d3629e244308fac7ec1cb73cab5f87e0591279a14e70477c7ea73334f82c198a8cd9646b87f441d5831d5c67f246764339573144a63ceaf17919cf6fed6ab25124e4d33f2a537fd2ca9895fc7faecd13fd555151cb2f9f73d8648fc7ca095886c72be40b06e6f66835f9944a2284ba7a4ec6b69a01bb8c3d1730d5a74506d6186e38f07f936660714689cc9a3551c20406b73f8bb2e86313f1a9201277b20564a682cd9d42a43c955752344a0d2ace046961226ed699b9635722b7b56f1cdb24a443325bdf841bb4c27b80cb9c69cf1904e56681866c1b8c41ebfe58f2d956c597d63fa83b7abb5d9165454d29031b64b355a86752bc6fcf65cf83b426dad6b085f42a7c5527785b361a5db717c43528a8a1b3779841d76ae588692aa9c5240ad40617fc751077326615848592b62f1c1d59daa40d0c49bb33c49a08eb72d62bc796e32bfc05ad31c6ae2d40cb020b41bf67930652064529f766e44850deefb85f5103988c62eef0b24f130852dadaf129ea756d34c17ed4c0e06d2952552700276bfc55d435161d6d1b4486e2acbd6103cc4eb9532f59ea09060d823177a17ae483b6f4384a4b8394c4456a9e8dfe88ac12b13cc6e5f6ca307b22463a9781ee4c68571ebba929204a4d99a1e2797d54be97f70c9d9b381f2aeadf68d90b18a19b380f4d2c0a1d045d0e6fad39e3b57450bbf4a3f9b134ca8a8cb98285cd670db857209a49d58e2b7c43cbba549faefda5c8dd595f6ea1ba656cea09b696766a603ba4f878258f919f72e91078ce876eef45821997547a477af7ae9946328a219ee0e258268c2469f5ec4d4ba0d69f2f966900a4ecad8973eb2536d8cf1947dfa45e8bd70e4dce3246aea38fa8d8be48cbd9f25209d3de6c97e6840b346b6566cb8e56fd62769602f21d476070c898615859afa392be268f363c8a32f195fee146d60b780dd20123829e028d31fe8b9ecf35d58223d7be23e8238b1073f714c6b4901db823bc4d2bc3c4c545caf412d0b5020359d948e6405020f4dea8b991eb8caf168b72fd0c7ea8f68514ba9c0f1f59dbc4c2358f1e0ead7d20e75f3f485cf61e59364835468b1dbfd6c7ac53d2d06fdac6f6330338e64d33f83bd62fc45340d724bddd7b226436e638867386af7a50c6bc2a6593b2d07c9dcbdceacf931e452eedbd9353b10badbf44d89c61973d7647483415965c893879a1742576862423c0e556cb6508c08e49dd4d9c0441ef8058d52418e6b8b3bab0d84c55cce2934fe3d66763800644811c6b16c2638783c0a5326309ab32cac68c2632d246f460f83b84aca93ff0ed3e647d5634fdd6bd49dadd5e7f53fbf88a67e7536c20b7eaf0d3ce61e411c87073fb2cddea4de93db02afe5279a1910d0c31ee179bf2f53a3bb157d88ef066535b95a7d68b651a94b8db", 0x1000}, {&(0x7f0000000400)="bacce81685b679b78c5b17f4a310cffc0c8013b2d2f2e8bf745dc8f46ea85b1f1b3fff76074005115f2e411e39c6f9829f5d238233e7d5dab4538482ea38e3c259159a4d4f164f12918c284bb36013e83582970fdeec4b05bfa043e4da39d2e66fc71e3c986642c9a5", 0x69}, {&(0x7f0000000480)="4f9597e1920aa3c2d8cd0333f513d4742bec011945c46d1f6e2d785393e3126fa12a25504d4aa8785726a4c0511bdc3bd2d8d1fc6ebbddc7803b30b5b1494c842663a2fe59f02d1527b714d7c60971768ac9f8df715a32b3dc12743c4c6f7cdc7a1bd5b1ecab4d8542a72df78f2b", 0x6e}], 0x9, 0x0) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000005c0)={0x0, 0x6}, &(0x7f0000000600)=0x8) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000640)={r1, 0x1, 0x0, 0xfffffffffffffffa, 0x5632}, &(0x7f0000000680)=0x18) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:03:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:33 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:33 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x1000000) 2018/05/15 14:03:33 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x191e8d}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:33 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c65308c", 0x0) close(r0) [ 1809.863282] FAULT_INJECTION: forcing a failure. [ 1809.863282] name failslab, interval 1, probability 0, space 0, times 0 [ 1809.874622] CPU: 0 PID: 3233 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1809.881824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1809.891187] Call Trace: [ 1809.893802] dump_stack+0x1b9/0x294 [ 1809.897456] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1809.902683] should_fail.cold.4+0xa/0x1a [ 1809.906780] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1809.911908] ? print_usage_bug+0xc0/0xc0 [ 1809.915990] ? graph_lock+0x170/0x170 [ 1809.919808] ? lock_downgrade+0x8e0/0x8e0 [ 1809.923976] ? find_held_lock+0x36/0x1c0 [ 1809.928060] ? __lock_is_held+0xb5/0x140 [ 1809.932152] ? check_same_owner+0x320/0x320 [ 1809.936498] ? __might_sleep+0x95/0x190 [ 1809.940502] ? rcu_note_context_switch+0x710/0x710 [ 1809.945462] __should_failslab+0x124/0x180 [ 1809.949725] should_failslab+0x9/0x14 [ 1809.953546] __kmalloc+0x2c8/0x760 [ 1809.957114] ? __kmalloc_node+0x47/0x70 [ 1809.961104] ? __list_lru_init+0xdd/0x790 [ 1809.965273] __list_lru_init+0xdd/0x790 [ 1809.969269] ? list_lru_destroy+0x4c0/0x4c0 [ 1809.973609] ? mark_held_locks+0xc9/0x160 [ 1809.977774] ? __raw_spin_lock_init+0x1c/0x100 [ 1809.982374] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1809.987417] ? lockdep_init_map+0x9/0x10 [ 1809.991508] sget_userns+0x767/0xf00 [ 1809.995245] ? kill_litter_super+0x90/0x90 [ 1809.999504] ? ns_test_super+0x50/0x50 [ 1810.003424] ? destroy_unused_super.part.11+0x110/0x110 [ 1810.008827] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1810.013437] ? kasan_check_write+0x14/0x20 [ 1810.017692] ? do_raw_spin_lock+0xc1/0x200 [ 1810.021932] ? blkdev_get+0xc0/0xb30 [ 1810.025642] ? cap_capable+0x1f9/0x260 [ 1810.029533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.035067] ? security_capable+0x99/0xc0 [ 1810.039207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.044732] ? ns_capable_common+0x13f/0x170 [ 1810.049129] ? kill_litter_super+0x90/0x90 [ 1810.053348] sget+0x10b/0x150 [ 1810.056439] ? ns_test_super+0x50/0x50 [ 1810.060315] mount_bdev+0x111/0x3e0 [ 1810.063927] ? fuse_get_root_inode+0x190/0x190 [ 1810.068495] fuse_mount_blk+0x34/0x40 [ 1810.072281] mount_fs+0xae/0x328 [ 1810.075634] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1810.080205] ? may_umount+0xb0/0xb0 [ 1810.083821] ? _raw_read_unlock+0x22/0x30 [ 1810.087953] ? __get_fs_type+0x97/0xc0 [ 1810.091831] do_mount+0x564/0x3070 [ 1810.095358] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1810.099760] ? copy_mount_string+0x40/0x40 [ 1810.104002] ? rcu_pm_notify+0xc0/0xc0 [ 1810.107889] ? copy_mount_options+0x5f/0x380 [ 1810.112375] ? rcu_read_lock_sched_held+0x108/0x120 [ 1810.117387] ? kmem_cache_alloc_trace+0x616/0x780 [ 1810.122221] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1810.127747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.133271] ? copy_mount_options+0x285/0x380 [ 1810.137756] ksys_mount+0x12d/0x140 [ 1810.141372] __x64_sys_mount+0xbe/0x150 [ 1810.145338] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1810.150362] do_syscall_64+0x1b1/0x800 [ 1810.154262] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1810.159185] ? syscall_return_slowpath+0x30f/0x5c0 [ 1810.164108] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1810.169465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1810.174298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1810.179476] RIP: 0033:0x455a09 [ 1810.182651] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1810.190351] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1810.197611] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1810.204868] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:03:33 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000011000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:33 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:33 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000600000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:34 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1810.212121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1810.219379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1810.238371] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:34 executing program 4 (fault-call:0 fault-nth:32): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:34 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000ffffffe400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1810.366756] FAULT_INJECTION: forcing a failure. [ 1810.366756] name failslab, interval 1, probability 0, space 0, times 0 [ 1810.378135] CPU: 1 PID: 3261 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1810.385358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1810.394722] Call Trace: [ 1810.398004] dump_stack+0x1b9/0x294 [ 1810.401663] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1810.406875] ? __save_stack_trace+0x7e/0xd0 [ 1810.411221] should_fail.cold.4+0xa/0x1a [ 1810.415302] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1810.420426] ? save_stack+0x43/0xd0 [ 1810.424067] ? kasan_kmalloc+0xc4/0xe0 [ 1810.424426] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1810.427968] ? kmem_cache_alloc_trace+0x152/0x780 [ 1810.427984] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1810.427999] ? __list_lru_init+0x456/0x790 [ 1810.428014] ? sget_userns+0x767/0xf00 [ 1810.428031] ? graph_lock+0x170/0x170 [ 1810.428046] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1810.428061] ? do_mount+0x564/0x3070 [ 1810.428074] ? ksys_mount+0x12d/0x140 [ 1810.428090] ? __x64_sys_mount+0xbe/0x150 [ 1810.475156] ? do_syscall_64+0x1b1/0x800 [ 1810.479234] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1810.484622] ? find_held_lock+0x36/0x1c0 [ 1810.488698] ? __lock_is_held+0xb5/0x140 [ 1810.492782] ? check_same_owner+0x320/0x320 [ 1810.497124] ? rcu_note_context_switch+0x710/0x710 [ 1810.502078] __should_failslab+0x124/0x180 [ 1810.506336] should_failslab+0x9/0x14 [ 1810.510159] kmem_cache_alloc_trace+0x2cb/0x780 [ 1810.514847] ? __kmalloc_node+0x33/0x70 [ 1810.518825] ? __kmalloc_node+0x33/0x70 [ 1810.522792] ? rcu_read_lock_sched_held+0x108/0x120 [ 1810.527796] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1810.532798] ? kvfree_rcu+0x20/0x20 [ 1810.536411] ? __kmalloc_node+0x47/0x70 [ 1810.540374] __list_lru_init+0x456/0x790 [ 1810.544432] ? list_lru_destroy+0x4c0/0x4c0 [ 1810.548748] ? mark_held_locks+0xc9/0x160 [ 1810.552888] ? __raw_spin_lock_init+0x1c/0x100 [ 1810.557464] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1810.562480] ? lockdep_init_map+0x9/0x10 [ 1810.566545] sget_userns+0x767/0xf00 [ 1810.570251] ? kill_litter_super+0x90/0x90 [ 1810.574490] ? ns_test_super+0x50/0x50 [ 1810.578366] ? destroy_unused_super.part.11+0x110/0x110 [ 1810.583729] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1810.588316] ? kasan_check_write+0x14/0x20 [ 1810.592559] ? do_raw_spin_lock+0xc1/0x200 [ 1810.596813] ? blkdev_get+0xc0/0xb30 [ 1810.600525] ? cap_capable+0x1f9/0x260 [ 1810.604409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.609937] ? security_capable+0x99/0xc0 [ 1810.614115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.619660] ? ns_capable_common+0x13f/0x170 [ 1810.624067] ? kill_litter_super+0x90/0x90 [ 1810.628289] sget+0x10b/0x150 [ 1810.631388] ? ns_test_super+0x50/0x50 [ 1810.635261] mount_bdev+0x111/0x3e0 [ 1810.638881] ? fuse_get_root_inode+0x190/0x190 [ 1810.643471] fuse_mount_blk+0x34/0x40 [ 1810.647258] mount_fs+0xae/0x328 [ 1810.650613] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1810.655187] ? may_umount+0xb0/0xb0 [ 1810.658807] ? _raw_read_unlock+0x22/0x30 [ 1810.662942] ? __get_fs_type+0x97/0xc0 [ 1810.666819] do_mount+0x564/0x3070 [ 1810.670356] ? copy_mount_string+0x40/0x40 [ 1810.674575] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1810.679588] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1810.684347] ? retint_kernel+0x10/0x10 [ 1810.688228] ? copy_mount_options+0x1f0/0x380 [ 1810.692721] ? copy_mount_options+0x1fa/0x380 [ 1810.697221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1810.702762] ? copy_mount_options+0x285/0x380 [ 1810.707261] ksys_mount+0x12d/0x140 [ 1810.710891] __x64_sys_mount+0xbe/0x150 [ 1810.714870] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1810.719887] do_syscall_64+0x1b1/0x800 [ 1810.723777] ? finish_task_switch+0x1ca/0x840 [ 1810.728281] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1810.733217] ? syscall_return_slowpath+0x30f/0x5c0 [ 1810.738151] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1810.743529] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1810.748383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1810.753576] RIP: 0033:0x455a09 [ 1810.756760] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1810.764473] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1810.771735] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1810.778998] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1810.786262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1810.793526] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000100000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:47 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:03:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:47 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:47 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653002", 0x0) close(r0) 2018/05/15 14:03:47 executing program 4 (fault-call:0 fault-nth:33): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:03:47 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x20000040) 2018/05/15 14:03:47 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) [ 1823.544168] FAULT_INJECTION: forcing a failure. [ 1823.544168] name failslab, interval 1, probability 0, space 0, times 0 [ 1823.555615] CPU: 1 PID: 3283 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1823.562814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1823.572189] Call Trace: [ 1823.574807] dump_stack+0x1b9/0x294 [ 1823.578470] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1823.583103] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000037800000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1823.583685] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1823.597630] should_fail.cold.4+0xa/0x1a [ 1823.601711] ? is_bpf_text_address+0xd7/0x170 [ 1823.606296] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1823.611433] ? unwind_get_return_address+0x61/0xa0 [ 1823.616388] ? __save_stack_trace+0x7e/0xd0 [ 1823.620736] ? graph_lock+0x170/0x170 [ 1823.624559] ? find_held_lock+0x36/0x1c0 [ 1823.628645] ? __lock_is_held+0xb5/0x140 [ 1823.632745] ? check_same_owner+0x320/0x320 [ 1823.637088] ? rcu_note_context_switch+0x710/0x710 2018/05/15 14:03:47 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1823.642034] __should_failslab+0x124/0x180 [ 1823.646288] should_failslab+0x9/0x14 [ 1823.650105] kmem_cache_alloc_trace+0x2cb/0x780 [ 1823.654793] ? __kmalloc_node+0x33/0x70 [ 1823.658785] ? __kmalloc_node+0x33/0x70 [ 1823.662785] ? rcu_read_lock_sched_held+0x108/0x120 [ 1823.667824] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1823.672872] ? kvfree_rcu+0x20/0x20 [ 1823.676521] ? __kmalloc_node+0x47/0x70 [ 1823.680518] __list_lru_init+0x456/0x790 [ 1823.684600] ? list_lru_destroy+0x4c0/0x4c0 [ 1823.688936] ? mark_held_locks+0xc9/0x160 [ 1823.693097] ? __raw_spin_lock_init+0x1c/0x100 [ 1823.697698] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1823.702743] ? lockdep_init_map+0x9/0x10 [ 1823.706823] sget_userns+0x767/0xf00 [ 1823.710555] ? kill_litter_super+0x90/0x90 [ 1823.714810] ? ns_test_super+0x50/0x50 [ 1823.718722] ? destroy_unused_super.part.11+0x110/0x110 [ 1823.724105] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1823.728713] ? kasan_check_write+0x14/0x20 [ 1823.732968] ? do_raw_spin_lock+0xc1/0x200 [ 1823.734667] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1823.737222] ? blkdev_get+0xc0/0xb30 [ 1823.737243] ? cap_capable+0x1f9/0x260 [ 1823.737267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1823.737281] ? security_capable+0x99/0xc0 [ 1823.737301] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1823.737316] ? ns_capable_common+0x13f/0x170 [ 1823.737333] ? kill_litter_super+0x90/0x90 [ 1823.737346] sget+0x10b/0x150 [ 1823.737358] ? ns_test_super+0x50/0x50 [ 1823.737372] mount_bdev+0x111/0x3e0 [ 1823.737394] ? fuse_get_root_inode+0x190/0x190 [ 1823.792709] fuse_mount_blk+0x34/0x40 [ 1823.796531] mount_fs+0xae/0x328 [ 1823.799922] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1823.804519] ? may_umount+0xb0/0xb0 [ 1823.808158] ? _raw_read_unlock+0x22/0x30 [ 1823.812318] ? __get_fs_type+0x97/0xc0 [ 1823.816218] do_mount+0x564/0x3070 [ 1823.819756] ? copy_mount_string+0x40/0x40 [ 1823.823985] ? rcu_pm_notify+0xc0/0xc0 [ 1823.827869] ? copy_mount_options+0x5f/0x380 [ 1823.832274] ? rcu_read_lock_sched_held+0x108/0x120 [ 1823.837283] ? kmem_cache_alloc_trace+0x616/0x780 [ 1823.842116] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1823.847641] ? _copy_from_user+0xdf/0x150 [ 1823.851778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1823.857305] ? copy_mount_options+0x285/0x380 [ 1823.861792] ksys_mount+0x12d/0x140 [ 1823.865412] __x64_sys_mount+0xbe/0x150 [ 1823.869377] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1823.874386] do_syscall_64+0x1b1/0x800 [ 1823.878266] ? finish_task_switch+0x1ca/0x840 [ 1823.882755] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1823.887676] ? syscall_return_slowpath+0x30f/0x5c0 [ 1823.892612] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1823.897974] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1823.902821] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1823.908001] RIP: 0033:0x455a09 [ 1823.911184] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1823.918882] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1823.926144] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1823.933403] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:03:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1823.940660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1823.947915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:03:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000008800000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:03:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:03:47 executing program 4 (fault-call:0 fault-nth:34): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1823.994099] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:03:47 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1824.100291] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1824.121977] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1824.140540] FAULT_INJECTION: forcing a failure. [ 1824.140540] name failslab, interval 1, probability 0, space 0, times 0 [ 1824.152007] CPU: 0 PID: 3335 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1824.159223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1824.168585] Call Trace: [ 1824.171192] dump_stack+0x1b9/0x294 [ 1824.174843] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1824.180047] ? __save_stack_trace+0x7e/0xd0 [ 1824.184392] should_fail.cold.4+0xa/0x1a [ 1824.188468] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1824.193593] ? save_stack+0x43/0xd0 [ 1824.197237] ? kasan_kmalloc+0xc4/0xe0 [ 1824.201402] ? kmem_cache_alloc_trace+0x152/0x780 [ 1824.206261] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1824.211469] ? __list_lru_init+0x456/0x790 [ 1824.215719] ? sget_userns+0x767/0xf00 [ 1824.219627] ? graph_lock+0x170/0x170 [ 1824.223442] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1824.228212] ? do_mount+0x564/0x3070 [ 1824.231937] ? ksys_mount+0x12d/0x140 [ 1824.235748] ? __x64_sys_mount+0xbe/0x150 [ 1824.239913] ? do_syscall_64+0x1b1/0x800 [ 1824.243989] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1824.249370] ? find_held_lock+0x36/0x1c0 [ 1824.253453] ? __lock_is_held+0xb5/0x140 [ 1824.257524] ? check_same_owner+0x320/0x320 [ 1824.261840] ? rcu_note_context_switch+0x710/0x710 [ 1824.266760] __should_failslab+0x124/0x180 [ 1824.270997] should_failslab+0x9/0x14 [ 1824.274794] kmem_cache_alloc_trace+0x2cb/0x780 [ 1824.279456] ? __kmalloc_node+0x33/0x70 [ 1824.283426] ? __kmalloc_node+0x33/0x70 [ 1824.287391] ? rcu_read_lock_sched_held+0x108/0x120 [ 1824.292412] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1824.297431] ? kvfree_rcu+0x20/0x20 [ 1824.301045] ? __kmalloc_node+0x47/0x70 [ 1824.305011] __list_lru_init+0x456/0x790 [ 1824.309078] ? list_lru_destroy+0x4c0/0x4c0 [ 1824.313396] ? mark_held_locks+0xc9/0x160 [ 1824.317578] ? __raw_spin_lock_init+0x1c/0x100 [ 1824.322154] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1824.327164] ? lockdep_init_map+0x9/0x10 [ 1824.331216] sget_userns+0x767/0xf00 [ 1824.334914] ? kill_litter_super+0x90/0x90 [ 1824.339138] ? ns_test_super+0x50/0x50 [ 1824.343039] ? destroy_unused_super.part.11+0x110/0x110 [ 1824.348393] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1824.352962] ? kasan_check_write+0x14/0x20 [ 1824.357183] ? do_raw_spin_lock+0xc1/0x200 [ 1824.361422] ? blkdev_get+0xc0/0xb30 [ 1824.365134] ? cap_capable+0x1f9/0x260 [ 1824.369025] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1824.374560] ? security_capable+0x99/0xc0 [ 1824.378705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1824.384244] ? ns_capable_common+0x13f/0x170 [ 1824.388646] ? kill_litter_super+0x90/0x90 [ 1824.392867] sget+0x10b/0x150 [ 1824.395963] ? ns_test_super+0x50/0x50 [ 1824.399943] mount_bdev+0x111/0x3e0 [ 1824.403577] ? fuse_get_root_inode+0x190/0x190 [ 1824.408164] fuse_mount_blk+0x34/0x40 [ 1824.411967] mount_fs+0xae/0x328 [ 1824.415333] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1824.419914] ? may_umount+0xb0/0xb0 [ 1824.423530] ? _raw_read_unlock+0x22/0x30 [ 1824.427663] ? __get_fs_type+0x97/0xc0 [ 1824.431543] do_mount+0x564/0x3070 [ 1824.435081] ? copy_mount_string+0x40/0x40 [ 1824.439301] ? rcu_pm_notify+0xc0/0xc0 [ 1824.443187] ? copy_mount_options+0x5f/0x380 [ 1824.447579] ? rcu_read_lock_sched_held+0x108/0x120 [ 1824.452592] ? kmem_cache_alloc_trace+0x616/0x780 [ 1824.457449] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1824.462993] ? _copy_from_user+0xdf/0x150 [ 1824.467141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1824.472676] ? copy_mount_options+0x285/0x380 [ 1824.477182] ksys_mount+0x12d/0x140 [ 1824.480820] __x64_sys_mount+0xbe/0x150 [ 1824.484805] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1824.489839] do_syscall_64+0x1b1/0x800 [ 1824.493729] ? finish_task_switch+0x1ca/0x840 [ 1824.498215] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1824.503142] ? syscall_return_slowpath+0x30f/0x5c0 [ 1824.508069] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1824.513424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1824.518255] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1824.523432] RIP: 0033:0x455a09 [ 1824.526603] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1824.534302] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1824.541566] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1824.548820] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1824.556076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1824.563792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000003f000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:01 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) inotify_init() ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{}, {}]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x80000, r0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000080)={r1, 0x68399ff27ce36f5c, r0}) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:01 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653003", 0x0) close(r0) 2018/05/15 14:04:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000007fffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:01 executing program 4 (fault-call:0 fault-nth:35): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:01 executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_opts(r0, 0x0, 0x21, &(0x7f0000000000), 0x3) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0xfb2d}], 0x1000000000000077) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:01 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1837.377805] FAULT_INJECTION: forcing a failure. [ 1837.377805] name failslab, interval 1, probability 0, space 0, times 0 [ 1837.389129] CPU: 1 PID: 3355 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1837.397208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1837.406582] Call Trace: [ 1837.409201] dump_stack+0x1b9/0x294 [ 1837.412858] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1837.418163] ? __save_stack_trace+0x7e/0xd0 [ 1837.422516] should_fail.cold.4+0xa/0x1a 2018/05/15 14:04:01 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000400000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1837.426606] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1837.431741] ? save_stack+0x43/0xd0 [ 1837.435395] ? kasan_kmalloc+0xc4/0xe0 [ 1837.439307] ? kmem_cache_alloc_trace+0x152/0x780 [ 1837.444171] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1837.449381] ? __list_lru_init+0x456/0x790 [ 1837.453633] ? sget_userns+0x767/0xf00 [ 1837.457538] ? graph_lock+0x170/0x170 [ 1837.461360] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1837.466133] ? do_mount+0x564/0x3070 [ 1837.469864] ? ksys_mount+0x12d/0x140 [ 1837.473679] ? __x64_sys_mount+0xbe/0x150 [ 1837.477847] ? do_syscall_64+0x1b1/0x800 [ 1837.481922] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1837.487305] ? find_held_lock+0x36/0x1c0 [ 1837.491392] ? __lock_is_held+0xb5/0x140 [ 1837.495482] ? check_same_owner+0x320/0x320 [ 1837.499823] ? rcu_note_context_switch+0x710/0x710 [ 1837.504777] __should_failslab+0x124/0x180 [ 1837.509030] should_failslab+0x9/0x14 [ 1837.512855] kmem_cache_alloc_trace+0x2cb/0x780 [ 1837.517554] ? __kmalloc_node+0x33/0x70 [ 1837.521553] ? __kmalloc_node+0x33/0x70 [ 1837.525548] ? rcu_read_lock_sched_held+0x108/0x120 [ 1837.530579] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1837.535596] ? kvfree_rcu+0x20/0x20 [ 1837.539222] ? __kmalloc_node+0x47/0x70 [ 1837.543203] __list_lru_init+0x456/0x790 [ 1837.547269] ? list_lru_destroy+0x4c0/0x4c0 [ 1837.551581] ? mark_held_locks+0xc9/0x160 [ 1837.555724] ? __raw_spin_lock_init+0x1c/0x100 [ 1837.560296] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1837.565304] ? lockdep_init_map+0x9/0x10 [ 1837.569355] sget_userns+0x767/0xf00 [ 1837.573067] ? kill_litter_super+0x90/0x90 [ 1837.577290] ? ns_test_super+0x50/0x50 [ 1837.581168] ? destroy_unused_super.part.11+0x110/0x110 [ 1837.586520] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1837.591091] ? kasan_check_write+0x14/0x20 [ 1837.595312] ? do_raw_spin_lock+0xc1/0x200 [ 1837.599535] ? blkdev_get+0xc0/0xb30 [ 1837.603237] ? cap_capable+0x1f9/0x260 [ 1837.607117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1837.612641] ? security_capable+0x99/0xc0 [ 1837.616779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1837.622321] ? ns_capable_common+0x13f/0x170 [ 1837.626720] ? kill_litter_super+0x90/0x90 [ 1837.630940] sget+0x10b/0x150 [ 1837.634035] ? ns_test_super+0x50/0x50 [ 1837.637914] mount_bdev+0x111/0x3e0 [ 1837.641544] ? fuse_get_root_inode+0x190/0x190 [ 1837.646119] fuse_mount_blk+0x34/0x40 [ 1837.649921] mount_fs+0xae/0x328 [ 1837.653281] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1837.657860] ? may_umount+0xb0/0xb0 [ 1837.661474] ? _raw_read_unlock+0x22/0x30 [ 1837.665608] ? __get_fs_type+0x97/0xc0 [ 1837.669490] do_mount+0x564/0x3070 [ 1837.673028] ? copy_mount_string+0x40/0x40 [ 1837.677252] ? rcu_pm_notify+0xc0/0xc0 [ 1837.681138] ? copy_mount_options+0x5f/0x380 [ 1837.685534] ? rcu_read_lock_sched_held+0x108/0x120 [ 1837.690549] ? kmem_cache_alloc_trace+0x616/0x780 [ 1837.695386] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1837.700911] ? copy_mount_options+0x285/0x380 [ 1837.705396] ksys_mount+0x12d/0x140 [ 1837.709017] __x64_sys_mount+0xbe/0x150 [ 1837.712983] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1837.717989] do_syscall_64+0x1b1/0x800 [ 1837.721871] ? finish_task_switch+0x1ca/0x840 [ 1837.726369] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1837.731292] ? syscall_return_slowpath+0x30f/0x5c0 [ 1837.736215] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1837.741591] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1837.746441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1837.751618] RIP: 0033:0x455a09 [ 1837.754796] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1837.762498] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1837.769756] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:04:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000700000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1837.777017] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1837.784279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1837.791538] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1837.805383] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000100", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:01 executing program 4 (fault-call:0 fault-nth:36): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:01 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1837.961233] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1837.977816] FAULT_INJECTION: forcing a failure. [ 1837.977816] name failslab, interval 1, probability 0, space 0, times 0 [ 1837.989244] CPU: 0 PID: 3392 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1837.996454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1838.005814] Call Trace: [ 1838.008421] dump_stack+0x1b9/0x294 [ 1838.012067] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1838.017273] ? __save_stack_trace+0x7e/0xd0 [ 1838.021671] should_fail.cold.4+0xa/0x1a [ 1838.025753] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1838.030874] ? save_stack+0x43/0xd0 [ 1838.034519] ? kasan_kmalloc+0xc4/0xe0 [ 1838.038418] ? kmem_cache_alloc_trace+0x152/0x780 [ 1838.043277] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1838.049348] ? __list_lru_init+0x456/0x790 [ 1838.053593] ? sget_userns+0x767/0xf00 [ 1838.057494] ? graph_lock+0x170/0x170 [ 1838.061313] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1838.066082] ? do_mount+0x564/0x3070 [ 1838.069810] ? ksys_mount+0x12d/0x140 [ 1838.073627] ? __x64_sys_mount+0xbe/0x150 [ 1838.077792] ? do_syscall_64+0x1b1/0x800 [ 1838.081872] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1838.087259] ? find_held_lock+0x36/0x1c0 [ 1838.091345] ? __lock_is_held+0xb5/0x140 [ 1838.094374] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1838.095432] ? check_same_owner+0x320/0x320 2018/05/15 14:04:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000004000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1838.095455] ? rcu_note_context_switch+0x710/0x710 [ 1838.113448] __should_failslab+0x124/0x180 [ 1838.117697] should_failslab+0x9/0x14 [ 1838.121513] kmem_cache_alloc_trace+0x2cb/0x780 [ 1838.126257] ? __kmalloc_node+0x33/0x70 [ 1838.130356] ? __kmalloc_node+0x33/0x70 [ 1838.134356] ? rcu_read_lock_sched_held+0x108/0x120 [ 1838.139400] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1838.144433] ? kvfree_rcu+0x20/0x20 [ 1838.148076] ? __kmalloc_node+0x47/0x70 [ 1838.152068] __list_lru_init+0x456/0x790 [ 1838.156144] ? list_lru_destroy+0x4c0/0x4c0 [ 1838.160482] ? mark_held_locks+0xc9/0x160 [ 1838.164650] ? __raw_spin_lock_init+0x1c/0x100 [ 1838.169246] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.174261] ? lockdep_init_map+0x9/0x10 [ 1838.178321] sget_userns+0x767/0xf00 [ 1838.182030] ? kill_litter_super+0x90/0x90 [ 1838.186257] ? ns_test_super+0x50/0x50 [ 1838.190153] ? destroy_unused_super.part.11+0x110/0x110 [ 1838.195516] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1838.200088] ? kasan_check_write+0x14/0x20 [ 1838.204309] ? do_raw_spin_lock+0xc1/0x200 [ 1838.208545] ? blkdev_get+0xc0/0xb30 [ 1838.212248] ? cap_capable+0x1f9/0x260 [ 1838.216131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.221655] ? security_capable+0x99/0xc0 [ 1838.225796] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.231406] ? ns_capable_common+0x13f/0x170 [ 1838.235802] ? kill_litter_super+0x90/0x90 [ 1838.240033] sget+0x10b/0x150 [ 1838.243132] ? ns_test_super+0x50/0x50 [ 1838.247015] mount_bdev+0x111/0x3e0 [ 1838.250634] ? fuse_get_root_inode+0x190/0x190 [ 1838.255216] fuse_mount_blk+0x34/0x40 [ 1838.259008] mount_fs+0xae/0x328 [ 1838.262369] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1838.266939] ? may_umount+0xb0/0xb0 [ 1838.270563] ? _raw_read_unlock+0x22/0x30 [ 1838.274697] ? __get_fs_type+0x97/0xc0 [ 1838.278577] do_mount+0x564/0x3070 [ 1838.282109] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1838.286524] ? copy_mount_string+0x40/0x40 [ 1838.290748] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.295755] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1838.300502] ? retint_kernel+0x10/0x10 [ 1838.304393] ? copy_mount_options+0x1f0/0x380 [ 1838.308876] ? copy_mount_options+0x206/0x380 [ 1838.313362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.318888] ? copy_mount_options+0x285/0x380 [ 1838.323377] ksys_mount+0x12d/0x140 [ 1838.327025] __x64_sys_mount+0xbe/0x150 [ 1838.330989] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.336011] do_syscall_64+0x1b1/0x800 [ 1838.339896] ? finish_task_switch+0x1ca/0x840 [ 1838.344390] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1838.349315] ? syscall_return_slowpath+0x30f/0x5c0 [ 1838.354242] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1838.359594] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1838.364425] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1838.369597] RIP: 0033:0x455a09 [ 1838.372769] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1838.380464] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1838.387719] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1838.394990] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1838.402247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1838.409512] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:02 executing program 4 (fault-call:0 fault-nth:37): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe4}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:02 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f00000000c0)={{0xffffffffffffffc1, 0x7, 0x100000001, 0x101, 0xfff, 0x5}, 0x6}) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000040)={0x2, 0x1f}) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000080)={0x3726}, 0x4) 2018/05/15 14:04:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:02 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653093", 0x0) close(r0) 2018/05/15 14:04:02 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:02 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x8000) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000200000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1838.547509] FAULT_INJECTION: forcing a failure. [ 1838.547509] name failslab, interval 1, probability 0, space 0, times 0 [ 1838.558840] CPU: 1 PID: 3426 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1838.566036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1838.575410] Call Trace: [ 1838.578026] dump_stack+0x1b9/0x294 [ 1838.581677] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1838.586886] ? __save_stack_trace+0x7e/0xd0 [ 1838.591225] should_fail.cold.4+0xa/0x1a [ 1838.595303] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1838.600420] ? save_stack+0x43/0xd0 [ 1838.604061] ? kasan_kmalloc+0xc4/0xe0 [ 1838.608034] ? kmem_cache_alloc_trace+0x152/0x780 [ 1838.612890] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1838.618117] ? __list_lru_init+0x456/0x790 [ 1838.622366] ? sget_userns+0x767/0xf00 [ 1838.626260] ? graph_lock+0x170/0x170 [ 1838.630110] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1838.634877] ? do_mount+0x564/0x3070 [ 1838.638607] ? ksys_mount+0x12d/0x140 [ 1838.642420] ? __x64_sys_mount+0xbe/0x150 [ 1838.646591] ? do_syscall_64+0x1b1/0x800 [ 1838.650657] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1838.656025] ? find_held_lock+0x36/0x1c0 [ 1838.660082] ? __lock_is_held+0xb5/0x140 [ 1838.664154] ? check_same_owner+0x320/0x320 [ 1838.668473] ? rcu_note_context_switch+0x710/0x710 [ 1838.673399] __should_failslab+0x124/0x180 [ 1838.677625] should_failslab+0x9/0x14 [ 1838.681418] kmem_cache_alloc_trace+0x2cb/0x780 [ 1838.686076] ? __kmalloc_node+0x33/0x70 [ 1838.690041] ? __kmalloc_node+0x33/0x70 [ 1838.694005] ? rcu_read_lock_sched_held+0x108/0x120 [ 1838.699022] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1838.704037] ? kvfree_rcu+0x20/0x20 [ 1838.707666] ? __kmalloc_node+0x47/0x70 [ 1838.711633] __list_lru_init+0x456/0x790 [ 1838.715684] ? list_lru_destroy+0x4c0/0x4c0 [ 1838.719995] ? mark_held_locks+0xc9/0x160 [ 1838.724135] ? __raw_spin_lock_init+0x1c/0x100 [ 1838.728712] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.733719] ? lockdep_init_map+0x9/0x10 [ 1838.737771] sget_userns+0x767/0xf00 [ 1838.741469] ? kill_litter_super+0x90/0x90 [ 1838.745694] ? ns_test_super+0x50/0x50 [ 1838.749570] ? destroy_unused_super.part.11+0x110/0x110 [ 1838.754928] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1838.759498] ? kasan_check_write+0x14/0x20 [ 1838.763720] ? do_raw_spin_lock+0xc1/0x200 [ 1838.767947] ? blkdev_get+0xc0/0xb30 [ 1838.771658] ? cap_capable+0x1f9/0x260 [ 1838.775537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.781064] ? security_capable+0x99/0xc0 [ 1838.785206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.790727] ? ns_capable_common+0x13f/0x170 [ 1838.795126] ? kill_litter_super+0x90/0x90 [ 1838.799343] sget+0x10b/0x150 [ 1838.802436] ? ns_test_super+0x50/0x50 [ 1838.806323] mount_bdev+0x111/0x3e0 [ 1838.809936] ? fuse_get_root_inode+0x190/0x190 [ 1838.814504] fuse_mount_blk+0x34/0x40 [ 1838.818292] mount_fs+0xae/0x328 [ 1838.821648] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1838.826228] ? may_umount+0xb0/0xb0 [ 1838.829843] ? _raw_read_unlock+0x22/0x30 [ 1838.833976] ? __get_fs_type+0x97/0xc0 [ 1838.837852] do_mount+0x564/0x3070 [ 1838.841381] ? copy_mount_string+0x40/0x40 [ 1838.845603] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.850607] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1838.855350] ? retint_kernel+0x10/0x10 [ 1838.859227] ? copy_mount_options+0x1f0/0x380 [ 1838.863709] ? copy_mount_options+0x1fa/0x380 [ 1838.868208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1838.873731] ? copy_mount_options+0x285/0x380 [ 1838.878227] ksys_mount+0x12d/0x140 [ 1838.881843] __x64_sys_mount+0xbe/0x150 [ 1838.885805] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1838.890809] do_syscall_64+0x1b1/0x800 [ 1838.894682] ? finish_task_switch+0x1ca/0x840 [ 1838.899163] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1838.904080] ? syscall_return_slowpath+0x30f/0x5c0 [ 1838.909002] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1838.914359] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1838.919191] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1838.924364] RIP: 0033:0x455a09 [ 1838.927538] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1838.935243] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8300000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1838.942501] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1838.949755] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1838.957024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1838.964281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:02 executing program 4 (fault-call:0 fault-nth:38): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000003f00000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1839.032798] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1839.052951] FAULT_INJECTION: forcing a failure. [ 1839.052951] name failslab, interval 1, probability 0, space 0, times 0 [ 1839.064366] CPU: 0 PID: 3449 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1839.071562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1839.080924] Call Trace: [ 1839.083531] dump_stack+0x1b9/0x294 [ 1839.087176] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1839.092383] ? __save_stack_trace+0x7e/0xd0 [ 1839.096726] should_fail.cold.4+0xa/0x1a [ 1839.100804] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1839.105928] ? save_stack+0x43/0xd0 [ 1839.109572] ? kasan_kmalloc+0xc4/0xe0 [ 1839.113470] ? kmem_cache_alloc_trace+0x152/0x780 [ 1839.118322] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1839.123524] ? __list_lru_init+0x456/0x790 [ 1839.127908] ? sget_userns+0x767/0xf00 [ 1839.131804] ? graph_lock+0x170/0x170 [ 1839.135614] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1839.140377] ? do_mount+0x564/0x3070 [ 1839.144101] ? ksys_mount+0x12d/0x140 [ 1839.147908] ? __x64_sys_mount+0xbe/0x150 [ 1839.152078] ? do_syscall_64+0x1b1/0x800 [ 1839.156148] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1839.161529] ? find_held_lock+0x36/0x1c0 [ 1839.165609] ? __lock_is_held+0xb5/0x140 [ 1839.169695] ? check_same_owner+0x320/0x320 [ 1839.174037] ? rcu_note_context_switch+0x710/0x710 [ 1839.178989] __should_failslab+0x124/0x180 2018/05/15 14:04:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000700000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1839.183242] should_failslab+0x9/0x14 [ 1839.187068] kmem_cache_alloc_trace+0x2cb/0x780 [ 1839.191753] ? __kmalloc_node+0x33/0x70 [ 1839.195745] ? __kmalloc_node+0x33/0x70 [ 1839.199730] ? rcu_read_lock_sched_held+0x108/0x120 [ 1839.204762] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1839.209797] ? kvfree_rcu+0x20/0x20 [ 1839.213441] ? __kmalloc_node+0x47/0x70 [ 1839.217444] __list_lru_init+0x456/0x790 [ 1839.221523] ? list_lru_destroy+0x4c0/0x4c0 [ 1839.225857] ? mark_held_locks+0xc9/0x160 2018/05/15 14:04:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:02 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1839.230017] ? __raw_spin_lock_init+0x1c/0x100 [ 1839.234616] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1839.239650] ? lockdep_init_map+0x9/0x10 [ 1839.243725] sget_userns+0x767/0xf00 [ 1839.247445] ? kill_litter_super+0x90/0x90 [ 1839.251687] ? ns_test_super+0x50/0x50 [ 1839.255585] ? destroy_unused_super.part.11+0x110/0x110 [ 1839.260964] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1839.265569] ? kasan_check_write+0x14/0x20 [ 1839.269824] ? do_raw_spin_lock+0xc1/0x200 [ 1839.274095] ? blkdev_get+0xc0/0xb30 [ 1839.277862] ? cap_capable+0x1f9/0x260 [ 1839.281774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.287342] ? security_capable+0x99/0xc0 [ 1839.291505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.297062] ? ns_capable_common+0x13f/0x170 [ 1839.301487] ? kill_litter_super+0x90/0x90 [ 1839.305740] sget+0x10b/0x150 [ 1839.308861] ? ns_test_super+0x50/0x50 [ 1839.312767] mount_bdev+0x111/0x3e0 [ 1839.314293] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1839.316400] ? fuse_get_root_inode+0x190/0x190 [ 1839.316419] fuse_mount_blk+0x34/0x40 [ 1839.316437] mount_fs+0xae/0x328 [ 1839.316455] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1839.341622] ? may_umount+0xb0/0xb0 [ 1839.345269] ? _raw_read_unlock+0x22/0x30 [ 1839.349424] ? __get_fs_type+0x97/0xc0 [ 1839.353328] do_mount+0x564/0x3070 [ 1839.356884] ? copy_mount_string+0x40/0x40 [ 1839.361127] ? rcu_pm_notify+0xc0/0xc0 [ 1839.365038] ? copy_mount_options+0x5f/0x380 [ 1839.369467] ? rcu_read_lock_sched_held+0x108/0x120 [ 1839.374507] ? kmem_cache_alloc_trace+0x616/0x780 [ 1839.379359] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1839.384902] ? _copy_from_user+0xdf/0x150 [ 1839.389069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.394622] ? copy_mount_options+0x285/0x380 [ 1839.399132] ksys_mount+0x12d/0x140 [ 1839.402767] __x64_sys_mount+0xbe/0x150 [ 1839.406747] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1839.411780] do_syscall_64+0x1b1/0x800 [ 1839.415686] ? finish_task_switch+0x1ca/0x840 [ 1839.420199] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1839.425144] ? syscall_return_slowpath+0x30f/0x5c0 [ 1839.430086] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1839.435460] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1839.440318] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1839.445512] RIP: 0033:0x455a09 [ 1839.448702] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1839.456428] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1839.463706] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1839.470985] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1839.478261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1839.485524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:03 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="9fb553"], 0x1) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff8) r2 = add_key$keyring(&(0x7f0000000340)='keyring\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$instantiate_iov(0x14, r1, &(0x7f0000000300)=[{&(0x7f0000000100)="25d727b50211bff7c0", 0x9}, {&(0x7f0000000140)="565465ffc619938dbf68e650b6e1fc78f4f5f180ab20affa8001c58f90c16de975407f085213e18afb6dacd713f04cb74da15888fc3d8f959a4baf4fabd662f34225efc1d951b16b5dd2f1facad3630140f2807a4c5c0dbeb8669a4a89583b07007cc20ecac4d0d3745afe6a300cfadb6a0f518663a5d5944b891897fe2987a1be010d3dfc964147903c4922d2ca38b57ad29cdbb0cb6d02eabaf8d976049d3b18f7023beea8a0c6d4a783deda1f6d7677f429e420c2fbac3aa87815aec331d9f9094afd51e3aedaf7ec9b6b7d22a87c19", 0xd1}, {&(0x7f0000000240)="8cb765c6954e92f5752fca8a06623875bf48080dfd6be25f538c5a1c2c5a7b01808e1d5e960ea423de2d72b8c5bcf6e0a0f25da95a12ede6d3180c5b34216da377915241de41207ccf8538780c57e140f6404b6494d4bad3acfe57dfaa81dc8249ae5682301f934f3ee1b6b2258450d44e9cd1b1bb829c64f51418f6d120bb7983a5ebc0529682233f44724bbb27e5b3d1952897e096896308066720bb42313173581749f6371758575a5e2122927ee6188fd51b5f5e446989f131dc64", 0xbd}], 0x3, r2) 2018/05/15 14:04:03 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653010", 0x0) close(r0) 2018/05/15 14:04:03 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:03 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000011000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:03 executing program 4 (fault-call:0 fault-nth:39): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:03 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000040)) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:03 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:03 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c00000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1839.638799] FAULT_INJECTION: forcing a failure. [ 1839.638799] name failslab, interval 1, probability 0, space 0, times 0 [ 1839.650104] CPU: 1 PID: 3495 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1839.657307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1839.666677] Call Trace: [ 1839.669271] dump_stack+0x1b9/0x294 [ 1839.672901] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1839.678100] ? __save_stack_trace+0x7e/0xd0 [ 1839.682425] should_fail.cold.4+0xa/0x1a [ 1839.686482] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1839.691580] ? save_stack+0x43/0xd0 [ 1839.695192] ? kasan_kmalloc+0xc4/0xe0 [ 1839.699069] ? kmem_cache_alloc_trace+0x152/0x780 [ 1839.703918] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1839.709128] ? __list_lru_init+0x456/0x790 [ 1839.713350] ? sget_userns+0x767/0xf00 [ 1839.717230] ? graph_lock+0x170/0x170 [ 1839.721030] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1839.725773] ? do_mount+0x564/0x3070 [ 1839.729471] ? ksys_mount+0x12d/0x140 [ 1839.733261] ? __x64_sys_mount+0xbe/0x150 [ 1839.737394] ? do_syscall_64+0x1b1/0x800 [ 1839.741459] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1839.746826] ? find_held_lock+0x36/0x1c0 [ 1839.750879] ? __lock_is_held+0xb5/0x140 [ 1839.754942] ? check_same_owner+0x320/0x320 [ 1839.759253] ? rcu_note_context_switch+0x710/0x710 [ 1839.764177] __should_failslab+0x124/0x180 [ 1839.768403] should_failslab+0x9/0x14 [ 1839.772194] kmem_cache_alloc_trace+0x2cb/0x780 [ 1839.776858] ? __kmalloc_node+0x33/0x70 [ 1839.780819] ? __kmalloc_node+0x33/0x70 [ 1839.784780] ? rcu_read_lock_sched_held+0x108/0x120 [ 1839.789786] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1839.794789] ? kvfree_rcu+0x20/0x20 [ 1839.798405] ? __kmalloc_node+0x47/0x70 [ 1839.802385] __list_lru_init+0x456/0x790 [ 1839.806436] ? list_lru_destroy+0x4c0/0x4c0 [ 1839.810744] ? mark_held_locks+0xc9/0x160 [ 1839.814878] ? __raw_spin_lock_init+0x1c/0x100 [ 1839.819460] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1839.824468] ? lockdep_init_map+0x9/0x10 [ 1839.828528] sget_userns+0x767/0xf00 [ 1839.832225] ? kill_litter_super+0x90/0x90 [ 1839.836445] ? ns_test_super+0x50/0x50 [ 1839.840319] ? destroy_unused_super.part.11+0x110/0x110 [ 1839.845668] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1839.850237] ? kasan_check_write+0x14/0x20 [ 1839.854456] ? do_raw_spin_lock+0xc1/0x200 [ 1839.858681] ? blkdev_get+0xc0/0xb30 [ 1839.862402] ? cap_capable+0x1f9/0x260 [ 1839.866282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.871804] ? security_capable+0x99/0xc0 [ 1839.875939] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.881461] ? ns_capable_common+0x13f/0x170 [ 1839.885863] ? kill_litter_super+0x90/0x90 [ 1839.890085] sget+0x10b/0x150 [ 1839.893180] ? ns_test_super+0x50/0x50 [ 1839.897056] mount_bdev+0x111/0x3e0 [ 1839.900689] ? fuse_get_root_inode+0x190/0x190 [ 1839.905257] fuse_mount_blk+0x34/0x40 [ 1839.909047] mount_fs+0xae/0x328 [ 1839.912405] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1839.916974] ? may_umount+0xb0/0xb0 [ 1839.920586] ? _raw_read_unlock+0x22/0x30 [ 1839.924724] ? __get_fs_type+0x97/0xc0 [ 1839.928606] do_mount+0x564/0x3070 [ 1839.932137] ? copy_mount_string+0x40/0x40 [ 1839.936356] ? rcu_pm_notify+0xc0/0xc0 [ 1839.940231] ? copy_mount_options+0x5f/0x380 [ 1839.944629] ? rcu_read_lock_sched_held+0x108/0x120 [ 1839.949631] ? kmem_cache_alloc_trace+0x616/0x780 [ 1839.954461] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1839.959988] ? _copy_from_user+0xdf/0x150 [ 1839.964128] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1839.969650] ? copy_mount_options+0x285/0x380 [ 1839.974134] ksys_mount+0x12d/0x140 [ 1839.977747] __x64_sys_mount+0xbe/0x150 [ 1839.981706] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1839.986715] do_syscall_64+0x1b1/0x800 [ 1839.990596] ? finish_task_switch+0x1ca/0x840 [ 1839.995080] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1839.999997] ? syscall_return_slowpath+0x30f/0x5c0 [ 1840.004933] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1840.010296] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1840.015128] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1840.020299] RIP: 0033:0x455a09 [ 1840.023473] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1840.031168] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1840.038424] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1840.045682] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1840.052939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1840.060202] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:03 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000500000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:03 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1840.091235] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:03 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:03 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000fffffffe00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:03 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000088000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:03 executing program 4 (fault-call:0 fault-nth:40): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1840.240499] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1840.296650] FAULT_INJECTION: forcing a failure. [ 1840.296650] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.307993] CPU: 1 PID: 3539 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1840.315199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1840.324565] Call Trace: [ 1840.327175] dump_stack+0x1b9/0x294 [ 1840.330827] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1840.336039] ? __save_stack_trace+0x7e/0xd0 [ 1840.340396] should_fail.cold.4+0xa/0x1a [ 1840.344506] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1840.349634] ? save_stack+0x43/0xd0 [ 1840.353286] ? kasan_kmalloc+0xc4/0xe0 [ 1840.357195] ? kmem_cache_alloc_trace+0x152/0x780 [ 1840.362057] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1840.367265] ? __list_lru_init+0x456/0x790 [ 1840.371521] ? sget_userns+0x767/0xf00 [ 1840.375431] ? graph_lock+0x170/0x170 [ 1840.379257] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1840.384041] ? do_mount+0x564/0x3070 [ 1840.387772] ? ksys_mount+0x12d/0x140 [ 1840.391593] ? __x64_sys_mount+0xbe/0x150 [ 1840.395764] ? do_syscall_64+0x1b1/0x800 [ 1840.399849] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1840.405240] ? find_held_lock+0x36/0x1c0 [ 1840.409329] ? __lock_is_held+0xb5/0x140 [ 1840.413403] ? check_same_owner+0x320/0x320 [ 1840.417721] ? rcu_note_context_switch+0x710/0x710 [ 1840.422653] __should_failslab+0x124/0x180 [ 1840.426905] should_failslab+0x9/0x14 [ 1840.430717] kmem_cache_alloc_trace+0x2cb/0x780 [ 1840.435394] ? __kmalloc_node+0x33/0x70 [ 1840.439387] ? __kmalloc_node+0x33/0x70 [ 1840.443361] ? rcu_read_lock_sched_held+0x108/0x120 [ 1840.448378] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1840.453384] ? kvfree_rcu+0x20/0x20 [ 1840.457010] ? __kmalloc_node+0x47/0x70 [ 1840.461019] __list_lru_init+0x456/0x790 [ 1840.465078] ? list_lru_destroy+0x4c0/0x4c0 [ 1840.469386] ? mark_held_locks+0xc9/0x160 [ 1840.473547] ? __raw_spin_lock_init+0x1c/0x100 [ 1840.478125] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1840.483143] ? lockdep_init_map+0x9/0x10 [ 1840.487222] sget_userns+0x767/0xf00 [ 1840.490949] ? kill_litter_super+0x90/0x90 [ 1840.495186] ? ns_test_super+0x50/0x50 [ 1840.499081] ? destroy_unused_super.part.11+0x110/0x110 [ 1840.504437] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1840.509015] ? kasan_check_write+0x14/0x20 [ 1840.513245] ? do_raw_spin_lock+0xc1/0x200 [ 1840.517484] ? blkdev_get+0xc0/0xb30 [ 1840.521195] ? cap_capable+0x1f9/0x260 [ 1840.525084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1840.530631] ? security_capable+0x99/0xc0 [ 1840.534789] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1840.540336] ? ns_capable_common+0x13f/0x170 [ 1840.544751] ? kill_litter_super+0x90/0x90 [ 1840.548985] sget+0x10b/0x150 [ 1840.552120] ? ns_test_super+0x50/0x50 [ 1840.556021] mount_bdev+0x111/0x3e0 [ 1840.559660] ? fuse_get_root_inode+0x190/0x190 [ 1840.564257] fuse_mount_blk+0x34/0x40 [ 1840.568077] mount_fs+0xae/0x328 [ 1840.571452] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1840.576039] ? may_umount+0xb0/0xb0 [ 1840.579671] ? _raw_read_unlock+0x22/0x30 [ 1840.583827] ? __get_fs_type+0x97/0xc0 [ 1840.587717] do_mount+0x564/0x3070 [ 1840.591246] ? copy_mount_string+0x40/0x40 [ 1840.595470] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1840.600476] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1840.605226] ? retint_kernel+0x10/0x10 [ 1840.609107] ? copy_mount_options+0x1d9/0x380 [ 1840.613602] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1840.619131] ? copy_mount_options+0x285/0x380 [ 1840.623617] ksys_mount+0x12d/0x140 [ 1840.627245] __x64_sys_mount+0xbe/0x150 [ 1840.631216] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1840.636236] do_syscall_64+0x1b1/0x800 [ 1840.640118] ? finish_task_switch+0x1ca/0x840 [ 1840.644606] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1840.649544] ? syscall_return_slowpath+0x30f/0x5c0 [ 1840.654472] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1840.659840] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1840.664689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1840.669869] RIP: 0033:0x455a09 [ 1840.673054] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1840.680753] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1840.688017] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:04:04 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:04 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:04 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:04 executing program 4 (fault-call:0 fault-nth:41): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:04 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:04 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:04 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/loop-control\x00', 0x840, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080)='fou\x00') sendmsg$FOU_CMD_DEL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="000229bd7000fcdbdf2502000000080001004e21000008000300ff0e000004000500080001004e2200000800040003000000"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x10) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000180)={0x1, [0x3]}) 2018/05/15 14:04:04 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x804, 0x0) ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f0000000440)={'bridge0\x00', {0x2, 0x4e21, @broadcast=0xffffffff}}) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) syz_open_dev$sndpcmc(&(0x7f0000000500)='/dev/snd/pcmC#D#c\x00', 0x4, 0x101000) ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f00000000c0)={0x0, 0x5, 0x2, 0x80, &(0x7f0000ffc000/0x4000)=nil, 0xd1c}) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f00000002c0)=0x3) openat$md(0xffffffffffffff9c, &(0x7f0000000540)='/dev/md0\x00', 0x4080, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f00000004c0)={0x2, &(0x7f0000000480)=[0x2, 0x2]}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$inet_sctp(r0, &(0x7f0000000400)={&(0x7f0000000300)=@in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000340)="45b480f65cb749e5e00596a770998fc3bd3a047f5a4dd78ce9fdb811ea823c1dce0c54a568736911300bbac9fe4b91de17baa0374c5911984c4321f210a6aa57d9f7d2b508174baa", 0x48}], 0x1, 0x0, 0x0, 0x10}, 0x20000000) sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x84, r2, 0x800, 0x70bd27, 0x25dfdbfc, {0xf}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x20}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x800}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4e}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x39, 0x4}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x49a}]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x80000001}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1a}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x40080}, 0x44001) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000580)={0x2, [0x7ab6, 0x4]}, &(0x7f00000005c0)=0x8) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000040)={0x3f, 0x3f, 0x401, 0x8, 0xfffffffffffffff8, 0x8, 0x9a37, 0x6, 0x5, 0xc1e7}) write$binfmt_elf64(r0, &(0x7f0000000140)=ANY=[], 0x0) [ 1840.695282] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1840.702535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1840.709792] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1840.769460] Unknown ioctl 35100 [ 1840.787804] FAULT_INJECTION: forcing a failure. [ 1840.787804] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.799177] CPU: 1 PID: 3564 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1840.806390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1840.815768] Call Trace: [ 1840.818430] dump_stack+0x1b9/0x294 [ 1840.822084] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1840.827290] ? __save_stack_trace+0x7e/0xd0 [ 1840.831616] should_fail.cold.4+0xa/0x1a [ 1840.835679] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1840.840784] ? save_stack+0x43/0xd0 [ 1840.844410] ? kasan_kmalloc+0xc4/0xe0 [ 1840.848290] ? kmem_cache_alloc_trace+0x152/0x780 [ 1840.853117] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1840.858291] ? __list_lru_init+0x456/0x790 [ 1840.862512] ? sget_userns+0x767/0xf00 [ 1840.866390] ? graph_lock+0x170/0x170 [ 1840.870187] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1840.874931] ? do_mount+0x564/0x3070 [ 1840.878639] ? ksys_mount+0x12d/0x140 [ 1840.882430] ? __x64_sys_mount+0xbe/0x150 [ 1840.886584] ? do_syscall_64+0x1b1/0x800 [ 1840.890636] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1840.895994] ? find_held_lock+0x36/0x1c0 [ 1840.900054] ? __lock_is_held+0xb5/0x140 [ 1840.904131] ? check_same_owner+0x320/0x320 [ 1840.908446] ? rcu_note_context_switch+0x710/0x710 [ 1840.913366] __should_failslab+0x124/0x180 [ 1840.917593] should_failslab+0x9/0x14 [ 1840.921381] kmem_cache_alloc_trace+0x2cb/0x780 [ 1840.926050] ? __kmalloc_node+0x33/0x70 [ 1840.930019] ? __kmalloc_node+0x33/0x70 [ 1840.933986] ? rcu_read_lock_sched_held+0x108/0x120 [ 1840.938998] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1840.944013] ? kvfree_rcu+0x20/0x20 [ 1840.947632] ? __kmalloc_node+0x47/0x70 [ 1840.951599] __list_lru_init+0x456/0x790 [ 1840.955648] ? list_lru_destroy+0x4c0/0x4c0 [ 1840.960046] ? mark_held_locks+0xc9/0x160 [ 1840.964203] ? __raw_spin_lock_init+0x1c/0x100 [ 1840.968791] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1840.973809] ? lockdep_init_map+0x9/0x10 [ 1840.977860] sget_userns+0x767/0xf00 [ 1840.981559] ? kill_litter_super+0x90/0x90 [ 1840.985785] ? ns_test_super+0x50/0x50 [ 1840.989666] ? destroy_unused_super.part.11+0x110/0x110 [ 1840.995027] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1840.999602] ? kasan_check_write+0x14/0x20 [ 1841.003824] ? do_raw_spin_lock+0xc1/0x200 [ 1841.008055] ? blkdev_get+0xc0/0xb30 [ 1841.011758] ? cap_capable+0x1f9/0x260 [ 1841.015641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.021167] ? security_capable+0x99/0xc0 [ 1841.025307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.030830] ? ns_capable_common+0x13f/0x170 [ 1841.035224] ? kill_litter_super+0x90/0x90 [ 1841.039445] sget+0x10b/0x150 [ 1841.042536] ? ns_test_super+0x50/0x50 [ 1841.046410] mount_bdev+0x111/0x3e0 [ 1841.050035] ? fuse_get_root_inode+0x190/0x190 [ 1841.054604] fuse_mount_blk+0x34/0x40 [ 1841.058396] mount_fs+0xae/0x328 [ 1841.061752] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1841.066322] ? may_umount+0xb0/0xb0 [ 1841.069937] ? _raw_read_unlock+0x22/0x30 [ 1841.074068] ? __get_fs_type+0x97/0xc0 [ 1841.077943] do_mount+0x564/0x3070 [ 1841.081472] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1841.085869] ? copy_mount_string+0x40/0x40 [ 1841.090096] ? rcu_pm_notify+0xc0/0xc0 [ 1841.093978] ? copy_mount_options+0x5f/0x380 [ 1841.098381] ? rcu_read_lock_sched_held+0x108/0x120 [ 1841.103388] ? kmem_cache_alloc_trace+0x616/0x780 [ 1841.108224] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1841.113751] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.119278] ? copy_mount_options+0x285/0x380 [ 1841.123764] ksys_mount+0x12d/0x140 [ 1841.127385] __x64_sys_mount+0xbe/0x150 [ 1841.131344] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1841.136357] do_syscall_64+0x1b1/0x800 [ 1841.140236] ? finish_task_switch+0x1ca/0x840 [ 1841.144721] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1841.149660] ? syscall_return_slowpath+0x30f/0x5c0 [ 1841.154580] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1841.159944] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1841.164786] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1841.169961] RIP: 0033:0x455a09 [ 1841.173135] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1841.180833] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1841.188089] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1841.195343] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1841.202596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1841.209850] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:04 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000000003f000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:05 executing program 4 (fault-call:0 fault-nth:42): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1841.241184] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000feffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1841.317445] FAULT_INJECTION: forcing a failure. [ 1841.317445] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.328849] CPU: 1 PID: 3582 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1841.336048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1841.345392] Call Trace: [ 1841.347990] dump_stack+0x1b9/0x294 [ 1841.351611] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1841.356790] ? __save_stack_trace+0x7e/0xd0 [ 1841.361135] should_fail.cold.4+0xa/0x1a [ 1841.365198] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1841.370290] ? save_stack+0x43/0xd0 [ 1841.373908] ? kasan_kmalloc+0xc4/0xe0 [ 1841.377782] ? kmem_cache_alloc_trace+0x152/0x780 [ 1841.382611] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1841.387788] ? __list_lru_init+0x456/0x790 [ 1841.392011] ? sget_userns+0x767/0xf00 [ 1841.396515] ? graph_lock+0x170/0x170 [ 1841.400307] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1841.405048] ? do_mount+0x564/0x3070 [ 1841.408757] ? ksys_mount+0x12d/0x140 [ 1841.412545] ? __x64_sys_mount+0xbe/0x150 [ 1841.416678] ? do_syscall_64+0x1b1/0x800 [ 1841.420728] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1841.426105] ? find_held_lock+0x36/0x1c0 [ 1841.430155] ? __lock_is_held+0xb5/0x140 [ 1841.434210] ? check_same_owner+0x320/0x320 [ 1841.438524] ? rcu_note_context_switch+0x710/0x710 [ 1841.443459] __should_failslab+0x124/0x180 [ 1841.447688] should_failslab+0x9/0x14 [ 1841.451483] kmem_cache_alloc_trace+0x2cb/0x780 [ 1841.456140] ? __kmalloc_node+0x33/0x70 [ 1841.460101] ? __kmalloc_node+0x33/0x70 [ 1841.464081] ? rcu_read_lock_sched_held+0x108/0x120 [ 1841.469093] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1841.474102] ? kvfree_rcu+0x20/0x20 [ 1841.477716] ? __kmalloc_node+0x47/0x70 [ 1841.481683] __list_lru_init+0x456/0x790 [ 1841.485730] ? list_lru_destroy+0x4c0/0x4c0 [ 1841.490044] ? mark_held_locks+0xc9/0x160 [ 1841.494183] ? __raw_spin_lock_init+0x1c/0x100 [ 1841.498752] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1841.503758] ? lockdep_init_map+0x9/0x10 [ 1841.507817] sget_userns+0x767/0xf00 [ 1841.511518] ? kill_litter_super+0x90/0x90 [ 1841.515741] ? ns_test_super+0x50/0x50 [ 1841.519616] ? destroy_unused_super.part.11+0x110/0x110 [ 1841.524967] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1841.529539] ? kasan_check_write+0x14/0x20 [ 1841.533760] ? do_raw_spin_lock+0xc1/0x200 [ 1841.537985] ? blkdev_get+0xc0/0xb30 [ 1841.541688] ? cap_capable+0x1f9/0x260 [ 1841.545574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.551098] ? security_capable+0x99/0xc0 [ 1841.555244] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.560772] ? ns_capable_common+0x13f/0x170 [ 1841.565180] ? kill_litter_super+0x90/0x90 [ 1841.569413] sget+0x10b/0x150 [ 1841.572512] ? ns_test_super+0x50/0x50 [ 1841.576396] mount_bdev+0x111/0x3e0 [ 1841.580038] ? fuse_get_root_inode+0x190/0x190 [ 1841.584614] fuse_mount_blk+0x34/0x40 [ 1841.588406] mount_fs+0xae/0x328 [ 1841.591768] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1841.596342] ? may_umount+0xb0/0xb0 [ 1841.599966] ? _raw_read_unlock+0x22/0x30 [ 1841.604101] ? __get_fs_type+0x97/0xc0 [ 1841.607978] do_mount+0x564/0x3070 [ 1841.611508] ? copy_mount_string+0x40/0x40 [ 1841.615731] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1841.620741] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1841.625488] ? retint_kernel+0x10/0x10 [ 1841.629367] ? copy_mount_options+0x1f0/0x380 [ 1841.633849] ? copy_mount_options+0x202/0x380 [ 1841.638337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1841.643880] ? copy_mount_options+0x285/0x380 [ 1841.648367] ksys_mount+0x12d/0x140 [ 1841.651984] __x64_sys_mount+0xbe/0x150 [ 1841.655948] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1841.660955] do_syscall_64+0x1b1/0x800 [ 1841.664828] ? finish_task_switch+0x1ca/0x840 [ 1841.669313] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1841.674230] ? syscall_return_slowpath+0x30f/0x5c0 [ 1841.679150] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1841.684512] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1841.689345] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1841.694537] RIP: 0033:0x455a09 [ 1841.697712] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1841.705409] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000004000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1841.712664] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1841.719928] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1841.727183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1841.734437] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1841.748255] Unknown ioctl -2147204396 [ 1841.763397] Unknown ioctl 1074816026 2018/05/15 14:04:05 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000007803000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:05 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000100", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1841.807951] Unknown ioctl 21512 [ 1841.815138] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:05 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:05 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:05 executing program 4 (fault-call:0 fault-nth:43): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1841.937385] Unknown ioctl 35100 [ 1841.954580] Unknown ioctl -2147204396 [ 1841.970428] Unknown ioctl 1074816026 [ 1841.970750] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1841.990145] Unknown ioctl 21512 [ 1842.018328] FAULT_INJECTION: forcing a failure. [ 1842.018328] name failslab, interval 1, probability 0, space 0, times 0 [ 1842.029690] CPU: 0 PID: 3627 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1842.036887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1842.046247] Call Trace: [ 1842.048856] dump_stack+0x1b9/0x294 [ 1842.052508] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1842.057722] ? __save_stack_trace+0x7e/0xd0 [ 1842.062065] should_fail.cold.4+0xa/0x1a [ 1842.066147] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1842.071256] ? save_stack+0x43/0xd0 [ 1842.074888] ? kasan_kmalloc+0xc4/0xe0 [ 1842.078789] ? kmem_cache_alloc_trace+0x152/0x780 [ 1842.083648] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1842.088850] ? __list_lru_init+0x456/0x790 [ 1842.093098] ? sget_userns+0x767/0xf00 [ 1842.096998] ? graph_lock+0x170/0x170 [ 1842.100808] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1842.105553] ? do_mount+0x564/0x3070 [ 1842.109252] ? ksys_mount+0x12d/0x140 [ 1842.113049] ? __x64_sys_mount+0xbe/0x150 [ 1842.117193] ? do_syscall_64+0x1b1/0x800 [ 1842.121240] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1842.126602] ? find_held_lock+0x36/0x1c0 [ 1842.130651] ? __lock_is_held+0xb5/0x140 [ 1842.134707] ? check_same_owner+0x320/0x320 [ 1842.139021] ? rcu_note_context_switch+0x710/0x710 [ 1842.143946] __should_failslab+0x124/0x180 [ 1842.148169] should_failslab+0x9/0x14 [ 1842.151957] kmem_cache_alloc_trace+0x2cb/0x780 [ 1842.156620] ? __kmalloc_node+0x33/0x70 [ 1842.160755] ? __kmalloc_node+0x33/0x70 [ 1842.164717] ? rcu_read_lock_sched_held+0x108/0x120 [ 1842.169732] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1842.174737] ? kvfree_rcu+0x20/0x20 [ 1842.178348] ? __kmalloc_node+0x47/0x70 [ 1842.182306] __list_lru_init+0x456/0x790 [ 1842.186363] ? list_lru_destroy+0x4c0/0x4c0 [ 1842.190685] ? mark_held_locks+0xc9/0x160 [ 1842.194826] ? __raw_spin_lock_init+0x1c/0x100 [ 1842.199393] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1842.204515] ? lockdep_init_map+0x9/0x10 [ 1842.208574] sget_userns+0x767/0xf00 [ 1842.212282] ? kill_litter_super+0x90/0x90 [ 1842.216502] ? ns_test_super+0x50/0x50 [ 1842.220382] ? destroy_unused_super.part.11+0x110/0x110 [ 1842.225741] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1842.230317] ? kasan_check_write+0x14/0x20 [ 1842.234559] ? do_raw_spin_lock+0xc1/0x200 [ 1842.238793] ? blkdev_get+0xc0/0xb30 [ 1842.242504] ? cap_capable+0x1f9/0x260 [ 1842.246380] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1842.251904] ? security_capable+0x99/0xc0 [ 1842.256051] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1842.261570] ? ns_capable_common+0x13f/0x170 [ 1842.265964] ? kill_litter_super+0x90/0x90 [ 1842.270191] sget+0x10b/0x150 [ 1842.273304] ? ns_test_super+0x50/0x50 [ 1842.277176] mount_bdev+0x111/0x3e0 [ 1842.280793] ? fuse_get_root_inode+0x190/0x190 [ 1842.285358] fuse_mount_blk+0x34/0x40 [ 1842.289142] mount_fs+0xae/0x328 [ 1842.292495] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1842.297065] ? may_umount+0xb0/0xb0 [ 1842.300679] ? _raw_read_unlock+0x22/0x30 [ 1842.304807] ? __get_fs_type+0x97/0xc0 [ 1842.308692] do_mount+0x564/0x3070 [ 1842.312231] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1842.316644] ? copy_mount_string+0x40/0x40 [ 1842.320868] ? rcu_pm_notify+0xc0/0xc0 [ 1842.324741] ? copy_mount_options+0x5f/0x380 [ 1842.329132] ? rcu_read_lock_sched_held+0x108/0x120 [ 1842.334136] ? kmem_cache_alloc_trace+0x616/0x780 [ 1842.338965] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1842.344491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1842.350016] ? copy_mount_options+0x285/0x380 [ 1842.354503] ksys_mount+0x12d/0x140 [ 1842.358122] __x64_sys_mount+0xbe/0x150 [ 1842.362088] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1842.367100] do_syscall_64+0x1b1/0x800 [ 1842.370973] ? finish_task_switch+0x1ca/0x840 [ 1842.375452] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1842.380372] ? syscall_return_slowpath+0x30f/0x5c0 [ 1842.385292] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1842.390645] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1842.395474] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1842.400655] RIP: 0033:0x455a09 [ 1842.403834] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1842.411526] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1842.418791] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1842.426068] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1842.433322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1842.440589] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000008800000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:06 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000002b000", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:06 executing program 3: r0 = epoll_create1(0x80000) r1 = timerfd_create(0x0, 0x0) r2 = dup(r1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r2, 0x40085400, &(0x7f0000000140)={0x1ff}) r3 = socket$pptp(0x18, 0x1, 0x2) getsockopt$sock_int(r3, 0x1, 0x5, &(0x7f0000000000), &(0x7f0000000180)=0x4) r4 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x400) openat$cgroup_subtree(r2, &(0x7f0000000380)='cgroup.subtree_control\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f00000002c0)={0x0, 0x561000000000000}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000340)=r5, 0x4) syz_open_dev$binder(&(0x7f0000000280)='/dev/binder#\x00', 0x0, 0xacdfab2e97a9147a) ioctl$TUNSETVNETLE(r4, 0x400454dc, &(0x7f0000000080)=0x1) r6 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x800) readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/114, 0x72}], 0x1) write$binfmt_elf64(r6, &(0x7f00000000c0)=ANY=[@ANYRES32=r6], 0x4) 2018/05/15 14:04:06 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:06 executing program 4 (fault-call:0 fault-nth:44): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:06 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x10000000000003cc) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000080)) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x1) write(r0, &(0x7f0000000100)="67d76c2adbffea7e07c08e0e085918d077abcbec7df9910ed6fca9f7e908974be86bf35850e639276872512c5cd79ec520729a88127ae3786cff57bbec31e08dd01fd2c8acc3d48dac0fc4482c987af699ac187487c9750300e7b952e175701ebad9d75a2004e2fcf20ab0a8025377247e8fa21c74e3fc9332da56e69ad7dd4bef", 0x81) [ 1842.857382] FAULT_INJECTION: forcing a failure. [ 1842.857382] name failslab, interval 1, probability 0, space 0, times 0 [ 1842.868701] CPU: 0 PID: 3639 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1842.875904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1842.885267] Call Trace: [ 1842.887884] dump_stack+0x1b9/0x294 [ 1842.891000] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1842.891530] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1842.891549] ? __save_stack_trace+0x7e/0xd0 [ 1842.891570] should_fail.cold.4+0xa/0x1a [ 1842.891588] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1842.919034] ? save_stack+0x43/0xd0 [ 1842.922688] ? kasan_kmalloc+0xc4/0xe0 [ 1842.926591] ? kmem_cache_alloc_trace+0x152/0x780 [ 1842.931452] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 1842.936658] ? __list_lru_init+0x456/0x790 [ 1842.940907] ? sget_userns+0x767/0xf00 [ 1842.944816] ? graph_lock+0x170/0x170 [ 1842.948623] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1842.953390] ? do_mount+0x564/0x3070 [ 1842.957115] ? ksys_mount+0x12d/0x140 [ 1842.960919] ? __x64_sys_mount+0xbe/0x150 [ 1842.965073] ? do_syscall_64+0x1b1/0x800 [ 1842.969143] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1842.974536] ? find_held_lock+0x36/0x1c0 [ 1842.978617] ? __lock_is_held+0xb5/0x140 [ 1842.982704] ? check_same_owner+0x320/0x320 [ 1842.987044] ? rcu_note_context_switch+0x710/0x710 [ 1842.991988] __should_failslab+0x124/0x180 [ 1842.996237] should_failslab+0x9/0x14 [ 1843.000051] kmem_cache_alloc_trace+0x2cb/0x780 [ 1843.004737] ? __kmalloc_node+0x33/0x70 [ 1843.008725] ? __kmalloc_node+0x33/0x70 [ 1843.012706] ? rcu_read_lock_sched_held+0x108/0x120 [ 1843.017751] __memcg_init_list_lru_node+0x17d/0x2c0 [ 1843.022781] ? kvfree_rcu+0x20/0x20 [ 1843.026419] ? __kmalloc_node+0x47/0x70 [ 1843.030404] __list_lru_init+0x456/0x790 [ 1843.034479] ? list_lru_destroy+0x4c0/0x4c0 [ 1843.038807] ? mark_held_locks+0xc9/0x160 [ 1843.042971] ? __raw_spin_lock_init+0x1c/0x100 [ 1843.047560] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1843.052600] ? lockdep_init_map+0x9/0x10 [ 1843.056688] sget_userns+0x767/0xf00 [ 1843.060412] ? kill_litter_super+0x90/0x90 [ 1843.064669] ? ns_test_super+0x50/0x50 [ 1843.068575] ? destroy_unused_super.part.11+0x110/0x110 [ 1843.073949] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1843.078560] ? kasan_check_write+0x14/0x20 [ 1843.082806] ? do_raw_spin_lock+0xc1/0x200 [ 1843.085614] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1843.087052] ? blkdev_get+0xc0/0xb30 [ 1843.087072] ? cap_capable+0x1f9/0x260 2018/05/15 14:04:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:06 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000300000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:06 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:06 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1843.087097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1843.087111] ? security_capable+0x99/0xc0 [ 1843.087131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1843.118636] ? ns_capable_common+0x13f/0x170 [ 1843.123061] ? kill_litter_super+0x90/0x90 [ 1843.127306] sget+0x10b/0x150 [ 1843.130416] ? ns_test_super+0x50/0x50 [ 1843.134307] mount_bdev+0x111/0x3e0 [ 1843.137939] ? fuse_get_root_inode+0x190/0x190 [ 1843.142530] fuse_mount_blk+0x34/0x40 [ 1843.146340] mount_fs+0xae/0x328 [ 1843.149725] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1843.154319] ? may_umount+0xb0/0xb0 [ 1843.157950] ? _raw_read_unlock+0x22/0x30 [ 1843.162135] ? __get_fs_type+0x97/0xc0 [ 1843.166036] do_mount+0x564/0x3070 [ 1843.169584] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1843.174008] ? copy_mount_string+0x40/0x40 [ 1843.178251] ? rcu_pm_notify+0xc0/0xc0 [ 1843.182172] ? copy_mount_options+0x5f/0x380 [ 1843.186588] ? rcu_read_lock_sched_held+0x108/0x120 [ 1843.191616] ? kmem_cache_alloc_trace+0x616/0x780 [ 1843.196480] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1843.202030] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1843.207575] ? copy_mount_options+0x285/0x380 [ 1843.212083] ksys_mount+0x12d/0x140 [ 1843.215728] __x64_sys_mount+0xbe/0x150 [ 1843.216675] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1843.219719] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1843.219739] do_syscall_64+0x1b1/0x800 [ 1843.219756] ? finish_task_switch+0x1ca/0x840 [ 1843.219773] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1843.219789] ? syscall_return_slowpath+0x30f/0x5c0 [ 1843.219810] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe 2018/05/15 14:04:07 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000ffffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1843.219826] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1843.219842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1843.219852] RIP: 0033:0x455a09 [ 1843.219866] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1843.278048] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1843.285320] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1843.292599] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1843.299876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:07 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:07 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@multicast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f0000000040)=0xe8) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000001c0)={@mcast2={0xff, 0x2, [], 0x1}, 0x11, r1}) syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x5, 0x422040) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) bind$rds(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast1=0xe0000001}, 0x10) [ 1843.307153] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:07 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000005000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1843.376432] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:08 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:08 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:08 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0), 0x0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=0x0) fcntl$setown(r0, 0x8, r1) ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000180)={0xae, &(0x7f00000000c0)=""/174}) 2018/05/15 14:04:08 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000020000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:08 executing program 4 (fault-call:0 fault-nth:45): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:08 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000100)={0x11, 0x5e, &(0x7f0000000080)="1c22e35dec07788e45c6a906a417b739068ea673229227f119b068d6a017082bd73f6a2c08e5b3cdb9a54c4bdccb6f608f45a1fd936d70b00bf97d44211832f002ee8f5bea0b5a648446e8f168928cc3988ec06adeb020563cb2cf81a29f"}) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000240)=""/254) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000180)={0x2ccf, {{0xa, 0x4e24, 0x3836, @dev={0xfe, 0x80, [], 0x21}, 0x6}}}, 0x88) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000040)={0x3, 0x4}) syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0x400, 0x1a9440) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x40000, 0x0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:08 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) [ 1844.478747] FAULT_INJECTION: forcing a failure. [ 1844.478747] name failslab, interval 1, probability 0, space 0, times 0 [ 1844.490593] CPU: 0 PID: 3718 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1844.497810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1844.507175] Call Trace: [ 1844.509781] dump_stack+0x1b9/0x294 [ 1844.513431] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1844.518638] ? lock_downgrade+0x8e0/0x8e0 [ 1844.522803] ? graph_lock+0x170/0x170 [ 1844.526646] should_fail.cold.4+0xa/0x1a [ 1844.530732] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1844.535857] ? print_usage_bug+0xc0/0xc0 [ 1844.537835] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1844.539934] ? print_usage_bug+0xc0/0xc0 [ 1844.552783] ? graph_lock+0x170/0x170 [ 1844.556625] ? find_held_lock+0x36/0x1c0 [ 1844.561259] ? __lock_is_held+0xb5/0x140 [ 1844.565357] ? check_same_owner+0x320/0x320 [ 1844.569720] ? lockdep_init_map+0x9/0x10 [ 1844.573807] ? rcu_note_context_switch+0x710/0x710 [ 1844.578760] ? kasan_check_write+0x14/0x20 [ 1844.583008] ? __init_rwsem+0x1c4/0x290 [ 1844.587001] __should_failslab+0x124/0x180 [ 1844.591256] should_failslab+0x9/0x14 [ 1844.595073] __kmalloc+0x2c8/0x760 [ 1844.598639] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1844.603680] ? prealloc_shrinker+0xcf/0x130 [ 1844.608022] prealloc_shrinker+0xcf/0x130 [ 1844.612191] sget_userns+0x9b2/0xf00 [ 1844.615927] ? kill_litter_super+0x90/0x90 [ 1844.620186] ? ns_test_super+0x50/0x50 [ 1844.624093] ? destroy_unused_super.part.11+0x110/0x110 [ 1844.629495] ? kasan_check_write+0x14/0x20 [ 1844.633758] ? do_raw_spin_lock+0xc1/0x200 [ 1844.638015] ? blkdev_get+0xc0/0xb30 [ 1844.641750] ? cap_capable+0x1f9/0x260 [ 1844.645663] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1844.651219] ? security_capable+0x99/0xc0 [ 1844.655394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1844.659267] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1844.660944] ? ns_capable_common+0x13f/0x170 [ 1844.660964] ? kill_litter_super+0x90/0x90 [ 1844.660979] sget+0x10b/0x150 [ 1844.660993] ? ns_test_super+0x50/0x50 [ 1844.661018] mount_bdev+0x111/0x3e0 [ 1844.688996] ? fuse_get_root_inode+0x190/0x190 [ 1844.693603] fuse_mount_blk+0x34/0x40 [ 1844.697425] mount_fs+0xae/0x328 [ 1844.700811] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1844.705416] ? may_umount+0xb0/0xb0 [ 1844.709059] ? _raw_read_unlock+0x22/0x30 [ 1844.713216] ? __get_fs_type+0x97/0xc0 [ 1844.717119] do_mount+0x564/0x3070 [ 1844.720678] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1844.725111] ? copy_mount_string+0x40/0x40 [ 1844.729365] ? rcu_pm_notify+0xc0/0xc0 [ 1844.733281] ? copy_mount_options+0x5f/0x380 [ 1844.737712] ? rcu_read_lock_sched_held+0x108/0x120 [ 1844.742756] ? kmem_cache_alloc_trace+0x616/0x780 [ 1844.747720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1844.753283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1844.758847] ? copy_mount_options+0x285/0x380 [ 1844.763371] ksys_mount+0x12d/0x140 [ 1844.767021] __x64_sys_mount+0xbe/0x150 [ 1844.771018] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1844.776162] do_syscall_64+0x1b1/0x800 [ 1844.780069] ? finish_task_switch+0x1ca/0x840 [ 1844.780138] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1844.784570] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1844.784592] ? syscall_return_slowpath+0x30f/0x5c0 [ 1844.784612] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1844.784632] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1844.784652] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1844.784663] RIP: 0033:0x455a09 [ 1844.784671] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:04:08 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000040000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000100", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:08 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000003000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:08 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1844.829549] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1844.836840] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1844.844125] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1844.851412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1844.858695] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000005000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:09 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5300000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:09 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x82) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:09 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:09 executing program 4 (fault-call:0 fault-nth:46): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:09 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x1000000080400) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:09 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) [ 1845.573913] FAULT_INJECTION: forcing a failure. [ 1845.573913] name failslab, interval 1, probability 0, space 0, times 0 [ 1845.585646] CPU: 0 PID: 3768 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1845.592862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1845.602228] Call Trace: [ 1845.604840] dump_stack+0x1b9/0x294 [ 1845.608500] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1845.613722] ? is_bpf_text_address+0xd7/0x170 [ 1845.618255] should_fail.cold.4+0xa/0x1a 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000006000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1845.622344] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1845.627470] ? graph_lock+0x170/0x170 [ 1845.631292] ? save_stack+0xa9/0xd0 [ 1845.634942] ? find_held_lock+0x36/0x1c0 [ 1845.639027] ? __lock_is_held+0xb5/0x140 [ 1845.643113] ? check_same_owner+0x320/0x320 [ 1845.647456] ? trace_hardirqs_off+0xd/0x10 [ 1845.651710] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 1845.656833] ? rcu_note_context_switch+0x710/0x710 [ 1845.661782] ? debug_check_no_obj_freed+0x2ff/0x584 [ 1845.666825] __should_failslab+0x124/0x180 [ 1845.671083] should_failslab+0x9/0x14 [ 1845.674904] __kmalloc+0x2c8/0x760 [ 1845.678471] ? match_strdup+0x5e/0xa0 [ 1845.682301] match_strdup+0x5e/0xa0 [ 1845.685954] fuse_match_uint+0x1a/0x60 [ 1845.687063] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1845.689855] fuse_fill_super+0x455/0x1e20 [ 1845.689922] ? fuse_get_root_inode+0x190/0x190 [ 1845.689947] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1845.689960] ? vsnprintf+0x242/0x1b40 [ 1845.689979] ? pointer+0xa20/0xa20 [ 1845.720331] ? vsprintf+0x40/0x40 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000feffff0700000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1845.723798] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1845.728823] ? set_blocksize+0x2c4/0x350 [ 1845.732896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1845.738453] mount_bdev+0x30c/0x3e0 [ 1845.742087] ? fuse_get_root_inode+0x190/0x190 [ 1845.746687] fuse_mount_blk+0x34/0x40 [ 1845.750510] mount_fs+0xae/0x328 [ 1845.753895] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1845.758506] ? may_umount+0xb0/0xb0 [ 1845.762156] ? _raw_read_unlock+0x22/0x30 [ 1845.766322] ? __get_fs_type+0x97/0xc0 [ 1845.770367] do_mount+0x564/0x3070 [ 1845.773956] ? copy_mount_string+0x40/0x40 [ 1845.778214] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1845.782996] ? retint_kernel+0x10/0x10 [ 1845.786917] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 1845.792507] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1845.798070] ? copy_mount_options+0x285/0x380 [ 1845.802591] ksys_mount+0x12d/0x140 [ 1845.806245] __x64_sys_mount+0xbe/0x150 [ 1845.810240] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1845.815285] do_syscall_64+0x1b1/0x800 [ 1845.819200] ? finish_task_switch+0x1ca/0x840 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000007000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1845.823716] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1845.828664] ? syscall_return_slowpath+0x30f/0x5c0 [ 1845.832564] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1845.833612] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1845.833636] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1845.833656] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1845.833668] RIP: 0033:0x455a09 [ 1845.833676] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:04:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000fffffffe00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1845.833693] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1845.833702] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1845.833712] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1845.833720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1845.833734] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000378000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:09 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:09 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5300}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:09 executing program 4 (fault-call:0 fault-nth:47): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1845.989799] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:09 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1846.079363] FAULT_INJECTION: forcing a failure. [ 1846.079363] name failslab, interval 1, probability 0, space 0, times 0 [ 1846.090798] CPU: 1 PID: 3822 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1846.098002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1846.107388] Call Trace: [ 1846.110005] dump_stack+0x1b9/0x294 [ 1846.113661] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1846.118884] ? is_bpf_text_address+0xd7/0x170 [ 1846.123408] should_fail.cold.4+0xa/0x1a [ 1846.127121] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1846.127489] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1846.127515] ? graph_lock+0x170/0x170 [ 1846.127539] ? save_stack+0xa9/0xd0 [ 1846.148815] ? find_held_lock+0x36/0x1c0 [ 1846.152902] ? __lock_is_held+0xb5/0x140 [ 1846.157002] ? check_same_owner+0x320/0x320 [ 1846.161342] ? trace_hardirqs_off+0xd/0x10 [ 1846.165595] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 1846.170731] ? rcu_note_context_switch+0x710/0x710 2018/05/15 14:04:09 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000001000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1846.175678] ? debug_check_no_obj_freed+0x2ff/0x584 [ 1846.180722] __should_failslab+0x124/0x180 [ 1846.184982] should_failslab+0x9/0x14 [ 1846.188796] __kmalloc+0x2c8/0x760 [ 1846.192365] ? match_strdup+0x5e/0xa0 [ 1846.196188] match_strdup+0x5e/0xa0 [ 1846.199839] fuse_match_uint+0x1a/0x60 [ 1846.203770] fuse_fill_super+0x455/0x1e20 [ 1846.207969] ? fuse_get_root_inode+0x190/0x190 [ 1846.212584] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1846.218139] ? vsnprintf+0x242/0x1b40 [ 1846.221973] ? pointer+0xa20/0xa20 [ 1846.225572] ? vsprintf+0x40/0x40 [ 1846.229051] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1846.234089] ? set_blocksize+0x2c4/0x350 [ 1846.238173] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1846.243734] mount_bdev+0x30c/0x3e0 [ 1846.247382] ? fuse_get_root_inode+0x190/0x190 [ 1846.251987] fuse_mount_blk+0x34/0x40 [ 1846.255802] mount_fs+0xae/0x328 [ 1846.259188] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1846.263787] ? may_umount+0xb0/0xb0 [ 1846.267427] ? _raw_read_unlock+0x22/0x30 [ 1846.271589] ? __get_fs_type+0x97/0xc0 [ 1846.275490] do_mount+0x564/0x3070 [ 1846.279047] ? copy_mount_string+0x40/0x40 [ 1846.283299] ? rcu_pm_notify+0xc0/0xc0 [ 1846.287210] ? copy_mount_options+0x5f/0x380 [ 1846.291632] ? rcu_read_lock_sched_held+0x108/0x120 [ 1846.296674] ? kmem_cache_alloc_trace+0x616/0x780 [ 1846.301549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1846.307099] ? copy_mount_options+0x285/0x380 [ 1846.311621] ksys_mount+0x12d/0x140 [ 1846.315268] __x64_sys_mount+0xbe/0x150 [ 1846.319244] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1846.324264] do_syscall_64+0x1b1/0x800 [ 1846.328150] ? finish_task_switch+0x1ca/0x840 [ 1846.332636] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1846.337563] ? syscall_return_slowpath+0x30f/0x5c0 [ 1846.342494] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1846.347847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1846.352689] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1846.357873] RIP: 0033:0x455a09 [ 1846.361049] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1846.368742] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1846.376002] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1846.383267] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1846.390531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1846.397803] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:10 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000b00200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:10 executing program 4 (fault-call:0 fault-nth:48): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:10 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xffffff3b) 2018/05/15 14:04:10 executing program 3: r0 = inotify_init1(0x80000) r1 = getpid() fcntl$setownex(r0, 0xf, &(0x7f00000000c0)={0x2, r1}) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r3, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$DRM_IOCTL_GET_CAP(r3, 0xc010640c, &(0x7f0000000080)={0x100000001, 0x2}) write$binfmt_elf64(r3, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:10 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:10 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:10 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:10 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000600000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1846.694677] FAULT_INJECTION: forcing a failure. [ 1846.694677] name failslab, interval 1, probability 0, space 0, times 0 [ 1846.706094] CPU: 0 PID: 3860 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1846.713295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1846.722660] Call Trace: [ 1846.725267] dump_stack+0x1b9/0x294 [ 1846.728915] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1846.734133] should_fail.cold.4+0xa/0x1a [ 1846.738212] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1846.743338] ? graph_lock+0x170/0x170 [ 1846.747153] ? lock_downgrade+0x8e0/0x8e0 [ 1846.751321] ? kasan_check_write+0x14/0x20 [ 1846.755572] ? find_held_lock+0x36/0x1c0 [ 1846.759629] ? __lock_is_held+0xb5/0x140 [ 1846.763706] ? check_same_owner+0x320/0x320 [ 1846.768028] ? rcu_note_context_switch+0x710/0x710 [ 1846.772961] __should_failslab+0x124/0x180 [ 1846.777188] should_failslab+0x9/0x14 [ 1846.780993] kmem_cache_alloc_trace+0x2cb/0x780 [ 1846.785655] ? set_blocksize+0x2c4/0x350 [ 1846.789708] fuse_fill_super+0xc92/0x1e20 [ 1846.793845] ? fuse_get_root_inode+0x190/0x190 [ 1846.798424] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1846.803948] ? vsnprintf+0x242/0x1b40 [ 1846.807739] ? pointer+0xa20/0xa20 [ 1846.811271] ? vsprintf+0x40/0x40 [ 1846.814740] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1846.819742] ? set_blocksize+0x2c4/0x350 [ 1846.823793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1846.829323] mount_bdev+0x30c/0x3e0 [ 1846.832939] ? fuse_get_root_inode+0x190/0x190 [ 1846.837510] fuse_mount_blk+0x34/0x40 [ 1846.841303] mount_fs+0xae/0x328 [ 1846.844658] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1846.849225] ? may_umount+0xb0/0xb0 [ 1846.852838] ? _raw_read_unlock+0x22/0x30 [ 1846.856970] ? __get_fs_type+0x97/0xc0 [ 1846.860845] do_mount+0x564/0x3070 [ 1846.864375] ? copy_mount_string+0x40/0x40 [ 1846.868610] ? rcu_pm_notify+0xc0/0xc0 [ 1846.872494] ? copy_mount_options+0x5f/0x380 [ 1846.876889] ? rcu_read_lock_sched_held+0x108/0x120 [ 1846.881893] ? kmem_cache_alloc_trace+0x616/0x780 [ 1846.886727] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1846.892250] ? _copy_from_user+0xdf/0x150 [ 1846.896388] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1846.901917] ? copy_mount_options+0x285/0x380 [ 1846.906431] ksys_mount+0x12d/0x140 [ 1846.910055] __x64_sys_mount+0xbe/0x150 [ 1846.914021] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1846.919036] do_syscall_64+0x1b1/0x800 [ 1846.922933] ? finish_task_switch+0x1ca/0x840 [ 1846.927418] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1846.932339] ? syscall_return_slowpath+0x30f/0x5c0 [ 1846.937260] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1846.942618] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1846.947457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1846.952634] RIP: 0033:0x455a09 [ 1846.955827] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1846.963525] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1846.970783] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1846.978040] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1846.985294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:10 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:10 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000001100000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1846.992548] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1847.005612] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:10 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:10 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:10 executing program 4 (fault-call:0 fault-nth:49): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:10 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000002000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1847.173780] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1847.181390] FAULT_INJECTION: forcing a failure. [ 1847.181390] name failslab, interval 1, probability 0, space 0, times 0 [ 1847.193900] CPU: 0 PID: 3889 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1847.201097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1847.210464] Call Trace: [ 1847.213073] dump_stack+0x1b9/0x294 [ 1847.216726] ? dump_stack_print_info.cold.2+0x52/0x52 2018/05/15 14:04:10 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:10 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000007fffffe000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1847.221935] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 1847.227062] should_fail.cold.4+0xa/0x1a [ 1847.231141] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1847.236262] ? memset+0x31/0x40 [ 1847.239560] ? graph_lock+0x170/0x170 [ 1847.243379] ? get_random_bytes+0x34/0x40 [ 1847.247544] ? crng_backtrack_protect+0x80/0x80 [ 1847.252232] ? find_held_lock+0x36/0x1c0 [ 1847.256306] ? __lock_is_held+0xb5/0x140 [ 1847.260396] ? check_same_owner+0x320/0x320 [ 1847.264727] ? fuse_conn_init+0x744/0x900 [ 1847.268889] ? rcu_note_context_switch+0x710/0x710 [ 1847.273836] __should_failslab+0x124/0x180 [ 1847.278085] should_failslab+0x9/0x14 [ 1847.281896] kmem_cache_alloc_trace+0x2cb/0x780 [ 1847.286587] fuse_dev_alloc+0xb5/0x4e0 [ 1847.290484] ? __lock_is_held+0xb5/0x140 [ 1847.294557] ? process_init_reply+0x1460/0x1460 [ 1847.299243] ? rcu_read_lock_sched_held+0x108/0x120 [ 1847.304273] ? kmem_cache_alloc_trace+0x616/0x780 [ 1847.309141] fuse_fill_super+0xce0/0x1e20 [ 1847.313310] ? fuse_get_root_inode+0x190/0x190 [ 1847.317913] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1847.323460] ? vsnprintf+0x242/0x1b40 [ 1847.327282] ? pointer+0xa20/0xa20 [ 1847.330842] ? vsprintf+0x40/0x40 [ 1847.334447] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1847.339471] ? set_blocksize+0x2c4/0x350 [ 1847.343545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1847.349094] mount_bdev+0x30c/0x3e0 [ 1847.352732] ? fuse_get_root_inode+0x190/0x190 [ 1847.357328] fuse_mount_blk+0x34/0x40 [ 1847.361139] mount_fs+0xae/0x328 [ 1847.364635] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1847.369223] ? may_umount+0xb0/0xb0 [ 1847.372859] ? _raw_read_unlock+0x22/0x30 [ 1847.377011] ? __get_fs_type+0x97/0xc0 [ 1847.380913] do_mount+0x564/0x3070 [ 1847.384460] ? copy_mount_string+0x40/0x40 [ 1847.388699] ? rcu_pm_notify+0xc0/0xc0 [ 1847.392613] ? copy_mount_options+0x5f/0x380 [ 1847.397044] ? rcu_read_lock_sched_held+0x108/0x120 [ 1847.402072] ? kmem_cache_alloc_trace+0x616/0x780 [ 1847.406933] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1847.412485] ? _copy_from_user+0xdf/0x150 [ 1847.416646] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1847.422176] ? copy_mount_options+0x285/0x380 [ 1847.426662] ksys_mount+0x12d/0x140 [ 1847.430290] __x64_sys_mount+0xbe/0x150 [ 1847.434262] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1847.439279] do_syscall_64+0x1b1/0x800 [ 1847.443163] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1847.448094] ? syscall_return_slowpath+0x30f/0x5c0 [ 1847.453034] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1847.458393] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1847.463239] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1847.468415] RIP: 0033:0x455a09 [ 1847.471586] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1847.479292] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1847.486565] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1847.493836] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1847.501111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1847.508379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:35 executing program 4 (fault-call:0 fault-nth:50): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000ffffffff00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:35 executing program 2: r0 = syz_open_dev$mice(&(0x7f00000001c0)='/dev/input/mice\x00', 0x0, 0xeff19e3435935d46) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x326) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000180)=""/40, &(0x7f00000000c0)=0x291) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000100)={0x2, 'syz_tun\x00', 0x4}, 0x18) clock_getres(0x25e6552f74f0dd58, &(0x7f0000000140)) 2018/05/15 14:04:35 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:35 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x8000000000000003) fcntl$getown(r0, 0x9) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[@ANYRES16=r0], 0xfffffffffffffe95) ioctl$KDGKBMODE(r0, 0x4b44, &(0x7f0000000040)) [ 1871.591796] FAULT_INJECTION: forcing a failure. [ 1871.591796] name failslab, interval 1, probability 0, space 0, times 0 [ 1871.603128] CPU: 0 PID: 3916 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1871.610335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1871.619706] Call Trace: [ 1871.622316] dump_stack+0x1b9/0x294 [ 1871.625977] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1871.631202] should_fail.cold.4+0xa/0x1a [ 1871.635285] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1871.640406] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1871.645439] ? __lockdep_init_map+0x105/0x590 [ 1871.649952] ? graph_lock+0x170/0x170 [ 1871.653773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1871.659329] ? put_dec_trunc8+0x273/0x300 [ 1871.663506] ? find_held_lock+0x36/0x1c0 [ 1871.667589] ? __lock_is_held+0xb5/0x140 [ 1871.671684] ? check_same_owner+0x320/0x320 [ 1871.676025] ? device_pm_sleep_init+0xe8/0x200 [ 1871.680628] ? rcu_note_context_switch+0x710/0x710 [ 1871.685582] __should_failslab+0x124/0x180 [ 1871.689836] should_failslab+0x9/0x14 [ 1871.693655] __kmalloc_track_caller+0x2c4/0x760 [ 1871.698345] ? pointer+0xa20/0xa20 [ 1871.701908] ? kvasprintf_const+0x67/0x190 [ 1871.706160] kvasprintf+0xa9/0x130 [ 1871.709720] ? bust_spinlocks+0xe0/0xe0 [ 1871.713716] ? rcu_read_lock_sched_held+0x108/0x120 [ 1871.718749] kvasprintf_const+0x67/0x190 [ 1871.722815] kobject_set_name_vargs+0x5b/0x150 [ 1871.727398] device_create_groups_vargs+0x1ce/0x270 [ 1871.732433] device_create_vargs+0x46/0x60 [ 1871.736683] bdi_register_va.part.10+0xbb/0x9b0 [ 1871.741343] ? cgwb_kill+0x630/0x630 [ 1871.745047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1871.750567] ? bdi_init+0x416/0x510 [ 1871.754178] ? wb_init+0x9e0/0x9e0 [ 1871.757703] ? bdi_alloc_node+0x67/0xe0 [ 1871.761662] ? bdi_alloc_node+0x67/0xe0 [ 1871.765653] ? rcu_read_lock_sched_held+0x108/0x120 [ 1871.770656] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1871.775924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1871.781448] ? refcount_sub_and_test+0x212/0x330 [ 1871.786193] bdi_register_va+0x68/0x80 [ 1871.790070] super_setup_bdi_name+0x123/0x220 [ 1871.794552] ? kill_block_super+0x100/0x100 [ 1871.798863] ? kmem_cache_alloc_trace+0x616/0x780 [ 1871.803696] fuse_fill_super+0xe6e/0x1e20 [ 1871.807835] ? fuse_get_root_inode+0x190/0x190 [ 1871.812408] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1871.817932] ? vsnprintf+0x242/0x1b40 [ 1871.821723] ? pointer+0xa20/0xa20 [ 1871.825253] ? vsprintf+0x40/0x40 [ 1871.828694] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1871.833697] ? set_blocksize+0x2c4/0x350 [ 1871.837747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1871.843274] mount_bdev+0x30c/0x3e0 [ 1871.846888] ? fuse_get_root_inode+0x190/0x190 [ 1871.851458] fuse_mount_blk+0x34/0x40 [ 1871.855249] mount_fs+0xae/0x328 [ 1871.858605] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1871.863175] ? may_umount+0xb0/0xb0 [ 1871.866787] ? _raw_read_unlock+0x22/0x30 [ 1871.870919] ? __get_fs_type+0x97/0xc0 [ 1871.874796] do_mount+0x564/0x3070 [ 1871.878330] ? copy_mount_string+0x40/0x40 [ 1871.882549] ? rcu_pm_notify+0xc0/0xc0 [ 1871.886428] ? copy_mount_options+0x5f/0x380 [ 1871.890822] ? rcu_read_lock_sched_held+0x108/0x120 [ 1871.895825] ? kmem_cache_alloc_trace+0x616/0x780 [ 1871.900656] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1871.906180] ? _copy_from_user+0xdf/0x150 [ 1871.910321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1871.915845] ? copy_mount_options+0x285/0x380 [ 1871.920334] ksys_mount+0x12d/0x140 [ 1871.923962] __x64_sys_mount+0xbe/0x150 [ 1871.927927] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1871.932943] do_syscall_64+0x1b1/0x800 [ 1871.936819] ? finish_task_switch+0x1ca/0x840 [ 1871.941305] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1871.946226] ? syscall_return_slowpath+0x30f/0x5c0 [ 1871.951147] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1871.956500] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1871.961337] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1871.966512] RIP: 0033:0x455a09 [ 1871.969686] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1871.977383] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1871.984637] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:04:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000200000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000050000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1871.991890] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1871.999143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1872.006397] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:35 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000001c0), 0x1000013c) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x10001}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r1, 0x4e5, 0x7}, &(0x7f0000000140)=0x10) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) openat$urandom(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x20002, 0x0) [ 1872.052348] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:35 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:35 executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x8040, 0x0) getsockopt$sock_buf(r0, 0x1, 0x3f, &(0x7f00000001c0)=""/224, &(0x7f00000002c0)=0xe0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[@ANYRES16=r1, @ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRES64=r1, @ANYRES32=r1, @ANYRES32], @ANYPTR=&(0x7f0000000100)=ANY=[@ANYPTR=&(0x7f00000000c0)=ANY=[@ANYRES64=r1], @ANYRES16=r1, @ANYBLOB="6920ca1680c4b0d47fb6459000c6b0862a3c4f5a457d0a5dc27500f67ae5badffd7caf5cb00153e12724bf8cb584e4d93aa8e8a32f11868044c579303d747ac4bb3d33e0b5e0475ed6909e531235b1626839781d757fb3cf47216e2417b7", @ANYRES16]], 0x12) 2018/05/15 14:04:35 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000fffffffe00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:35 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:35 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000004000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:35 executing program 4 (fault-call:0 fault-nth:51): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1872.198879] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1872.274762] FAULT_INJECTION: forcing a failure. [ 1872.274762] name failslab, interval 1, probability 0, space 0, times 0 [ 1872.286133] CPU: 0 PID: 3975 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1872.293341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1872.302703] Call Trace: [ 1872.305313] dump_stack+0x1b9/0x294 [ 1872.308960] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1872.314181] should_fail.cold.4+0xa/0x1a [ 1872.318268] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1872.323409] ? fuse_mount_blk+0x34/0x40 [ 1872.327412] ? mount_fs+0xae/0x328 [ 1872.330979] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1872.335763] ? do_mount+0x564/0x3070 [ 1872.339501] ? ksys_mount+0x12d/0x140 [ 1872.343333] ? __x64_sys_mount+0xbe/0x150 [ 1872.347507] ? do_syscall_64+0x1b1/0x800 [ 1872.351591] ? graph_lock+0x170/0x170 [ 1872.355416] ? find_held_lock+0x36/0x1c0 [ 1872.359516] ? find_held_lock+0x36/0x1c0 [ 1872.363606] ? __lock_is_held+0xb5/0x140 [ 1872.367708] ? check_same_owner+0x320/0x320 [ 1872.372052] ? rcu_note_context_switch+0x710/0x710 [ 1872.377006] ? kasan_check_read+0x11/0x20 [ 1872.381182] __should_failslab+0x124/0x180 [ 1872.385447] should_failslab+0x9/0x14 [ 1872.389272] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1872.394418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1872.399983] ? refcount_sub_and_test+0x212/0x330 [ 1872.404753] bdi_alloc_node+0x67/0xe0 [ 1872.408571] super_setup_bdi_name+0x8b/0x220 [ 1872.413001] ? kill_block_super+0x100/0x100 [ 1872.417344] ? rcu_read_lock_sched_held+0x108/0x120 [ 1872.422387] ? kmem_cache_alloc_trace+0x616/0x780 [ 1872.427248] fuse_fill_super+0xe6e/0x1e20 [ 1872.431402] ? fuse_get_root_inode+0x190/0x190 [ 1872.435988] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1872.441528] ? vsnprintf+0x242/0x1b40 [ 1872.445341] ? pointer+0xa20/0xa20 [ 1872.448897] ? vsprintf+0x40/0x40 [ 1872.452364] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1872.457388] ? set_blocksize+0x2c4/0x350 [ 1872.461454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1872.467007] mount_bdev+0x30c/0x3e0 [ 1872.470633] ? fuse_get_root_inode+0x190/0x190 [ 1872.475203] fuse_mount_blk+0x34/0x40 [ 1872.479020] mount_fs+0xae/0x328 [ 1872.482400] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1872.486993] ? may_umount+0xb0/0xb0 [ 1872.490634] ? _raw_read_unlock+0x22/0x30 [ 1872.494792] ? __get_fs_type+0x97/0xc0 [ 1872.498697] do_mount+0x564/0x3070 [ 1872.502255] ? copy_mount_string+0x40/0x40 [ 1872.506515] ? rcu_pm_notify+0xc0/0xc0 [ 1872.510429] ? copy_mount_options+0x5f/0x380 [ 1872.514856] ? rcu_read_lock_sched_held+0x108/0x120 [ 1872.519891] ? kmem_cache_alloc_trace+0x616/0x780 [ 1872.524759] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1872.530310] ? _copy_from_user+0xdf/0x150 [ 1872.534458] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1872.539989] ? copy_mount_options+0x285/0x380 [ 1872.544500] ksys_mount+0x12d/0x140 [ 1872.548128] __x64_sys_mount+0xbe/0x150 [ 1872.552093] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1872.557101] do_syscall_64+0x1b1/0x800 [ 1872.561491] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1872.566327] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1872.571257] ? syscall_return_slowpath+0x30f/0x5c0 [ 1872.576195] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1872.581549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1872.586394] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1872.591579] RIP: 0033:0x455a09 [ 1872.594751] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1872.602446] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1872.609703] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1872.616961] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1872.624218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1872.631477] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:36 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="3041e97fee8b8b9f20e613df7a7d25b28cee5f634505ac71a0d2b178a317f58f6ebe701bee475907306672f0a473b4cc71c3e711c3df7f867a429df8e410f48f9429712fd97598fd1f1186973b7561f5674993a5d5449c3534210837b968000966780e67dc661e596297dea8d903e0973c37dba590d2ef6997d008d16f6b684e42733d298c07feef2f66ee730bfcf259adbcf647ba5469c6707bb680fb2bcb8c"], 0x1) 2018/05/15 14:04:36 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9fffffff00000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:36 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:36 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:36 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x56, "abc074b2bb3c13798b5d3605992a3859f4d3975ea6fb804320a210f986f3a5f309db1909c581c496ba8c3330621df24caec4865799b95438f952ef3bb077308355887644b408ea23234969ffb4a83bdbe1c85e68a15c"}, &(0x7f00000000c0)=0x5e) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r1, 0x0, 0x30}, 0xc) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r0, 0x6430) 2018/05/15 14:04:36 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530ff", 0x0) close(r0) 2018/05/15 14:04:36 executing program 4 (fault-call:0 fault-nth:52): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:36 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000007000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1873.052135] FAULT_INJECTION: forcing a failure. [ 1873.052135] name failslab, interval 1, probability 0, space 0, times 0 [ 1873.063499] CPU: 0 PID: 4007 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1873.070702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1873.080068] Call Trace: [ 1873.082679] dump_stack+0x1b9/0x294 [ 1873.086334] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1873.091545] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 1873.096675] should_fail.cold.4+0xa/0x1a [ 1873.100758] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1873.105883] ? memset+0x31/0x40 [ 1873.109199] ? graph_lock+0x170/0x170 [ 1873.113032] ? get_random_bytes+0x34/0x40 [ 1873.117208] ? crng_backtrack_protect+0x80/0x80 [ 1873.121898] ? find_held_lock+0x36/0x1c0 [ 1873.125957] ? __lock_is_held+0xb5/0x140 [ 1873.130030] ? check_same_owner+0x320/0x320 [ 1873.134348] ? fuse_conn_init+0x744/0x900 [ 1873.138491] ? rcu_note_context_switch+0x710/0x710 [ 1873.143417] __should_failslab+0x124/0x180 [ 1873.147651] should_failslab+0x9/0x14 [ 1873.151470] kmem_cache_alloc_trace+0x2cb/0x780 [ 1873.156149] fuse_dev_alloc+0xb5/0x4e0 [ 1873.160028] ? __lock_is_held+0xb5/0x140 [ 1873.164088] ? process_init_reply+0x1460/0x1460 [ 1873.168750] ? rcu_read_lock_sched_held+0x108/0x120 [ 1873.173759] ? kmem_cache_alloc_trace+0x616/0x780 [ 1873.178595] fuse_fill_super+0xce0/0x1e20 [ 1873.182735] ? fuse_get_root_inode+0x190/0x190 [ 1873.187313] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1873.192838] ? vsnprintf+0x242/0x1b40 [ 1873.196641] ? pointer+0xa20/0xa20 [ 1873.200187] ? vsprintf+0x40/0x40 [ 1873.203638] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1873.208642] ? set_blocksize+0x2c4/0x350 [ 1873.212701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.218236] mount_bdev+0x30c/0x3e0 [ 1873.221860] ? fuse_get_root_inode+0x190/0x190 [ 1873.226429] fuse_mount_blk+0x34/0x40 [ 1873.230226] mount_fs+0xae/0x328 [ 1873.233581] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1873.238169] ? may_umount+0xb0/0xb0 [ 1873.241789] ? _raw_read_unlock+0x22/0x30 [ 1873.245924] ? __get_fs_type+0x97/0xc0 [ 1873.249800] do_mount+0x564/0x3070 [ 1873.253329] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1873.257728] ? copy_mount_string+0x40/0x40 [ 1873.261949] ? rcu_pm_notify+0xc0/0xc0 [ 1873.265827] ? copy_mount_options+0x5f/0x380 [ 1873.270229] ? rcu_read_lock_sched_held+0x108/0x120 [ 1873.275251] ? kmem_cache_alloc_trace+0x616/0x780 [ 1873.280103] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1873.285630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.291153] ? copy_mount_options+0x285/0x380 [ 1873.295636] ksys_mount+0x12d/0x140 [ 1873.299252] __x64_sys_mount+0xbe/0x150 [ 1873.303216] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1873.308225] do_syscall_64+0x1b1/0x800 [ 1873.312102] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1873.317036] ? syscall_return_slowpath+0x30f/0x5c0 [ 1873.321956] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1873.327312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1873.332150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1873.337327] RIP: 0033:0x455a09 [ 1873.340504] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:04:36 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1873.348217] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1873.355472] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1873.362730] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1873.369994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1873.377259] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:37 executing program 4 (fault-call:0 fault-nth:53): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:37 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:37 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000580)={{{@in, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast1}}, &(0x7f0000000680)=0xe8) sendmsg$TEAM_CMD_PORT_LIST_GET(r0, &(0x7f0000000700)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x804000}, 0xc, &(0x7f00000006c0)={&(0x7f0000001800)={0xf4, r1, 0x100, 0x70bd26, 0x25dfdbfc, {0x3}, [{{0x8, 0x1, r2}, {0xd8, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4}}, {0x8, 0x7}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x2c, 0x4, [{0x971, 0x7, 0x1ff, 0x2}, {0xd, 0x10001, 0x137a, 0x6}, {0x3f, 0x4, 0x9, 0x5}, {0x4, 0x2, 0x28c, 0x726c496a}, {0x80000000, 0x400, 0x4, 0x2}]}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x101}}}]}}]}, 0xf4}, 0x1, 0x0, 0x0, 0x80}, 0x0) syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x9, 0x100) [ 1873.414082] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1873.476164] FAULT_INJECTION: forcing a failure. [ 1873.476164] name failslab, interval 1, probability 0, space 0, times 0 [ 1873.487707] CPU: 1 PID: 4015 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1873.494914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1873.504294] Call Trace: [ 1873.506913] dump_stack+0x1b9/0x294 [ 1873.510566] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1873.515795] should_fail.cold.4+0xa/0x1a [ 1873.519882] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1873.525009] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1873.530064] ? __lockdep_init_map+0x105/0x590 [ 1873.534588] ? graph_lock+0x170/0x170 [ 1873.538418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.544075] ? put_dec_trunc8+0x273/0x300 [ 1873.548264] ? find_held_lock+0x36/0x1c0 [ 1873.552361] ? __lock_is_held+0xb5/0x140 [ 1873.556467] ? check_same_owner+0x320/0x320 [ 1873.560816] ? device_pm_sleep_init+0xe8/0x200 [ 1873.565442] ? rcu_note_context_switch+0x710/0x710 [ 1873.570420] __should_failslab+0x124/0x180 2018/05/15 14:04:37 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:37 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000378000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:37 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1873.574791] should_failslab+0x9/0x14 [ 1873.578621] __kmalloc_track_caller+0x2c4/0x760 [ 1873.583330] ? pointer+0xa20/0xa20 [ 1873.586908] ? kvasprintf_const+0x67/0x190 [ 1873.591185] kvasprintf+0xa9/0x130 [ 1873.594756] ? bust_spinlocks+0xe0/0xe0 [ 1873.598776] ? rcu_read_lock_sched_held+0x108/0x120 [ 1873.603822] kvasprintf_const+0x67/0x190 [ 1873.607916] kobject_set_name_vargs+0x5b/0x150 [ 1873.612529] device_create_groups_vargs+0x1ce/0x270 [ 1873.617581] device_create_vargs+0x46/0x60 [ 1873.621845] bdi_register_va.part.10+0xbb/0x9b0 [ 1873.626550] ? cgwb_kill+0x630/0x630 [ 1873.630295] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.635857] ? bdi_init+0x416/0x510 [ 1873.639507] ? wb_init+0x9e0/0x9e0 [ 1873.643083] ? bdi_alloc_node+0x67/0xe0 [ 1873.647078] ? bdi_alloc_node+0x67/0xe0 [ 1873.651076] ? rcu_read_lock_sched_held+0x108/0x120 [ 1873.656126] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1873.661434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.667007] ? refcount_sub_and_test+0x212/0x330 [ 1873.671787] bdi_register_va+0x68/0x80 2018/05/15 14:04:37 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000feffffff00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1873.675703] super_setup_bdi_name+0x123/0x220 [ 1873.680220] ? kill_block_super+0x100/0x100 [ 1873.684585] ? kmem_cache_alloc_trace+0x616/0x780 [ 1873.689461] fuse_fill_super+0xe6e/0x1e20 [ 1873.693640] ? fuse_get_root_inode+0x190/0x190 [ 1873.698427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1873.703981] ? vsnprintf+0x242/0x1b40 [ 1873.707833] ? pointer+0xa20/0xa20 [ 1873.711418] ? vsprintf+0x40/0x40 [ 1873.714904] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1873.719940] ? set_blocksize+0x2c4/0x350 [ 1873.724025] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.729591] mount_bdev+0x30c/0x3e0 [ 1873.733242] ? fuse_get_root_inode+0x190/0x190 [ 1873.737855] fuse_mount_blk+0x34/0x40 [ 1873.741683] mount_fs+0xae/0x328 [ 1873.745072] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1873.749678] ? may_umount+0xb0/0xb0 [ 1873.753315] ? _raw_read_unlock+0x22/0x30 [ 1873.757484] ? __get_fs_type+0x97/0xc0 [ 1873.761395] do_mount+0x564/0x3070 [ 1873.764957] ? copy_mount_string+0x40/0x40 [ 1873.769215] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1873.773999] ? retint_kernel+0x10/0x10 [ 1873.777911] ? copy_mount_options+0x213/0x380 [ 1873.782445] ? __sanitizer_cov_trace_pc+0x1a/0x50 [ 1873.787318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1873.792883] ? copy_mount_options+0x285/0x380 [ 1873.797406] ksys_mount+0x12d/0x140 [ 1873.801060] __x64_sys_mount+0xbe/0x150 [ 1873.805057] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1873.810102] do_syscall_64+0x1b1/0x800 [ 1873.814012] ? finish_task_switch+0x1ca/0x840 [ 1873.818537] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1873.823489] ? syscall_return_slowpath+0x30f/0x5c0 [ 1873.827810] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1873.828438] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1873.828462] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1873.828483] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1873.828496] RIP: 0033:0x455a09 [ 1873.828504] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1873.828521] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1873.828530] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1873.828539] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1873.828546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1873.828559] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:38 executing program 4 (fault-call:0 fault-nth:54): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:38 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000440)={{{@in=@multicast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f0000000540)=0xe8) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000580)={@mcast1={0xff, 0x1, [], 0x1}, r1}, 0x14) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="e30e116bcbd71a0d157a4a13cd61b0f5a1f53062e5b174e979d4c72b36046c31f057fa1fc47bfb621effa4e45cab561600a53f3e1c4fc72d3bc37ef00da7643f53a5c265afb6bc1f1d1eed00dfe6e1f1f8b35131231632dfcd69c37b59591fc46146f258ea9cb3821ef3db5bbb9a8a2ad53bec7ddd63e8e0b5d26e3a9271f8738a8e71e5c1e7f2c7da5c768d9b2984326f112df91be0af8ae5a6c3de1940dcbb56d2affd18096c21771ad6a4cfecc9fdd7ea909f811e2a13a29cb71f888459c5e65387755c9adcb171ffb92365ff6c5109de5f8206da1ac039ea35c4d53b7ec19ba726d715845c8a33afedac62058bb1b8c68b103298e7ac0b5b778af5a10c6f84d9029fcfa19f05bf68e2b1e627b1711ba987160259a224d412d84ee57bb88580429716a819c6e5d9f61a13ad742db1176a8abaf690716ee4e50a31baa2169feaa11e1d981316f6c50f911d46f41968de"], 0x1) fcntl$getownex(r0, 0x10, &(0x7f0000000080)={0x0, 0x0}) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=0x0) r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/uts\x00') ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000240)=""/59) ioctl$int_in(r4, 0x5421, &(0x7f0000000280)=0x6) kcmp(r2, r3, 0x6, r0, r4) sendto$llc(r0, &(0x7f0000000140)="64d36931d256d8e14c1719349f328389d588b6674a115188006632faaa602d1aef221a734d1a0150f6f6f5565854d567a5af7fae26de2cd43f1e0e17f2b78fd9d9da675946398d6a6188c1ae7b7a1489ff31f9f3c859e91f347a1bab1ffceea3b3277e31304e607a74eea9db5fb438efd5e9bee530f172436802ac275e50dd396df0019699e31176b538efa63566b76f5121337d0c0b5e64735e86546919e9c397fe535f753f665c06749088d93c23ee297119fcb71f18cb4d39f6da757aca9e6e756ee37640", 0xc6, 0x1, 0x0, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f00000005c0)) 2018/05/15 14:04:38 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x10400) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x400, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)=0x0) sched_rr_get_interval(r1, &(0x7f0000000100)) mount(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='configfs\x00', 0x10000, &(0x7f0000000300)="9e35fa49a4b341686a37c82e4774178442a80846b1171f8e81d4c37d2752cbb621ed5d8f1d12940bc6f7a546331fed26c967a7d75d65127af5ed6e") write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) mq_open(&(0x7f0000000000)='/dev/input/mice\x00', 0x1, 0x1, &(0x7f0000000080)={0xffffffffffffffe0, 0x3f, 0x9, 0x2, 0xffffffffffffff3f, 0xd2b4, 0x1, 0x5}) mount(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='affs\x00', 0x40000, 0x0) 2018/05/15 14:04:38 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:38 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000002000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:38 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x85ffffff}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:38 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:38 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000ffffffe400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1874.652647] FAULT_INJECTION: forcing a failure. [ 1874.652647] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.664456] CPU: 0 PID: 4056 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1874.671658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1874.681026] Call Trace: [ 1874.683629] dump_stack+0x1b9/0x294 [ 1874.687280] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1874.692498] should_fail.cold.4+0xa/0x1a [ 1874.696580] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1874.701694] ? graph_lock+0x170/0x170 [ 1874.705521] ? print_usage_bug+0xc0/0xc0 [ 1874.709609] ? __update_load_avg_blocked_se.isra.33+0x460/0x460 [ 1874.715686] ? graph_lock+0x170/0x170 [ 1874.719511] ? graph_lock+0x170/0x170 [ 1874.723335] ? graph_lock+0x170/0x170 [ 1874.727155] ? print_usage_bug+0xc0/0xc0 [ 1874.731244] ? print_usage_bug+0xc0/0xc0 [ 1874.735333] __should_failslab+0x124/0x180 [ 1874.739593] should_failslab+0x9/0x14 [ 1874.743412] kmem_cache_alloc+0x47/0x760 [ 1874.747492] ? lock_downgrade+0x8e0/0x8e0 [ 1874.751661] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 1874.757397] idr_get_free+0x891/0x10a0 [ 1874.761325] ? radix_tree_clear_tags+0xc0/0xc0 [ 1874.765941] ? unwind_get_return_address+0x61/0xa0 [ 1874.770894] ? __save_stack_trace+0x7e/0xd0 [ 1874.775244] ? save_stack+0xa9/0xd0 [ 1874.778979] ? save_stack+0x43/0xd0 [ 1874.782623] ? kasan_kmalloc+0xc4/0xe0 [ 1874.786523] ? kasan_slab_alloc+0x12/0x20 [ 1874.790683] ? kmem_cache_alloc+0x12e/0x760 [ 1874.795015] ? __kernfs_new_node+0xe7/0x580 [ 1874.799332] ? kernfs_new_node+0x80/0xf0 [ 1874.803379] ? kernfs_create_dir_ns+0x3d/0x140 [ 1874.807947] ? sysfs_create_dir_ns+0xbe/0x1d0 [ 1874.812428] ? kobject_add_internal+0x354/0xac0 [ 1874.817085] ? kobject_add+0x13a/0x190 [ 1874.820991] ? device_create_groups_vargs+0x1ff/0x270 [ 1874.826171] ? device_create_vargs+0x46/0x60 [ 1874.830577] ? bdi_register_va.part.10+0xbb/0x9b0 [ 1874.835404] ? bdi_register_va+0x68/0x80 [ 1874.839453] ? super_setup_bdi_name+0x123/0x220 [ 1874.844111] ? fuse_fill_super+0xe6e/0x1e20 [ 1874.848418] ? mount_bdev+0x30c/0x3e0 [ 1874.852205] ? mount_fs+0xae/0x328 [ 1874.855730] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1874.860468] ? do_mount+0x564/0x3070 [ 1874.864167] ? ksys_mount+0x12d/0x140 [ 1874.867957] ? __x64_sys_mount+0xbe/0x150 [ 1874.872103] ? do_syscall_64+0x1b1/0x800 [ 1874.876153] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1874.881504] ? print_usage_bug+0xc0/0xc0 [ 1874.885557] idr_alloc_u32+0x1f9/0x3d0 [ 1874.889434] ? __fprop_inc_percpu_max+0x2c0/0x2c0 [ 1874.894261] ? lock_acquire+0x1dc/0x520 [ 1874.898220] ? __kernfs_new_node+0x10e/0x580 [ 1874.902613] ? __lock_is_held+0xb5/0x140 [ 1874.906664] idr_alloc_cyclic+0x167/0x340 [ 1874.910800] ? idr_alloc+0x1a0/0x1a0 [ 1874.914499] ? kasan_check_write+0x14/0x20 [ 1874.918720] ? do_raw_spin_lock+0xc1/0x200 [ 1874.922947] __kernfs_new_node+0x1a3/0x580 [ 1874.927172] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1874.931922] ? lock_downgrade+0x8e0/0x8e0 [ 1874.936061] kernfs_new_node+0x80/0xf0 [ 1874.939947] kernfs_create_dir_ns+0x3d/0x140 [ 1874.944343] sysfs_create_dir_ns+0xbe/0x1d0 [ 1874.948652] kobject_add_internal+0x354/0xac0 [ 1874.953136] ? kobj_ns_type_registered+0x60/0x60 [ 1874.957890] ? lock_downgrade+0x8e0/0x8e0 [ 1874.962035] ? refcount_add_not_zero+0x320/0x320 [ 1874.966784] ? kasan_check_read+0x11/0x20 [ 1874.970919] kobject_add+0x13a/0x190 [ 1874.974621] ? kset_create_and_add+0x190/0x190 [ 1874.979193] ? mutex_unlock+0xd/0x10 [ 1874.982908] device_add+0x3a5/0x16d0 [ 1874.986610] ? device_private_init+0x230/0x230 [ 1874.991175] ? kfree+0x1e9/0x260 [ 1874.994543] ? kfree_const+0x5e/0x70 [ 1874.998246] device_create_groups_vargs+0x1ff/0x270 [ 1875.003250] device_create_vargs+0x46/0x60 [ 1875.007475] bdi_register_va.part.10+0xbb/0x9b0 [ 1875.012130] ? cgwb_kill+0x630/0x630 [ 1875.015833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.021353] ? bdi_init+0x416/0x510 [ 1875.024977] ? wb_init+0x9e0/0x9e0 [ 1875.028504] ? bdi_alloc_node+0x67/0xe0 [ 1875.032464] ? bdi_alloc_node+0x67/0xe0 [ 1875.036424] ? rcu_read_lock_sched_held+0x108/0x120 [ 1875.041428] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1875.046693] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.052215] ? refcount_sub_and_test+0x212/0x330 [ 1875.056961] bdi_register_va+0x68/0x80 [ 1875.060836] super_setup_bdi_name+0x123/0x220 [ 1875.065321] ? kill_block_super+0x100/0x100 [ 1875.069629] ? kmem_cache_alloc_trace+0x616/0x780 [ 1875.074466] fuse_fill_super+0xe6e/0x1e20 [ 1875.078604] ? fuse_get_root_inode+0x190/0x190 [ 1875.083175] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1875.088698] ? vsnprintf+0x242/0x1b40 [ 1875.092489] ? pointer+0xa20/0xa20 [ 1875.096028] ? vsprintf+0x40/0x40 [ 1875.099475] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1875.104491] ? set_blocksize+0x2c4/0x350 [ 1875.108542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.114076] mount_bdev+0x30c/0x3e0 [ 1875.117690] ? fuse_get_root_inode+0x190/0x190 [ 1875.122261] fuse_mount_blk+0x34/0x40 [ 1875.126055] mount_fs+0xae/0x328 [ 1875.129410] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1875.133977] ? may_umount+0xb0/0xb0 [ 1875.137589] ? _raw_read_unlock+0x22/0x30 [ 1875.141723] ? __get_fs_type+0x97/0xc0 [ 1875.145601] do_mount+0x564/0x3070 [ 1875.149133] ? copy_mount_string+0x40/0x40 [ 1875.153354] ? rcu_pm_notify+0xc0/0xc0 [ 1875.157231] ? copy_mount_options+0x5f/0x380 [ 1875.161628] ? rcu_read_lock_sched_held+0x108/0x120 [ 1875.166632] ? kmem_cache_alloc_trace+0x616/0x780 [ 1875.171465] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1875.176998] ? _copy_from_user+0xdf/0x150 [ 1875.181143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.186666] ? copy_mount_options+0x285/0x380 [ 1875.191152] ksys_mount+0x12d/0x140 [ 1875.194767] __x64_sys_mount+0xbe/0x150 [ 1875.198740] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1875.203747] do_syscall_64+0x1b1/0x800 [ 1875.207622] ? finish_task_switch+0x1ca/0x840 [ 1875.212107] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1875.217030] ? syscall_return_slowpath+0x30f/0x5c0 [ 1875.221952] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1875.227306] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1875.232142] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1875.237318] RIP: 0033:0x455a09 [ 1875.240491] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1875.248189] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:38 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x280000) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000280)=0x2, 0xfcbc77f73a352554) symlinkat(&(0x7f0000000100)='./file0\x00', r0, &(0x7f0000000140)='./file0\x00') write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) getrusage(0x0, &(0x7f0000000040)) read(r0, &(0x7f00000001c0)=""/167, 0x2fa) time(&(0x7f0000000180)) 2018/05/15 14:04:38 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) dup2(r0, r0) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:39 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1875.255454] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1875.262709] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1875.269964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1875.277217] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:39 executing program 4 (fault-call:0 fault-nth:55): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:39 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000200000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:39 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000002b000", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1875.348679] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1875.414145] FAULT_INJECTION: forcing a failure. [ 1875.414145] name failslab, interval 1, probability 0, space 0, times 0 [ 1875.425585] CPU: 1 PID: 4095 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1875.432781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1875.442151] Call Trace: [ 1875.444764] dump_stack+0x1b9/0x294 [ 1875.448455] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1875.453674] ? is_bpf_text_address+0xd7/0x170 [ 1875.458200] ? kernel_text_address+0x79/0xf0 [ 1875.462637] should_fail.cold.4+0xa/0x1a [ 1875.466725] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1875.471857] ? graph_lock+0x170/0x170 [ 1875.475681] ? save_stack+0xa9/0xd0 [ 1875.479336] ? save_stack+0x43/0xd0 [ 1875.482989] ? kasan_kmalloc+0xc4/0xe0 [ 1875.484925] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1875.486886] ? find_held_lock+0x36/0x1c0 [ 1875.486910] ? __lock_is_held+0xb5/0x140 [ 1875.486940] ? check_same_owner+0x320/0x320 [ 1875.486960] ? rcu_note_context_switch+0x710/0x710 2018/05/15 14:04:39 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:39 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:39 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000003780000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1875.513071] __should_failslab+0x124/0x180 [ 1875.517332] should_failslab+0x9/0x14 [ 1875.521152] kmem_cache_alloc_trace+0x2cb/0x780 [ 1875.525838] ? refcount_add_not_zero+0x320/0x320 [ 1875.530635] device_private_init+0x98/0x230 [ 1875.534970] ? virtual_device_parent+0x60/0x60 [ 1875.539577] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1875.545130] ? refcount_inc+0x29/0x70 [ 1875.548954] device_add+0xe98/0x16d0 [ 1875.553124] ? device_private_init+0x230/0x230 [ 1875.557718] ? kfree+0x1e9/0x260 [ 1875.561107] ? kfree_const+0x5e/0x70 [ 1875.564845] device_create_groups_vargs+0x1ff/0x270 [ 1875.569881] device_create_vargs+0x46/0x60 [ 1875.574149] bdi_register_va.part.10+0xbb/0x9b0 [ 1875.578834] ? cgwb_kill+0x630/0x630 [ 1875.582590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.588147] ? bdi_init+0x416/0x510 [ 1875.591789] ? wb_init+0x9e0/0x9e0 [ 1875.595353] ? bdi_alloc_node+0x67/0xe0 [ 1875.599344] ? bdi_alloc_node+0x67/0xe0 [ 1875.603334] ? rcu_read_lock_sched_held+0x108/0x120 [ 1875.608380] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1875.613676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.619232] ? refcount_sub_and_test+0x212/0x330 [ 1875.624012] bdi_register_va+0x68/0x80 [ 1875.627916] super_setup_bdi_name+0x123/0x220 [ 1875.632422] ? kill_block_super+0x100/0x100 [ 1875.636761] ? kmem_cache_alloc_trace+0x616/0x780 [ 1875.641627] fuse_fill_super+0xe6e/0x1e20 [ 1875.645797] ? fuse_get_root_inode+0x190/0x190 [ 1875.650402] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1875.655954] ? vsnprintf+0x242/0x1b40 [ 1875.659776] ? pointer+0xa20/0xa20 [ 1875.663339] ? vsprintf+0x40/0x40 [ 1875.666790] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1875.671800] ? set_blocksize+0x2c4/0x350 [ 1875.675853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.681385] mount_bdev+0x30c/0x3e0 [ 1875.685001] ? fuse_get_root_inode+0x190/0x190 [ 1875.689613] fuse_mount_blk+0x34/0x40 [ 1875.693405] mount_fs+0xae/0x328 [ 1875.696758] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1875.701326] ? may_umount+0xb0/0xb0 [ 1875.704939] ? _raw_read_unlock+0x22/0x30 [ 1875.709071] ? __get_fs_type+0x97/0xc0 [ 1875.712947] do_mount+0x564/0x3070 [ 1875.716476] ? copy_mount_string+0x40/0x40 [ 1875.720698] ? rcu_pm_notify+0xc0/0xc0 [ 1875.724577] ? copy_mount_options+0x5f/0x380 [ 1875.729005] ? rcu_read_lock_sched_held+0x108/0x120 [ 1875.734028] ? kmem_cache_alloc_trace+0x616/0x780 [ 1875.738879] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1875.744406] ? _copy_from_user+0xdf/0x150 [ 1875.748547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1875.754074] ? copy_mount_options+0x285/0x380 [ 1875.758561] ksys_mount+0x12d/0x140 [ 1875.762193] __x64_sys_mount+0xbe/0x150 [ 1875.766152] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1875.771156] do_syscall_64+0x1b1/0x800 [ 1875.775040] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1875.779872] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1875.784796] ? syscall_return_slowpath+0x30f/0x5c0 [ 1875.789725] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1875.795083] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1875.799920] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1875.805097] RIP: 0033:0x455a09 [ 1875.808269] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/05/15 14:04:39 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) recvmsg(r0, &(0x7f0000002780)={&(0x7f0000000080)=@pppoe, 0x80, &(0x7f0000002680)=[{&(0x7f0000000180)=""/132, 0x84}, {&(0x7f0000000300)=""/191, 0xbf}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/172, 0xac}, {&(0x7f0000000100)=""/54, 0x36}, {&(0x7f0000001480)=""/209, 0xd1}, {&(0x7f0000001580)=""/211, 0xd3}, {&(0x7f0000000240)=""/44, 0x2c}, {&(0x7f0000001680)=""/4096, 0x1000}], 0x9, &(0x7f0000002740)=""/17, 0x11, 0x80000000}, 0x40010000) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000280)=""/114, 0x215c2ab427e48678}], 0x1) write$binfmt_elf64(r0, &(0x7f0000002840)=ANY=[], 0x0) 2018/05/15 14:04:39 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1875.815964] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1875.823219] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1875.830473] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1875.837734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1875.844986] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:39 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653005", 0x0) close(r0) 2018/05/15 14:04:39 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000020000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:39 executing program 4 (fault-call:0 fault-nth:56): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:39 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000100", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:39 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:39 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000030000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1875.962611] FAULT_INJECTION: forcing a failure. [ 1875.962611] name failslab, interval 1, probability 0, space 0, times 0 [ 1875.973993] CPU: 1 PID: 4129 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1875.981198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1875.990563] Call Trace: [ 1875.993175] dump_stack+0x1b9/0x294 [ 1875.996824] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1876.002035] ? is_bpf_text_address+0xd7/0x170 [ 1876.006556] ? kernel_text_address+0x79/0xf0 [ 1876.010987] should_fail.cold.4+0xa/0x1a [ 1876.015075] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1876.020204] ? graph_lock+0x170/0x170 [ 1876.024029] ? save_stack+0xa9/0xd0 [ 1876.027677] ? save_stack+0x43/0xd0 [ 1876.031327] ? kasan_kmalloc+0xc4/0xe0 [ 1876.035237] ? find_held_lock+0x36/0x1c0 [ 1876.039329] ? __lock_is_held+0xb5/0x140 [ 1876.043418] ? check_same_owner+0x320/0x320 [ 1876.047761] ? rcu_note_context_switch+0x710/0x710 [ 1876.052716] __should_failslab+0x124/0x180 [ 1876.056974] should_failslab+0x9/0x14 [ 1876.060795] kmem_cache_alloc_trace+0x2cb/0x780 [ 1876.065515] ? refcount_add_not_zero+0x320/0x320 [ 1876.070309] device_private_init+0x98/0x230 [ 1876.074656] ? virtual_device_parent+0x60/0x60 [ 1876.079272] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1876.084833] ? refcount_inc+0x29/0x70 [ 1876.088657] device_add+0xe98/0x16d0 [ 1876.090265] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1876.092388] ? device_private_init+0x230/0x230 [ 1876.092407] ? kfree+0x1e9/0x260 [ 1876.092426] ? kfree_const+0x5e/0x70 [ 1876.112820] device_create_groups_vargs+0x1ff/0x270 [ 1876.117855] device_create_vargs+0x46/0x60 [ 1876.122107] bdi_register_va.part.10+0xbb/0x9b0 [ 1876.126793] ? cgwb_kill+0x630/0x630 [ 1876.130526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1876.136087] ? bdi_init+0x416/0x510 [ 1876.139743] ? wb_init+0x9e0/0x9e0 [ 1876.143302] ? bdi_alloc_node+0x67/0xe0 [ 1876.147291] ? bdi_alloc_node+0x67/0xe0 [ 1876.151289] ? rcu_read_lock_sched_held+0x108/0x120 [ 1876.156337] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1876.161643] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1876.167205] ? refcount_sub_and_test+0x212/0x330 [ 1876.171984] bdi_register_va+0x68/0x80 [ 1876.175903] super_setup_bdi_name+0x123/0x220 [ 1876.180419] ? kill_block_super+0x100/0x100 [ 1876.184773] ? kmem_cache_alloc_trace+0x616/0x780 [ 1876.189641] fuse_fill_super+0xe6e/0x1e20 [ 1876.193815] ? fuse_get_root_inode+0x190/0x190 [ 1876.198423] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1876.203988] ? vsnprintf+0x242/0x1b40 [ 1876.207943] ? pointer+0xa20/0xa20 [ 1876.211510] ? vsprintf+0x40/0x40 [ 1876.214984] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1876.220020] ? set_blocksize+0x2c4/0x350 [ 1876.224104] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1876.229668] mount_bdev+0x30c/0x3e0 [ 1876.233316] ? fuse_get_root_inode+0x190/0x190 [ 1876.237915] fuse_mount_blk+0x34/0x40 [ 1876.241753] mount_fs+0xae/0x328 [ 1876.245138] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1876.249730] ? may_umount+0xb0/0xb0 [ 1876.253366] ? _raw_read_unlock+0x22/0x30 [ 1876.257514] ? __get_fs_type+0x97/0xc0 [ 1876.261400] do_mount+0x564/0x3070 [ 1876.264933] ? copy_mount_string+0x40/0x40 [ 1876.269177] ? rcu_pm_notify+0xc0/0xc0 [ 1876.273092] ? copy_mount_options+0x5f/0x380 [ 1876.277524] ? rcu_read_lock_sched_held+0x108/0x120 [ 1876.282556] ? kmem_cache_alloc_trace+0x616/0x780 [ 1876.287411] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1876.292954] ? _copy_from_user+0xdf/0x150 [ 1876.297103] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1876.302645] ? copy_mount_options+0x285/0x380 [ 1876.307137] ksys_mount+0x12d/0x140 [ 1876.310763] __x64_sys_mount+0xbe/0x150 [ 1876.314725] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1876.319733] do_syscall_64+0x1b1/0x800 [ 1876.323612] ? finish_task_switch+0x1ca/0x840 [ 1876.328099] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1876.333023] ? syscall_return_slowpath+0x30f/0x5c0 [ 1876.337957] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1876.343321] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1876.348177] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1876.353380] RIP: 0033:0x455a09 [ 1876.356568] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1876.364260] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1876.371523] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1876.378799] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1876.386059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1876.393318] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:40 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) recvfrom$llc(r0, &(0x7f0000000800)=""/4096, 0x1000, 0x10001, &(0x7f0000000040)={0x1a, 0x339, 0x1, 0x3, 0x9, 0x7, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) 2018/05/15 14:04:40 executing program 4 (fault-call:0 fault-nth:57): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:40 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) recvmsg$kcm(r0, &(0x7f0000000340)={&(0x7f00000000c0)=@nfc, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)=""/199, 0xc7}], 0x1, &(0x7f0000000280)=""/133, 0x85, 0x1000}, 0x100) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x1) connect$netrom(r0, &(0x7f0000000080)=@ax25={0x3, {"1f44b490115f59"}, 0x5}, 0x10) 2018/05/15 14:04:40 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:40 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000011000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:40 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c00000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:40 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:40 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1877.087821] FAULT_INJECTION: forcing a failure. [ 1877.087821] name failslab, interval 1, probability 0, space 0, times 0 [ 1877.099155] CPU: 0 PID: 4162 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1877.106358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1877.115748] Call Trace: [ 1877.118373] dump_stack+0x1b9/0x294 [ 1877.122023] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1877.127239] should_fail.cold.4+0xa/0x1a [ 1877.131307] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1877.136413] ? kasan_check_read+0x11/0x20 [ 1877.140571] ? print_usage_bug+0xc0/0xc0 [ 1877.144625] ? get_page_from_freelist+0x4ac8/0x4f00 [ 1877.149629] ? graph_lock+0x170/0x170 [ 1877.153420] ? graph_lock+0x170/0x170 [ 1877.157206] ? print_usage_bug+0xc0/0xc0 [ 1877.161272] ? print_usage_bug+0xc0/0xc0 [ 1877.165324] __should_failslab+0x124/0x180 [ 1877.169559] should_failslab+0x9/0x14 [ 1877.173347] kmem_cache_alloc+0x47/0x760 [ 1877.177423] ? lock_downgrade+0x8e0/0x8e0 [ 1877.181567] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 1877.187269] idr_get_free+0x891/0x10a0 [ 1877.191157] ? radix_tree_clear_tags+0xc0/0xc0 [ 1877.195727] ? unwind_get_return_address+0x61/0xa0 [ 1877.200651] ? __save_stack_trace+0x7e/0xd0 [ 1877.204967] ? save_stack+0xa9/0xd0 [ 1877.208583] ? save_stack+0x43/0xd0 [ 1877.212198] ? kasan_kmalloc+0xc4/0xe0 [ 1877.216079] ? kasan_slab_alloc+0x12/0x20 [ 1877.220216] ? kmem_cache_alloc+0x12e/0x760 [ 1877.224531] ? __kernfs_new_node+0xe7/0x580 [ 1877.228856] ? kernfs_new_node+0x80/0xf0 [ 1877.232907] ? kernfs_create_dir_ns+0x3d/0x140 [ 1877.237476] ? sysfs_create_dir_ns+0xbe/0x1d0 [ 1877.241960] ? kobject_add_internal+0x354/0xac0 [ 1877.246615] ? kobject_add+0x13a/0x190 [ 1877.250492] ? device_create_groups_vargs+0x1ff/0x270 [ 1877.255674] ? device_create_vargs+0x46/0x60 [ 1877.260075] ? bdi_register_va.part.10+0xbb/0x9b0 [ 1877.264910] ? bdi_register_va+0x68/0x80 [ 1877.268966] ? super_setup_bdi_name+0x123/0x220 [ 1877.273627] ? fuse_fill_super+0xe6e/0x1e20 [ 1877.277946] ? mount_bdev+0x30c/0x3e0 [ 1877.281750] ? mount_fs+0xae/0x328 [ 1877.285280] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1877.290032] ? do_mount+0x564/0x3070 [ 1877.293735] ? ksys_mount+0x12d/0x140 [ 1877.297540] ? __x64_sys_mount+0xbe/0x150 [ 1877.301675] ? do_syscall_64+0x1b1/0x800 [ 1877.305725] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1877.311079] ? print_usage_bug+0xc0/0xc0 [ 1877.315135] idr_alloc_u32+0x1f9/0x3d0 [ 1877.319022] ? __fprop_inc_percpu_max+0x2c0/0x2c0 [ 1877.323856] ? lock_acquire+0x1dc/0x520 [ 1877.327822] ? __kernfs_new_node+0x10e/0x580 [ 1877.332217] ? __lock_is_held+0xb5/0x140 [ 1877.336270] idr_alloc_cyclic+0x167/0x340 [ 1877.340409] ? idr_alloc+0x1a0/0x1a0 [ 1877.344119] ? kasan_check_write+0x14/0x20 [ 1877.348339] ? do_raw_spin_lock+0xc1/0x200 [ 1877.352575] __kernfs_new_node+0x1a3/0x580 [ 1877.356821] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1877.361575] ? lock_downgrade+0x8e0/0x8e0 [ 1877.365717] kernfs_new_node+0x80/0xf0 [ 1877.369599] kernfs_create_dir_ns+0x3d/0x140 [ 1877.373999] sysfs_create_dir_ns+0xbe/0x1d0 [ 1877.378319] kobject_add_internal+0x354/0xac0 [ 1877.382813] ? kobj_ns_type_registered+0x60/0x60 [ 1877.387564] ? lock_downgrade+0x8e0/0x8e0 [ 1877.391722] ? refcount_add_not_zero+0x320/0x320 [ 1877.396470] ? kasan_check_read+0x11/0x20 [ 1877.400608] kobject_add+0x13a/0x190 [ 1877.404309] ? kset_create_and_add+0x190/0x190 [ 1877.408895] ? mutex_unlock+0xd/0x10 [ 1877.412615] device_add+0x3a5/0x16d0 [ 1877.416318] ? device_private_init+0x230/0x230 [ 1877.420888] ? kfree+0x1e9/0x260 [ 1877.424242] ? kfree_const+0x5e/0x70 [ 1877.427945] device_create_groups_vargs+0x1ff/0x270 [ 1877.432961] device_create_vargs+0x46/0x60 [ 1877.437182] bdi_register_va.part.10+0xbb/0x9b0 [ 1877.441838] ? cgwb_kill+0x630/0x630 [ 1877.445545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1877.451066] ? bdi_init+0x416/0x510 [ 1877.454677] ? wb_init+0x9e0/0x9e0 [ 1877.458205] ? bdi_alloc_node+0x67/0xe0 [ 1877.462174] ? bdi_alloc_node+0x67/0xe0 [ 1877.466139] ? rcu_read_lock_sched_held+0x108/0x120 [ 1877.471148] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1877.476414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1877.481956] ? refcount_sub_and_test+0x212/0x330 [ 1877.486708] bdi_register_va+0x68/0x80 [ 1877.490586] super_setup_bdi_name+0x123/0x220 [ 1877.495070] ? kill_block_super+0x100/0x100 [ 1877.499378] ? kmem_cache_alloc_trace+0x616/0x780 [ 1877.504216] fuse_fill_super+0xe6e/0x1e20 [ 1877.508353] ? fuse_get_root_inode+0x190/0x190 [ 1877.512923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1877.518444] ? vsnprintf+0x242/0x1b40 [ 1877.522234] ? pointer+0xa20/0xa20 [ 1877.525772] ? vsprintf+0x40/0x40 [ 1877.529212] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1877.534216] ? set_blocksize+0x2c4/0x350 [ 1877.538267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1877.543794] mount_bdev+0x30c/0x3e0 [ 1877.547407] ? fuse_get_root_inode+0x190/0x190 [ 1877.551976] fuse_mount_blk+0x34/0x40 [ 1877.555767] mount_fs+0xae/0x328 [ 1877.559124] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1877.563691] ? may_umount+0xb0/0xb0 [ 1877.567307] ? _raw_read_unlock+0x22/0x30 [ 1877.571442] ? __get_fs_type+0x97/0xc0 [ 1877.575320] do_mount+0x564/0x3070 [ 1877.578871] ? copy_mount_string+0x40/0x40 [ 1877.583095] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1877.587838] ? retint_kernel+0x10/0x10 [ 1877.591743] ? copy_mount_options+0x1e3/0x380 [ 1877.596236] ? __sanitizer_cov_trace_pc+0x11/0x50 [ 1877.601069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1877.606593] ? copy_mount_options+0x285/0x380 [ 1877.611080] ksys_mount+0x12d/0x140 [ 1877.614712] __x64_sys_mount+0xbe/0x150 [ 1877.618672] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1877.623675] do_syscall_64+0x1b1/0x800 [ 1877.627551] ? finish_task_switch+0x1ca/0x840 [ 1877.632037] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1877.636960] ? syscall_return_slowpath+0x30f/0x5c0 [ 1877.641889] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1877.647245] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1877.652078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1877.657252] RIP: 0033:0x455a09 [ 1877.660425] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1877.668123] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1877.675380] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1877.682633] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:04:41 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1877.689888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1877.697141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1877.722866] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:41 executing program 4 (fault-call:0 fault-nth:58): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:41 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000110000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:41 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000b00200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1877.821664] FAULT_INJECTION: forcing a failure. [ 1877.821664] name failslab, interval 1, probability 0, space 0, times 0 [ 1877.833186] CPU: 0 PID: 4188 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1877.840386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1877.849748] Call Trace: [ 1877.852360] dump_stack+0x1b9/0x294 [ 1877.855994] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1877.861181] should_fail.cold.4+0xa/0x1a [ 1877.865229] ? __kmalloc_track_caller+0x14a/0x760 [ 1877.870060] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1877.875152] ? device_add+0x3a5/0x16d0 [ 1877.879031] ? device_create_groups_vargs+0x1ff/0x270 [ 1877.884210] ? device_create_vargs+0x46/0x60 [ 1877.888622] ? bdi_register_va.part.10+0xbb/0x9b0 [ 1877.893476] ? bdi_register_va+0x68/0x80 [ 1877.897524] ? super_setup_bdi_name+0x123/0x220 [ 1877.902180] ? fuse_fill_super+0xe6e/0x1e20 [ 1877.906487] ? graph_lock+0x170/0x170 [ 1877.910279] ? do_mount+0x564/0x3070 [ 1877.914000] ? ksys_mount+0x12d/0x140 [ 1877.917798] ? __x64_sys_mount+0xbe/0x150 [ 1877.921945] ? do_syscall_64+0x1b1/0x800 [ 1877.925995] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1877.931353] ? find_held_lock+0x36/0x1c0 [ 1877.935423] ? __lock_is_held+0xb5/0x140 [ 1877.939480] ? check_same_owner+0x320/0x320 [ 1877.943790] ? rcu_note_context_switch+0x710/0x710 [ 1877.948719] ? rcu_read_lock_sched_held+0x108/0x120 [ 1877.953724] __should_failslab+0x124/0x180 [ 1877.957952] should_failslab+0x9/0x14 [ 1877.961748] kmem_cache_alloc+0x2af/0x760 [ 1877.965890] ? memcpy+0x45/0x50 [ 1877.969161] ? kstrdup+0x59/0x70 [ 1877.972515] __kernfs_new_node+0xe7/0x580 [ 1877.976652] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1877.981400] ? lock_downgrade+0x8e0/0x8e0 [ 1877.985549] kernfs_new_node+0x80/0xf0 [ 1877.989425] kernfs_create_dir_ns+0x3d/0x140 [ 1877.993824] sysfs_create_dir_ns+0xbe/0x1d0 [ 1877.998134] kobject_add_internal+0x354/0xac0 [ 1878.002620] ? kobj_ns_type_registered+0x60/0x60 [ 1878.007369] ? lock_downgrade+0x8e0/0x8e0 [ 1878.011509] ? refcount_add_not_zero+0x320/0x320 [ 1878.016257] ? kasan_check_read+0x11/0x20 [ 1878.020398] kobject_add+0x13a/0x190 [ 1878.024099] ? kset_create_and_add+0x190/0x190 [ 1878.028670] ? mutex_unlock+0xd/0x10 [ 1878.032372] device_add+0x3a5/0x16d0 [ 1878.036075] ? device_private_init+0x230/0x230 [ 1878.040643] ? kfree+0x1e9/0x260 [ 1878.044000] ? kfree_const+0x5e/0x70 [ 1878.047706] device_create_groups_vargs+0x1ff/0x270 [ 1878.052710] device_create_vargs+0x46/0x60 [ 1878.056935] bdi_register_va.part.10+0xbb/0x9b0 [ 1878.061591] ? cgwb_kill+0x630/0x630 [ 1878.065292] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.070815] ? bdi_init+0x416/0x510 [ 1878.074426] ? wb_init+0x9e0/0x9e0 [ 1878.077963] ? bdi_alloc_node+0x67/0xe0 [ 1878.081924] ? bdi_alloc_node+0x67/0xe0 [ 1878.085883] ? rcu_read_lock_sched_held+0x108/0x120 [ 1878.090888] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1878.096153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.101689] ? refcount_sub_and_test+0x212/0x330 [ 1878.106433] bdi_register_va+0x68/0x80 [ 1878.110331] super_setup_bdi_name+0x123/0x220 [ 1878.114816] ? kill_block_super+0x100/0x100 [ 1878.119129] ? kmem_cache_alloc_trace+0x616/0x780 [ 1878.123963] fuse_fill_super+0xe6e/0x1e20 [ 1878.128112] ? fuse_get_root_inode+0x190/0x190 [ 1878.132683] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1878.138205] ? vsnprintf+0x242/0x1b40 [ 1878.141998] ? pointer+0xa20/0xa20 [ 1878.145534] ? vsprintf+0x40/0x40 [ 1878.148978] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1878.153991] ? set_blocksize+0x2c4/0x350 [ 1878.158052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.163578] mount_bdev+0x30c/0x3e0 [ 1878.167220] ? fuse_get_root_inode+0x190/0x190 [ 1878.171802] fuse_mount_blk+0x34/0x40 [ 1878.175590] mount_fs+0xae/0x328 [ 1878.178946] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1878.183514] ? may_umount+0xb0/0xb0 [ 1878.187136] ? _raw_read_unlock+0x22/0x30 [ 1878.191270] ? __get_fs_type+0x97/0xc0 [ 1878.195148] do_mount+0x564/0x3070 [ 1878.198674] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1878.203071] ? copy_mount_string+0x40/0x40 [ 1878.207291] ? rcu_pm_notify+0xc0/0xc0 [ 1878.211172] ? copy_mount_options+0x5f/0x380 [ 1878.215566] ? rcu_read_lock_sched_held+0x108/0x120 [ 1878.220569] ? kmem_cache_alloc_trace+0x616/0x780 [ 1878.225400] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1878.230929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.236451] ? copy_mount_options+0x285/0x380 [ 1878.240934] ksys_mount+0x12d/0x140 [ 1878.244549] __x64_sys_mount+0xbe/0x150 [ 1878.248510] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1878.253512] do_syscall_64+0x1b1/0x800 [ 1878.257387] ? finish_task_switch+0x1ca/0x840 [ 1878.261873] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1878.266796] ? syscall_return_slowpath+0x30f/0x5c0 [ 1878.271718] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1878.277073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1878.281909] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1878.287085] RIP: 0033:0x455a09 [ 1878.290257] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1878.297951] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1878.305207] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1878.312460] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:04:42 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000007fffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1878.319712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1878.326981] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1878.334363] kobject_add_internal failed for 7:199-fuseblk (error: -12 parent: bdi) [ 1878.443550] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:42 executing program 3: readv(0xffffffffffffffff, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0xfffffffffffffd2d}], 0x1) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:42 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000003780000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:42 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530ff", 0x0) close(r0) 2018/05/15 14:04:42 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x8, 0x8200) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f00000000c0)={0x0, 0x1ff}) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x100000000000011b) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:42 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:42 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000ffffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:42 executing program 4 (fault-call:0 fault-nth:59): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:42 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1878.584240] FAULT_INJECTION: forcing a failure. [ 1878.584240] name failslab, interval 1, probability 0, space 0, times 0 [ 1878.595685] CPU: 1 PID: 4226 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1878.602881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1878.612303] Call Trace: [ 1878.614912] dump_stack+0x1b9/0x294 [ 1878.618559] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1878.623776] ? mutex_trylock+0x2a0/0x2a0 [ 1878.627869] should_fail.cold.4+0xa/0x1a [ 1878.631956] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1878.637088] ? graph_lock+0x170/0x170 [ 1878.640906] ? find_held_lock+0x36/0x1c0 [ 1878.644989] ? find_held_lock+0x36/0x1c0 [ 1878.649077] ? __lock_is_held+0xb5/0x140 [ 1878.653167] ? check_same_owner+0x320/0x320 [ 1878.657503] ? graph_lock+0x170/0x170 [ 1878.661323] ? rcu_note_context_switch+0x710/0x710 [ 1878.666279] ? kasan_check_write+0x14/0x20 [ 1878.670531] __should_failslab+0x124/0x180 [ 1878.674789] should_failslab+0x9/0x14 2018/05/15 14:04:42 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:42 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f0000000040)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[@ANYPTR64=&(0x7f0000000280)=ANY=[@ANYPTR=&(0x7f0000000080)=ANY=[@ANYPTR64], @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYPTR, @ANYRES32], @ANYRES16=r0, @ANYRES64=r0, @ANYRES64=r0, @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYBLOB="bcbc0835b78ac910748e614f678bf56c4449cd24f00a2fdaf9287b42ab", @ANYRES32, @ANYRES32=r0, @ANYPTR, @ANYPTR64, @ANYRES64=r0, @ANYRES32=r0, @ANYPTR, @ANYRES32=r0, @ANYBLOB="d822d3ab5f7a62f6b10c82f63dc6f92139d7d214c09f299ff702a597201af1048c337e008bb4f81fbda2bd637a351d9664eef27af1b97e3b414a4d68abe6d0950f3b4abd36b528c80fb688d713083ec20358d19570a5436691f4d9475eaf22cdd9b95a5a615f88d392355829564a8decbf0dad09462e7844ada7b2402785bec6489daed3081b0a560e0b8f5b183b7b5d420b730bedece30d9d8e5faab7616e290d07b64160f564ed96df035c9fa6eb76869d63203948f91d5d2f73af2b3c57bfb89f4caee517179193a7ea1c2af8d0e06016a6e047513d2b2982b3ad7ceaaab6363df60926c5f007e63a373c4718223137f85fe9dc412eb6bd8a"], @ANYRES16=r0, @ANYRES16, @ANYRES64=r0], @ANYRES64=r0, @ANYRES64=r0, @ANYRES16=r0, @ANYBLOB="cc9dadc776b3b623da7dfb9ce13a4fc5537ce531dbaaba3f4980db285c9c937e4fe039c8312ec81b640da8edf5cd5fbfd647e8a808aa10e177c29b69d52a5681a86d8e546aa043bbd083d6805f0c02e219bc7c0a8cbdc7d12882d4202f9e43fefacf1a4e8cca13df3e111188d8e59524de2d64ff5cbf8fcb56b202624d7025a0833d6de4d25488d806690dc79876331a7e8f370429b92354e058070c018bf2aa663ddc4e8e20a8a7d74f967efaceb8115782d21926ed4165be9360aa9e30f727dac3e25fa0a5c8528f7fff8ec5c2dfc0756725541d", @ANYRES64=r0, @ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYPTR], @ANYRES64=r0, @ANYRES32=r0], 0x10b) 2018/05/15 14:04:42 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:42 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000003f000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1878.677894] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1878.678605] kmem_cache_alloc+0x2af/0x760 [ 1878.678630] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1878.678650] __kernfs_new_node+0xe7/0x580 [ 1878.678668] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1878.678687] ? lock_downgrade+0x8e0/0x8e0 [ 1878.709618] ? kasan_check_read+0x11/0x20 [ 1878.713781] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1878.718209] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1878.722808] kernfs_new_node+0x80/0xf0 [ 1878.726711] kernfs_create_link+0x33/0x180 2018/05/15 14:04:42 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000100", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1878.730964] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 1878.736266] sysfs_create_link+0x65/0xc0 [ 1878.740340] device_add+0x481/0x16d0 [ 1878.744071] ? device_private_init+0x230/0x230 [ 1878.748676] ? kfree+0x1e9/0x260 [ 1878.752068] ? kfree_const+0x5e/0x70 [ 1878.755807] device_create_groups_vargs+0x1ff/0x270 [ 1878.760847] device_create_vargs+0x46/0x60 [ 1878.765098] bdi_register_va.part.10+0xbb/0x9b0 [ 1878.769806] ? cgwb_kill+0x630/0x630 [ 1878.773533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.779076] ? bdi_init+0x416/0x510 2018/05/15 14:04:42 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1878.782712] ? wb_init+0x9e0/0x9e0 [ 1878.786272] ? bdi_alloc_node+0x67/0xe0 [ 1878.790258] ? bdi_alloc_node+0x67/0xe0 [ 1878.794256] ? rcu_read_lock_sched_held+0x108/0x120 [ 1878.799287] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1878.804582] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.810128] ? refcount_sub_and_test+0x212/0x330 [ 1878.814896] bdi_register_va+0x68/0x80 [ 1878.818792] super_setup_bdi_name+0x123/0x220 [ 1878.823296] ? kill_block_super+0x100/0x100 [ 1878.827630] ? kmem_cache_alloc_trace+0x616/0x780 2018/05/15 14:04:42 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000088000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1878.832490] fuse_fill_super+0xe6e/0x1e20 [ 1878.836655] ? fuse_get_root_inode+0x190/0x190 [ 1878.841264] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1878.846823] ? vsnprintf+0x242/0x1b40 [ 1878.850645] ? pointer+0xa20/0xa20 [ 1878.854214] ? vsprintf+0x40/0x40 [ 1878.857795] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1878.862835] ? set_blocksize+0x2c4/0x350 [ 1878.866927] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.872491] mount_bdev+0x30c/0x3e0 [ 1878.876131] ? fuse_get_root_inode+0x190/0x190 [ 1878.880740] fuse_mount_blk+0x34/0x40 [ 1878.884562] mount_fs+0xae/0x328 [ 1878.887960] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1878.892560] ? may_umount+0xb0/0xb0 [ 1878.896208] ? _raw_read_unlock+0x22/0x30 [ 1878.900377] ? __get_fs_type+0x97/0xc0 [ 1878.904275] do_mount+0x564/0x3070 [ 1878.907813] ? copy_mount_string+0x40/0x40 [ 1878.912044] ? rcu_pm_notify+0xc0/0xc0 [ 1878.915925] ? copy_mount_options+0x5f/0x380 [ 1878.920324] ? rcu_read_lock_sched_held+0x108/0x120 [ 1878.925329] ? kmem_cache_alloc_trace+0x616/0x780 [ 1878.930160] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1878.935698] ? _copy_from_user+0xdf/0x150 [ 1878.939834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1878.945355] ? copy_mount_options+0x285/0x380 [ 1878.949839] ksys_mount+0x12d/0x140 [ 1878.953452] __x64_sys_mount+0xbe/0x150 [ 1878.957412] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1878.962455] do_syscall_64+0x1b1/0x800 [ 1878.966329] ? finish_task_switch+0x1ca/0x840 [ 1878.970812] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1878.975732] ? syscall_return_slowpath+0x30f/0x5c0 [ 1878.980652] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1878.986004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1878.990842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1878.996016] RIP: 0033:0x455a09 [ 1878.999191] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1879.006885] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1879.014141] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1879.021392] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1879.028648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:42 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000002000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:42 executing program 4 (fault-call:0 fault-nth:60): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1879.035900] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1879.068591] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:42 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1879.161838] FAULT_INJECTION: forcing a failure. [ 1879.161838] name failslab, interval 1, probability 0, space 0, times 0 [ 1879.173219] CPU: 1 PID: 4260 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1879.180430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1879.189811] Call Trace: [ 1879.192422] dump_stack+0x1b9/0x294 [ 1879.196071] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1879.201278] ? __lock_acquire+0x7f5/0x5140 [ 1879.205542] should_fail.cold.4+0xa/0x1a [ 1879.209629] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1879.214752] ? graph_lock+0x170/0x170 [ 1879.218564] ? kasan_check_write+0x14/0x20 [ 1879.222818] ? find_held_lock+0x36/0x1c0 [ 1879.226896] ? __lock_is_held+0xb5/0x140 [ 1879.230977] ? check_same_owner+0x320/0x320 [ 1879.235311] ? rcu_note_context_switch+0x710/0x710 [ 1879.240259] __should_failslab+0x124/0x180 [ 1879.244514] should_failslab+0x9/0x14 [ 1879.248331] kmem_cache_alloc+0x2af/0x760 [ 1879.252513] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1879.258064] ? graph_lock+0x170/0x170 [ 1879.261886] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1879.266921] __kernfs_new_node+0xe7/0x580 [ 1879.271086] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1879.275861] ? find_held_lock+0x36/0x1c0 [ 1879.279947] ? lock_downgrade+0x8e0/0x8e0 [ 1879.284118] kernfs_new_node+0x80/0xf0 [ 1879.288025] __kernfs_create_file+0x4d/0x330 [ 1879.292455] sysfs_add_file_mode_ns+0x21a/0x560 [ 1879.297157] sysfs_create_file_ns+0x8b/0xb0 [ 1879.301497] device_create_file+0xf4/0x1e0 [ 1879.305744] ? acpi_bind_one+0x8f0/0x8f0 [ 1879.309795] device_add+0x3ec/0x16d0 [ 1879.313503] ? device_private_init+0x230/0x230 [ 1879.318076] ? kfree+0x1e9/0x260 [ 1879.321464] ? kfree_const+0x5e/0x70 [ 1879.325188] device_create_groups_vargs+0x1ff/0x270 [ 1879.330213] device_create_vargs+0x46/0x60 [ 1879.334448] bdi_register_va.part.10+0xbb/0x9b0 [ 1879.339113] ? cgwb_kill+0x630/0x630 [ 1879.342842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1879.348393] ? bdi_init+0x416/0x510 [ 1879.352026] ? wb_init+0x9e0/0x9e0 [ 1879.355583] ? bdi_alloc_node+0x67/0xe0 [ 1879.359573] ? bdi_alloc_node+0x67/0xe0 [ 1879.363561] ? rcu_read_lock_sched_held+0x108/0x120 [ 1879.368590] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1879.373872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1879.379401] ? refcount_sub_and_test+0x212/0x330 [ 1879.384153] bdi_register_va+0x68/0x80 [ 1879.388047] super_setup_bdi_name+0x123/0x220 [ 1879.393038] ? kill_block_super+0x100/0x100 [ 1879.397366] ? kmem_cache_alloc_trace+0x616/0x780 [ 1879.402219] fuse_fill_super+0xe6e/0x1e20 [ 1879.406362] ? fuse_get_root_inode+0x190/0x190 2018/05/15 14:04:43 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0&', 0x0) close(r0) [ 1879.410949] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1879.416495] ? vsnprintf+0x242/0x1b40 [ 1879.420296] ? pointer+0xa20/0xa20 [ 1879.423827] ? vsprintf+0x40/0x40 [ 1879.427277] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1879.432302] ? set_blocksize+0x2c4/0x350 [ 1879.436376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1879.441931] mount_bdev+0x30c/0x3e0 [ 1879.445569] ? fuse_get_root_inode+0x190/0x190 [ 1879.450170] fuse_mount_blk+0x34/0x40 [ 1879.453988] mount_fs+0xae/0x328 [ 1879.457367] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1879.461959] ? may_umount+0xb0/0xb0 [ 1879.465596] ? _raw_read_unlock+0x22/0x30 [ 1879.469753] ? __get_fs_type+0x97/0xc0 [ 1879.473661] do_mount+0x564/0x3070 [ 1879.477219] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1879.481631] ? copy_mount_string+0x40/0x40 [ 1879.485855] ? rcu_pm_notify+0xc0/0xc0 [ 1879.489735] ? copy_mount_options+0x5f/0x380 [ 1879.494131] ? rcu_read_lock_sched_held+0x108/0x120 [ 1879.499141] ? kmem_cache_alloc_trace+0x616/0x780 [ 1879.503978] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1879.509508] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1879.515040] ? copy_mount_options+0x285/0x380 [ 1879.519533] ksys_mount+0x12d/0x140 [ 1879.523160] __x64_sys_mount+0xbe/0x150 [ 1879.527132] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1879.532161] do_syscall_64+0x1b1/0x800 [ 1879.536057] ? finish_task_switch+0x1ca/0x840 [ 1879.540558] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1879.545501] ? syscall_return_slowpath+0x30f/0x5c0 [ 1879.550443] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1879.555823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1879.560683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1879.565869] RIP: 0033:0x455a09 [ 1879.569046] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1879.576744] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1879.584017] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1879.591284] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1879.598548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1879.605804] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:44 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x8000) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x3, 0x0) ppoll(&(0x7f00000000c0)=[{r1, 0x4440}, {r1, 0x8010}], 0x2, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)={0x20000000}, 0x8) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:44 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000070000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:44 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:44 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:44 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:44 executing program 4 (fault-call:0 fault-nth:61): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:44 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000080)={r1, 0x14}) [ 1880.397830] FAULT_INJECTION: forcing a failure. [ 1880.397830] name failslab, interval 1, probability 0, space 0, times 0 [ 1880.409201] CPU: 1 PID: 4288 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1880.416405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1880.425772] Call Trace: [ 1880.428380] dump_stack+0x1b9/0x294 [ 1880.432045] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1880.437259] should_fail.cold.4+0xa/0x1a [ 1880.441321] ? __kmalloc_track_caller+0x14a/0x760 [ 1880.446166] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1880.451275] ? device_create_groups_vargs+0x1ff/0x270 [ 1880.456452] ? device_create_vargs+0x46/0x60 [ 1880.460850] ? bdi_register_va.part.10+0xbb/0x9b0 [ 1880.465681] ? bdi_register_va+0x68/0x80 [ 1880.469728] ? super_setup_bdi_name+0x123/0x220 [ 1880.474392] ? fuse_fill_super+0xe6e/0x1e20 [ 1880.478702] ? mount_bdev+0x30c/0x3e0 [ 1880.482495] ? graph_lock+0x170/0x170 [ 1880.486289] ? ksys_mount+0x12d/0x140 [ 1880.490078] ? __x64_sys_mount+0xbe/0x150 [ 1880.494228] ? do_syscall_64+0x1b1/0x800 [ 1880.498279] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1880.503667] ? find_held_lock+0x36/0x1c0 [ 1880.507719] ? __lock_is_held+0xb5/0x140 [ 1880.511779] ? check_same_owner+0x320/0x320 [ 1880.516093] ? rcu_note_context_switch+0x710/0x710 [ 1880.521023] ? rcu_read_lock_sched_held+0x108/0x120 [ 1880.526037] __should_failslab+0x124/0x180 [ 1880.530264] should_failslab+0x9/0x14 [ 1880.534057] kmem_cache_alloc+0x2af/0x760 [ 1880.538193] ? memcpy+0x45/0x50 [ 1880.541484] ? kstrdup+0x59/0x70 [ 1880.544845] __kernfs_new_node+0xe7/0x580 [ 1880.548986] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1880.553744] ? lock_downgrade+0x8e0/0x8e0 [ 1880.557911] ? kasan_check_read+0x11/0x20 [ 1880.562067] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1880.566467] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1880.571050] kernfs_new_node+0x80/0xf0 [ 1880.574929] kernfs_create_link+0x33/0x180 [ 1880.579152] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 1880.584417] sysfs_create_link+0x65/0xc0 [ 1880.588465] device_add+0x7a0/0x16d0 [ 1880.592168] ? device_private_init+0x230/0x230 [ 1880.596735] ? kfree+0x1e9/0x260 [ 1880.600098] ? kfree_const+0x5e/0x70 [ 1880.603807] device_create_groups_vargs+0x1ff/0x270 [ 1880.608811] device_create_vargs+0x46/0x60 [ 1880.613037] bdi_register_va.part.10+0xbb/0x9b0 [ 1880.617694] ? cgwb_kill+0x630/0x630 [ 1880.621397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1880.626926] ? bdi_init+0x416/0x510 [ 1880.630546] ? wb_init+0x9e0/0x9e0 [ 1880.634082] ? bdi_alloc_node+0x67/0xe0 [ 1880.638052] ? bdi_alloc_node+0x67/0xe0 [ 1880.642028] ? rcu_read_lock_sched_held+0x108/0x120 [ 1880.647048] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1880.652317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1880.657863] ? refcount_sub_and_test+0x212/0x330 [ 1880.662613] bdi_register_va+0x68/0x80 [ 1880.666492] super_setup_bdi_name+0x123/0x220 [ 1880.670975] ? kill_block_super+0x100/0x100 [ 1880.675285] ? kmem_cache_alloc_trace+0x616/0x780 [ 1880.680124] fuse_fill_super+0xe6e/0x1e20 [ 1880.684266] ? fuse_get_root_inode+0x190/0x190 [ 1880.688839] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1880.694361] ? vsnprintf+0x242/0x1b40 [ 1880.698151] ? pointer+0xa20/0xa20 [ 1880.701683] ? vsprintf+0x40/0x40 [ 1880.705127] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1880.710134] ? set_blocksize+0x2c4/0x350 [ 1880.714186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1880.719713] mount_bdev+0x30c/0x3e0 [ 1880.723327] ? fuse_get_root_inode+0x190/0x190 [ 1880.727899] fuse_mount_blk+0x34/0x40 [ 1880.731696] mount_fs+0xae/0x328 [ 1880.735068] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1880.739654] ? may_umount+0xb0/0xb0 [ 1880.743271] ? _raw_read_unlock+0x22/0x30 [ 1880.747405] ? __get_fs_type+0x97/0xc0 [ 1880.751284] do_mount+0x564/0x3070 [ 1880.754819] ? copy_mount_string+0x40/0x40 [ 1880.759047] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1880.764055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1880.768813] ? retint_kernel+0x10/0x10 [ 1880.772696] ? copy_mount_options+0x1f0/0x380 [ 1880.777179] ? copy_mount_options+0x200/0x380 [ 1880.781679] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1880.787201] ? copy_mount_options+0x285/0x380 [ 1880.791684] ksys_mount+0x12d/0x140 [ 1880.795301] __x64_sys_mount+0xbe/0x150 [ 1880.799263] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1880.804278] do_syscall_64+0x1b1/0x800 [ 1880.808151] ? finish_task_switch+0x1ca/0x840 [ 1880.812633] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1880.817550] ? syscall_return_slowpath+0x30f/0x5c0 [ 1880.822468] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1880.827819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1880.832653] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1880.837832] RIP: 0033:0x455a09 [ 1880.841009] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1880.848712] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1880.855967] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1880.863220] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1880.870477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1880.877746] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1880.892706] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:44 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:44 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000007fffffe000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:44 executing program 4 (fault-call:0 fault-nth:62): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:44 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1881.023130] FAULT_INJECTION: forcing a failure. [ 1881.023130] name failslab, interval 1, probability 0, space 0, times 0 [ 1881.028151] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1881.034475] CPU: 1 PID: 4322 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1881.034486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1881.034497] Call Trace: [ 1881.062402] dump_stack+0x1b9/0x294 [ 1881.066065] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1881.071276] ? __mutex_lock+0x7d9/0x17f0 [ 1881.075369] should_fail.cold.4+0xa/0x1a [ 1881.079470] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1881.084602] ? kasan_kmalloc+0xc4/0xe0 [ 1881.088509] ? graph_lock+0x170/0x170 [ 1881.092335] ? find_held_lock+0x36/0x1c0 [ 1881.096431] ? __lock_is_held+0xb5/0x140 [ 1881.100536] ? __irqentry_text_end+0xd6218/0x1f98a8 [ 1881.105597] ? check_same_owner+0x320/0x320 [ 1881.109943] ? kasan_check_write+0x14/0x20 [ 1881.114205] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1881.119144] ? rcu_note_context_switch+0x710/0x710 [ 1881.124078] __should_failslab+0x124/0x180 [ 1881.128306] should_failslab+0x9/0x14 [ 1881.132101] kmem_cache_alloc+0x2af/0x760 [ 1881.136239] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1881.141160] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1881.146165] __kernfs_new_node+0xe7/0x580 [ 1881.150300] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1881.155049] ? mutex_unlock+0xd/0x10 [ 1881.158749] ? kernfs_activate+0x20e/0x2a0 [ 1881.162972] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1881.167804] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1881.173328] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1881.177905] kernfs_new_node+0x80/0xf0 [ 1881.181800] __kernfs_create_file+0x4d/0x330 [ 1881.186202] sysfs_add_file_mode_ns+0x21a/0x560 [ 1881.190880] internal_create_group+0x282/0x970 [ 1881.195474] sysfs_create_groups+0x9b/0x150 [ 1881.199783] device_add+0x84d/0x16d0 [ 1881.203488] ? device_private_init+0x230/0x230 [ 1881.208062] ? kfree+0x1e9/0x260 [ 1881.211416] ? kfree_const+0x5e/0x70 [ 1881.215119] device_create_groups_vargs+0x1ff/0x270 [ 1881.220125] device_create_vargs+0x46/0x60 [ 1881.224349] bdi_register_va.part.10+0xbb/0x9b0 [ 1881.229011] ? cgwb_kill+0x630/0x630 [ 1881.232727] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1881.238258] ? bdi_init+0x416/0x510 [ 1881.241874] ? wb_init+0x9e0/0x9e0 [ 1881.245410] ? bdi_alloc_node+0x67/0xe0 [ 1881.249369] ? bdi_alloc_node+0x67/0xe0 [ 1881.253331] ? rcu_read_lock_sched_held+0x108/0x120 [ 1881.258333] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1881.263598] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1881.269122] ? refcount_sub_and_test+0x212/0x330 [ 1881.273881] bdi_register_va+0x68/0x80 [ 1881.277767] super_setup_bdi_name+0x123/0x220 [ 1881.282249] ? kill_block_super+0x100/0x100 [ 1881.286560] ? kmem_cache_alloc_trace+0x616/0x780 [ 1881.291398] fuse_fill_super+0xe6e/0x1e20 [ 1881.295538] ? fuse_get_root_inode+0x190/0x190 [ 1881.300112] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1881.305637] ? vsnprintf+0x242/0x1b40 [ 1881.309435] ? pointer+0xa20/0xa20 [ 1881.312967] ? vsprintf+0x40/0x40 [ 1881.316409] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1881.321425] ? set_blocksize+0x2c4/0x350 [ 1881.325480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1881.331008] mount_bdev+0x30c/0x3e0 [ 1881.334631] ? fuse_get_root_inode+0x190/0x190 [ 1881.339213] fuse_mount_blk+0x34/0x40 [ 1881.343013] mount_fs+0xae/0x328 [ 1881.346378] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1881.350948] ? may_umount+0xb0/0xb0 [ 1881.354562] ? _raw_read_unlock+0x22/0x30 [ 1881.358695] ? __get_fs_type+0x97/0xc0 [ 1881.362580] do_mount+0x564/0x3070 [ 1881.366113] ? copy_mount_string+0x40/0x40 [ 1881.370343] ? rcu_pm_notify+0xc0/0xc0 [ 1881.374229] ? copy_mount_options+0x5f/0x380 [ 1881.378640] ? rcu_read_lock_sched_held+0x108/0x120 [ 1881.383662] ? kmem_cache_alloc_trace+0x616/0x780 [ 1881.388498] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1881.394753] ? _copy_from_user+0xdf/0x150 [ 1881.398899] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1881.404451] ? copy_mount_options+0x285/0x380 [ 1881.408936] ksys_mount+0x12d/0x140 [ 1881.412554] __x64_sys_mount+0xbe/0x150 [ 1881.416516] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1881.421520] do_syscall_64+0x1b1/0x800 [ 1881.425401] ? finish_task_switch+0x1ca/0x840 [ 1881.429885] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1881.434804] ? syscall_return_slowpath+0x30f/0x5c0 [ 1881.439725] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1881.445092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1881.449926] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1881.455104] RIP: 0033:0x455a09 [ 1881.458285] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1881.465980] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:45 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:45 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) [ 1881.473239] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1881.480496] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1881.487750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1881.495006] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1881.557426] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:46 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="00e11b3726b843d0780772f899e5383c0db0bbb07e8a0e8aab2fe63f30792ce84a6aec21bc35a2cb9026d6281cb5171c8a900777e28c6826c87e5e9beb028c75d6a3dbb25fcd0c8debe77b3bac35290a7152c870d7169430c270ee73ea7c6ca3882475bf74adce7ad4f658b130252c0f1f08dad11bbeb4e1a878060cc374b79e0455eb95bbfee7614c6e906357db1f32902c4239c8d5b1a4472b1e309682159c7801cd373a8e0f23d3d95d992a183f6fb586b958de891a67b1701fbe2962c8"], 0x1) 2018/05/15 14:04:46 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000006000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:46 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:46 executing program 3: r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x6) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:46 executing program 4 (fault-call:0 fault-nth:63): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:46 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:46 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:46 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1882.541218] FAULT_INJECTION: forcing a failure. [ 1882.541218] name failslab, interval 1, probability 0, space 0, times 0 [ 1882.552541] CPU: 1 PID: 4364 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1882.559759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1882.560305] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1882.569141] Call Trace: [ 1882.569171] dump_stack+0x1b9/0x294 [ 1882.569192] ? dump_stack_print_info.cold.2+0x52/0x52 2018/05/15 14:04:46 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1882.569208] ? __mutex_lock+0x7d9/0x17f0 [ 1882.569226] should_fail.cold.4+0xa/0x1a [ 1882.569245] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1882.569262] ? kasan_kmalloc+0xc4/0xe0 [ 1882.569280] ? graph_lock+0x170/0x170 [ 1882.569300] ? find_held_lock+0x36/0x1c0 [ 1882.614452] ? __lock_is_held+0xb5/0x140 [ 1882.618547] ? check_same_owner+0x320/0x320 [ 1882.622893] ? kasan_check_write+0x14/0x20 [ 1882.627157] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1882.632103] ? rcu_note_context_switch+0x710/0x710 [ 1882.637050] __should_failslab+0x124/0x180 [ 1882.641290] should_failslab+0x9/0x14 [ 1882.645087] kmem_cache_alloc+0x2af/0x760 [ 1882.649244] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1882.654176] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1882.659185] __kernfs_new_node+0xe7/0x580 [ 1882.663326] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1882.668069] ? mutex_unlock+0xd/0x10 [ 1882.671771] ? kernfs_activate+0x20e/0x2a0 [ 1882.676012] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1882.680851] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1882.686373] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1882.690950] kernfs_new_node+0x80/0xf0 [ 1882.694830] __kernfs_create_file+0x4d/0x330 [ 1882.699228] sysfs_add_file_mode_ns+0x21a/0x560 [ 1882.703889] sysfs_add_file+0x4e/0x60 [ 1882.707676] sysfs_merge_group+0xfa/0x230 [ 1882.711816] dpm_sysfs_add+0x161/0x210 [ 1882.715694] device_add+0xa11/0x16d0 [ 1882.719400] ? device_private_init+0x230/0x230 [ 1882.723970] ? kfree+0x1e9/0x260 [ 1882.727325] ? kfree_const+0x5e/0x70 [ 1882.731035] device_create_groups_vargs+0x1ff/0x270 [ 1882.736043] device_create_vargs+0x46/0x60 [ 1882.740266] bdi_register_va.part.10+0xbb/0x9b0 [ 1882.744923] ? cgwb_kill+0x630/0x630 [ 1882.748629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1882.754151] ? bdi_init+0x416/0x510 [ 1882.757761] ? wb_init+0x9e0/0x9e0 [ 1882.761287] ? bdi_alloc_node+0x67/0xe0 [ 1882.765248] ? bdi_alloc_node+0x67/0xe0 [ 1882.769211] ? rcu_read_lock_sched_held+0x108/0x120 [ 1882.774213] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1882.779478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1882.785005] ? refcount_sub_and_test+0x212/0x330 [ 1882.789753] bdi_register_va+0x68/0x80 [ 1882.793630] super_setup_bdi_name+0x123/0x220 [ 1882.798114] ? kill_block_super+0x100/0x100 [ 1882.802425] ? kmem_cache_alloc_trace+0x616/0x780 [ 1882.807259] fuse_fill_super+0xe6e/0x1e20 [ 1882.811416] ? fuse_get_root_inode+0x190/0x190 [ 1882.816001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1882.821528] ? vsnprintf+0x242/0x1b40 [ 1882.825323] ? pointer+0xa20/0xa20 [ 1882.828857] ? vsprintf+0x40/0x40 [ 1882.832302] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1882.837306] ? set_blocksize+0x2c4/0x350 [ 1882.841358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1882.846885] mount_bdev+0x30c/0x3e0 [ 1882.850500] ? fuse_get_root_inode+0x190/0x190 [ 1882.855071] fuse_mount_blk+0x34/0x40 [ 1882.858858] mount_fs+0xae/0x328 [ 1882.862217] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1882.866784] ? may_umount+0xb0/0xb0 [ 1882.870410] ? _raw_read_unlock+0x22/0x30 [ 1882.874542] ? __get_fs_type+0x97/0xc0 [ 1882.878419] do_mount+0x564/0x3070 [ 1882.881987] ? copy_mount_string+0x40/0x40 [ 1882.886243] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1882.890989] ? retint_kernel+0x10/0x10 [ 1882.894872] ? copy_mount_options+0x1f0/0x380 [ 1882.899356] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 1882.904186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1882.909712] ? copy_mount_options+0x285/0x380 [ 1882.914196] ksys_mount+0x12d/0x140 [ 1882.917811] __x64_sys_mount+0xbe/0x150 [ 1882.921772] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1882.926775] do_syscall_64+0x1b1/0x800 [ 1882.930646] ? finish_task_switch+0x1ca/0x840 [ 1882.935130] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1882.940058] ? syscall_return_slowpath+0x30f/0x5c0 [ 1882.944979] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1882.950351] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1882.955190] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1882.960373] RIP: 0033:0x455a09 [ 1882.963551] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1882.971249] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1882.978503] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1882.985756] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1882.993011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1883.000274] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:46 executing program 4 (fault-call:0 fault-nth:64): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1883.057394] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1883.142232] FAULT_INJECTION: forcing a failure. [ 1883.142232] name failslab, interval 1, probability 0, space 0, times 0 [ 1883.153667] CPU: 1 PID: 4380 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1883.160848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1883.170193] Call Trace: [ 1883.172790] dump_stack+0x1b9/0x294 [ 1883.176433] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1883.181624] ? __mutex_lock+0x7d9/0x17f0 [ 1883.185683] should_fail.cold.4+0xa/0x1a [ 1883.189756] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1883.194863] ? kasan_kmalloc+0xc4/0xe0 [ 1883.198761] ? graph_lock+0x170/0x170 [ 1883.202561] ? find_held_lock+0x36/0x1c0 [ 1883.206615] ? __lock_is_held+0xb5/0x140 [ 1883.210672] ? check_same_owner+0x320/0x320 [ 1883.214984] ? kasan_check_write+0x14/0x20 [ 1883.219220] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1883.224161] ? rcu_note_context_switch+0x710/0x710 [ 1883.229107] __should_failslab+0x124/0x180 [ 1883.233344] should_failslab+0x9/0x14 [ 1883.237149] kmem_cache_alloc+0x2af/0x760 [ 1883.241295] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1883.246226] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1883.251249] __kernfs_new_node+0xe7/0x580 [ 1883.255413] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1883.260170] ? mutex_unlock+0xd/0x10 [ 1883.263875] ? kernfs_activate+0x20e/0x2a0 [ 1883.268110] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1883.272955] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1883.278488] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1883.283089] kernfs_new_node+0x80/0xf0 [ 1883.286970] __kernfs_create_file+0x4d/0x330 [ 1883.291372] sysfs_add_file_mode_ns+0x21a/0x560 [ 1883.296052] internal_create_group+0x282/0x970 [ 1883.300649] sysfs_create_groups+0x9b/0x150 [ 1883.304975] device_add+0x84d/0x16d0 [ 1883.308687] ? device_private_init+0x230/0x230 [ 1883.313269] ? kfree+0x1e9/0x260 [ 1883.316625] ? kfree_const+0x5e/0x70 [ 1883.320331] device_create_groups_vargs+0x1ff/0x270 [ 1883.325362] device_create_vargs+0x46/0x60 [ 1883.329595] bdi_register_va.part.10+0xbb/0x9b0 [ 1883.334277] ? cgwb_kill+0x630/0x630 [ 1883.338005] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.343555] ? bdi_init+0x416/0x510 [ 1883.347186] ? wb_init+0x9e0/0x9e0 [ 1883.350723] ? bdi_alloc_node+0x67/0xe0 [ 1883.354688] ? bdi_alloc_node+0x67/0xe0 [ 1883.358649] ? rcu_read_lock_sched_held+0x108/0x120 [ 1883.363669] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1883.368941] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.374471] ? refcount_sub_and_test+0x212/0x330 [ 1883.379218] bdi_register_va+0x68/0x80 [ 1883.383102] super_setup_bdi_name+0x123/0x220 [ 1883.387601] ? kill_block_super+0x100/0x100 [ 1883.392439] ? kmem_cache_alloc_trace+0x616/0x780 [ 1883.397273] fuse_fill_super+0xe6e/0x1e20 [ 1883.401419] ? fuse_get_root_inode+0x190/0x190 [ 1883.405991] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1883.411530] ? vsnprintf+0x242/0x1b40 [ 1883.415352] ? pointer+0xa20/0xa20 [ 1883.418893] ? vsprintf+0x40/0x40 [ 1883.422336] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1883.427352] ? set_blocksize+0x2c4/0x350 [ 1883.431411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.436939] mount_bdev+0x30c/0x3e0 [ 1883.440557] ? fuse_get_root_inode+0x190/0x190 [ 1883.445139] fuse_mount_blk+0x34/0x40 [ 1883.448941] mount_fs+0xae/0x328 [ 1883.452311] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1883.456906] ? may_umount+0xb0/0xb0 [ 1883.460535] ? _raw_read_unlock+0x22/0x30 [ 1883.464684] ? __get_fs_type+0x97/0xc0 [ 1883.468573] do_mount+0x564/0x3070 [ 1883.472127] ? copy_mount_string+0x40/0x40 [ 1883.476376] ? rcu_pm_notify+0xc0/0xc0 [ 1883.480278] ? copy_mount_options+0x5f/0x380 [ 1883.484704] ? rcu_read_lock_sched_held+0x108/0x120 [ 1883.489726] ? kmem_cache_alloc_trace+0x616/0x780 [ 1883.494579] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1883.500110] ? _copy_from_user+0xdf/0x150 [ 1883.504272] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.509796] ? copy_mount_options+0x285/0x380 [ 1883.514279] ksys_mount+0x12d/0x140 [ 1883.517904] __x64_sys_mount+0xbe/0x150 [ 1883.521873] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1883.526882] do_syscall_64+0x1b1/0x800 [ 1883.530758] ? finish_task_switch+0x1ca/0x840 [ 1883.535257] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1883.540172] ? syscall_return_slowpath+0x30f/0x5c0 [ 1883.545140] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1883.550516] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1883.555367] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1883.560542] RIP: 0033:0x455a09 [ 1883.563722] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1883.571438] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1883.578700] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1883.585957] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:04:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000004000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:47 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:47 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1018}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:47 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:47 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x354) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000040)={0x87, @loopback=0x7f000001, 0x4e20, 0x2, 'rr\x00', 0x30, 0x4, 0x48}, 0x2c) 2018/05/15 14:04:47 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={0x0, @in={{0x2, 0xff, @broadcast=0xffffffff}}, 0x0, 0x6}, &(0x7f00000001c0)=0x90) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000200)={r1, 0x3f}, 0x8) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000080)={'HL\x00'}, &(0x7f00000000c0)=0x1e) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:47 executing program 4 (fault-call:0 fault-nth:65): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1883.593217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1883.600478] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1883.669730] FAULT_INJECTION: forcing a failure. [ 1883.669730] name failslab, interval 1, probability 0, space 0, times 0 [ 1883.681115] CPU: 0 PID: 4401 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1883.687764] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1883.688309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1883.688316] Call Trace: [ 1883.688347] dump_stack+0x1b9/0x294 [ 1883.688368] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1883.688383] ? __mutex_lock+0x7d9/0x17f0 [ 1883.688404] should_fail.cold.4+0xa/0x1a [ 1883.726001] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1883.731120] ? kasan_kmalloc+0xc4/0xe0 [ 1883.735025] ? graph_lock+0x170/0x170 [ 1883.738854] ? find_held_lock+0x36/0x1c0 [ 1883.742937] ? __lock_is_held+0xb5/0x140 [ 1883.747031] ? check_same_owner+0x320/0x320 [ 1883.751376] ? kasan_check_write+0x14/0x20 [ 1883.755635] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1883.760583] ? rcu_note_context_switch+0x710/0x710 [ 1883.765536] __should_failslab+0x124/0x180 [ 1883.769790] should_failslab+0x9/0x14 [ 1883.773608] kmem_cache_alloc+0x2af/0x760 [ 1883.777771] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1883.782722] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1883.787762] __kernfs_new_node+0xe7/0x580 [ 1883.791934] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1883.796706] ? mutex_unlock+0xd/0x10 [ 1883.800448] ? kernfs_activate+0x20e/0x2a0 [ 1883.804706] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1883.809560] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1883.815109] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1883.819725] kernfs_new_node+0x80/0xf0 [ 1883.823643] __kernfs_create_file+0x4d/0x330 [ 1883.828071] sysfs_add_file_mode_ns+0x21a/0x560 [ 1883.832761] internal_create_group+0x282/0x970 [ 1883.837376] sysfs_create_groups+0x9b/0x150 [ 1883.841726] device_add+0x84d/0x16d0 [ 1883.845465] ? device_private_init+0x230/0x230 [ 1883.850072] ? kfree+0x1e9/0x260 [ 1883.853464] ? kfree_const+0x5e/0x70 [ 1883.857212] device_create_groups_vargs+0x1ff/0x270 [ 1883.862261] device_create_vargs+0x46/0x60 [ 1883.866531] bdi_register_va.part.10+0xbb/0x9b0 [ 1883.871224] ? cgwb_kill+0x630/0x630 [ 1883.874966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.880526] ? bdi_init+0x416/0x510 [ 1883.884171] ? wb_init+0x9e0/0x9e0 [ 1883.887730] ? bdi_alloc_node+0x67/0xe0 [ 1883.891730] ? bdi_alloc_node+0x67/0xe0 [ 1883.895724] ? rcu_read_lock_sched_held+0x108/0x120 [ 1883.900757] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1883.906069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.911621] ? refcount_sub_and_test+0x212/0x330 [ 1883.916400] bdi_register_va+0x68/0x80 [ 1883.920329] super_setup_bdi_name+0x123/0x220 [ 1883.924848] ? kill_block_super+0x100/0x100 [ 1883.929195] ? kmem_cache_alloc_trace+0x616/0x780 [ 1883.934059] fuse_fill_super+0xe6e/0x1e20 [ 1883.938225] ? fuse_get_root_inode+0x190/0x190 [ 1883.942808] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1883.948344] ? vsnprintf+0x242/0x1b40 [ 1883.952142] ? pointer+0xa20/0xa20 [ 1883.955675] ? vsprintf+0x40/0x40 [ 1883.959118] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1883.964120] ? set_blocksize+0x2c4/0x350 [ 1883.968170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1883.973698] mount_bdev+0x30c/0x3e0 [ 1883.977316] ? fuse_get_root_inode+0x190/0x190 [ 1883.981885] fuse_mount_blk+0x34/0x40 [ 1883.985673] mount_fs+0xae/0x328 [ 1883.989033] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1883.993601] ? may_umount+0xb0/0xb0 [ 1883.997213] ? _raw_read_unlock+0x22/0x30 [ 1884.001347] ? __get_fs_type+0x97/0xc0 [ 1884.005224] do_mount+0x564/0x3070 [ 1884.008757] ? copy_mount_string+0x40/0x40 [ 1884.012979] ? rcu_pm_notify+0xc0/0xc0 [ 1884.016859] ? copy_mount_options+0x5f/0x380 [ 1884.021257] ? rcu_read_lock_sched_held+0x108/0x120 [ 1884.026264] ? kmem_cache_alloc_trace+0x616/0x780 [ 1884.031097] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1884.036627] ? _copy_from_user+0xdf/0x150 [ 1884.040765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1884.046290] ? copy_mount_options+0x285/0x380 [ 1884.050777] ksys_mount+0x12d/0x140 [ 1884.054394] __x64_sys_mount+0xbe/0x150 [ 1884.058357] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1884.063363] do_syscall_64+0x1b1/0x800 [ 1884.067238] ? finish_task_switch+0x1ca/0x840 [ 1884.071721] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1884.076637] ? syscall_return_slowpath+0x30f/0x5c0 [ 1884.081554] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1884.086907] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1884.091737] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1884.096912] RIP: 0033:0x455a09 [ 1884.100091] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1884.107787] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:47 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000000002b000", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000006000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:47 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:47 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000feffff07000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1884.115043] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1884.122298] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1884.129560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1884.136816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1884.167459] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:48 executing program 4 (fault-call:0 fault-nth:66): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:48 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:48 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:48 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000002000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:48 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:48 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x3) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000280)=ANY=[], 0xfffffffffffffdd9) openat$nullb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0\x00', 0x800, 0x0) socketpair(0xd, 0xa, 0x5, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCCONS(r0, 0x541d) getsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8) 2018/05/15 14:04:48 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) r1 = add_key$user(&(0x7f00000000c0)='user\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, &(0x7f0000000180)="a43b", 0x2, 0xffffffffffffffff) r2 = add_key$user(&(0x7f0000000280)='user\x00', &(0x7f0000000000)={0x73, 0x79, 0x7a}, &(0x7f0000000300)="94", 0x1, 0xfffffffffffffffd) r3 = add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a}, &(0x7f0000000440)="04", 0x1, 0xfffffffffffffffe) keyctl$dh_compute(0x17, &(0x7f0000000480)={r1, r2, r3}, &(0x7f00000004c0)=""/155, 0x9b, &(0x7f0000000600)={&(0x7f0000000580)={'sha3-256\x00'}, &(0x7f00000005c0)}) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:48 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:48 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:48 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000001000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1884.673624] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1884.687225] FAULT_INJECTION: forcing a failure. [ 1884.687225] name failslab, interval 1, probability 0, space 0, times 0 [ 1884.698588] CPU: 0 PID: 4497 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1884.705789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1884.715156] Call Trace: [ 1884.717766] dump_stack+0x1b9/0x294 2018/05/15 14:04:48 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1884.721418] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1884.726642] should_fail.cold.4+0xa/0x1a [ 1884.730734] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1884.735870] ? lock_release+0xa10/0xa10 [ 1884.739871] ? check_same_owner+0x320/0x320 [ 1884.744214] ? graph_lock+0x170/0x170 [ 1884.748043] ? rcu_note_context_switch+0x710/0x710 [ 1884.752991] ? find_held_lock+0x36/0x1c0 [ 1884.757176] ? find_held_lock+0x36/0x1c0 [ 1884.761266] ? __lock_is_held+0xb5/0x140 [ 1884.765361] ? check_same_owner+0x320/0x320 [ 1884.769712] ? rcu_note_context_switch+0x710/0x710 [ 1884.774664] __should_failslab+0x124/0x180 [ 1884.778921] should_failslab+0x9/0x14 [ 1884.782738] kmem_cache_alloc+0x2af/0x760 [ 1884.786909] ? kasan_check_write+0x14/0x20 [ 1884.791164] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1884.796201] __kernfs_new_node+0xe7/0x580 [ 1884.800376] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1884.805155] ? kasan_check_write+0x14/0x20 [ 1884.809394] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1884.814324] ? graph_lock+0x170/0x170 [ 1884.818124] ? wait_for_completion+0x870/0x870 [ 1884.822705] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1884.828235] kernfs_new_node+0x80/0xf0 [ 1884.832120] __kernfs_create_file+0x4d/0x330 [ 1884.836523] sysfs_add_file_mode_ns+0x21a/0x560 [ 1884.841186] sysfs_add_file+0x4e/0x60 [ 1884.844980] sysfs_merge_group+0xfa/0x230 [ 1884.849127] dpm_sysfs_add+0x161/0x210 [ 1884.853003] device_add+0xa11/0x16d0 [ 1884.856712] ? device_private_init+0x230/0x230 [ 1884.861278] ? kfree+0x1e9/0x260 [ 1884.864632] ? kfree_const+0x5e/0x70 [ 1884.868337] device_create_groups_vargs+0x1ff/0x270 [ 1884.873343] device_create_vargs+0x46/0x60 [ 1884.877565] bdi_register_va.part.10+0xbb/0x9b0 [ 1884.882222] ? cgwb_kill+0x630/0x630 [ 1884.885930] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1884.891454] ? bdi_init+0x416/0x510 [ 1884.895068] ? wb_init+0x9e0/0x9e0 [ 1884.898595] ? bdi_alloc_node+0x67/0xe0 [ 1884.902552] ? bdi_alloc_node+0x67/0xe0 [ 1884.906559] ? rcu_read_lock_sched_held+0x108/0x120 [ 1884.911565] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1884.916831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1884.922361] ? refcount_sub_and_test+0x212/0x330 [ 1884.927111] bdi_register_va+0x68/0x80 [ 1884.930988] super_setup_bdi_name+0x123/0x220 [ 1884.935471] ? kill_block_super+0x100/0x100 [ 1884.939780] ? kmem_cache_alloc_trace+0x616/0x780 [ 1884.944614] fuse_fill_super+0xe6e/0x1e20 [ 1884.948752] ? fuse_get_root_inode+0x190/0x190 [ 1884.953326] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1884.958849] ? vsnprintf+0x242/0x1b40 [ 1884.962642] ? pointer+0xa20/0xa20 [ 1884.966192] ? vsprintf+0x40/0x40 [ 1884.969645] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1884.974653] ? set_blocksize+0x2c4/0x350 [ 1884.978706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1884.984235] mount_bdev+0x30c/0x3e0 [ 1884.987848] ? fuse_get_root_inode+0x190/0x190 [ 1884.992421] fuse_mount_blk+0x34/0x40 [ 1884.996209] mount_fs+0xae/0x328 [ 1884.999571] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1885.004141] ? may_umount+0xb0/0xb0 [ 1885.007753] ? _raw_read_unlock+0x22/0x30 [ 1885.011884] ? __get_fs_type+0x97/0xc0 [ 1885.015760] do_mount+0x564/0x3070 [ 1885.019288] ? copy_mount_string+0x40/0x40 [ 1885.023508] ? rcu_pm_notify+0xc0/0xc0 [ 1885.027385] ? copy_mount_options+0x5f/0x380 [ 1885.031777] ? rcu_read_lock_sched_held+0x108/0x120 [ 1885.036778] ? kmem_cache_alloc_trace+0x616/0x780 [ 1885.041609] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1885.047146] ? _copy_from_user+0xdf/0x150 [ 1885.051283] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1885.056807] ? copy_mount_options+0x285/0x380 [ 1885.061288] ksys_mount+0x12d/0x140 [ 1885.064901] __x64_sys_mount+0xbe/0x150 [ 1885.068862] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1885.073864] do_syscall_64+0x1b1/0x800 [ 1885.077739] ? finish_task_switch+0x1ca/0x840 [ 1885.082225] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1885.087139] ? syscall_return_slowpath+0x30f/0x5c0 [ 1885.092055] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1885.097410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1885.102246] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1885.107420] RIP: 0033:0x455a09 [ 1885.110591] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1885.118286] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:04:48 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000003000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:48 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1885.125538] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1885.132793] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1885.140046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1885.147303] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:48 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x0) write$binfmt_elf64(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="9fc0ba467565d5e3dc32b3e2fc49b1c6345c837fede203b1fa500d4da0251bbb653eb4eee9c089305a0b9db84236fcab31858c1cd9b4a27d0191ad1a1e5782062d0eadb26926cfa12b8feb6bb7daa47b062be1f34e1337206aaa6ff6e526f3a7919f1aa41a8dce18b4e2ee9d518d7121"], 0x1) signalfd4(r0, &(0x7f0000000000)={0x7}, 0x8, 0x0) 2018/05/15 14:04:49 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x53}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:49 executing program 4 (fault-call:0 fault-nth:67): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:49 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1885.298315] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1885.332483] FAULT_INJECTION: forcing a failure. [ 1885.332483] name failslab, interval 1, probability 0, space 0, times 0 [ 1885.343834] CPU: 0 PID: 4531 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1885.351037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1885.360406] Call Trace: [ 1885.363026] dump_stack+0x1b9/0x294 [ 1885.366692] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1885.371923] should_fail.cold.4+0xa/0x1a [ 1885.376000] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1885.381126] ? lock_release+0xa10/0xa10 [ 1885.385121] ? check_same_owner+0x320/0x320 [ 1885.389455] ? graph_lock+0x170/0x170 [ 1885.393267] ? rcu_note_context_switch+0x710/0x710 [ 1885.398215] ? find_held_lock+0x36/0x1c0 [ 1885.402304] ? find_held_lock+0x36/0x1c0 [ 1885.406389] ? __lock_is_held+0xb5/0x140 [ 1885.410480] ? check_same_owner+0x320/0x320 [ 1885.414821] ? rcu_note_context_switch+0x710/0x710 [ 1885.419775] __should_failslab+0x124/0x180 [ 1885.424033] should_failslab+0x9/0x14 [ 1885.427859] kmem_cache_alloc+0x2af/0x760 [ 1885.432035] ? kasan_check_write+0x14/0x20 [ 1885.436298] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1885.441340] __kernfs_new_node+0xe7/0x580 [ 1885.445515] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1885.450306] ? kasan_check_write+0x14/0x20 [ 1885.454565] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1885.459615] ? graph_lock+0x170/0x170 [ 1885.463447] ? wait_for_completion+0x870/0x870 [ 1885.468061] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1885.473632] kernfs_new_node+0x80/0xf0 [ 1885.477541] __kernfs_create_file+0x4d/0x330 [ 1885.481972] sysfs_add_file_mode_ns+0x21a/0x560 [ 1885.486668] sysfs_add_file+0x4e/0x60 [ 1885.490491] sysfs_merge_group+0xfa/0x230 [ 1885.494664] dpm_sysfs_add+0x161/0x210 [ 1885.498582] device_add+0xa11/0x16d0 [ 1885.502321] ? device_private_init+0x230/0x230 [ 1885.506914] ? kfree+0x1e9/0x260 [ 1885.510299] ? kfree_const+0x5e/0x70 [ 1885.514029] device_create_groups_vargs+0x1ff/0x270 [ 1885.519064] device_create_vargs+0x46/0x60 [ 1885.523297] bdi_register_va.part.10+0xbb/0x9b0 [ 1885.528327] ? cgwb_kill+0x630/0x630 [ 1885.532055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1885.537593] ? bdi_init+0x416/0x510 [ 1885.541219] ? wb_init+0x9e0/0x9e0 [ 1885.544753] ? bdi_alloc_node+0x67/0xe0 [ 1885.548717] ? bdi_alloc_node+0x67/0xe0 [ 1885.552699] ? rcu_read_lock_sched_held+0x108/0x120 [ 1885.557750] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1885.563046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1885.568601] ? refcount_sub_and_test+0x212/0x330 [ 1885.573382] bdi_register_va+0x68/0x80 [ 1885.577294] super_setup_bdi_name+0x123/0x220 [ 1885.581812] ? kill_block_super+0x100/0x100 [ 1885.586155] ? kmem_cache_alloc_trace+0x616/0x780 [ 1885.591025] fuse_fill_super+0xe6e/0x1e20 [ 1885.595195] ? fuse_get_root_inode+0x190/0x190 [ 1885.599822] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1885.605347] ? vsnprintf+0x242/0x1b40 [ 1885.609142] ? pointer+0xa20/0xa20 [ 1885.612690] ? vsprintf+0x40/0x40 [ 1885.616148] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1885.621164] ? set_blocksize+0x2c4/0x350 [ 1885.625227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1885.630754] mount_bdev+0x30c/0x3e0 [ 1885.634377] ? fuse_get_root_inode+0x190/0x190 [ 1885.638959] fuse_mount_blk+0x34/0x40 [ 1885.642755] mount_fs+0xae/0x328 [ 1885.646116] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1885.650686] ? may_umount+0xb0/0xb0 [ 1885.654300] ? _raw_read_unlock+0x22/0x30 [ 1885.658441] ? __get_fs_type+0x97/0xc0 [ 1885.662322] do_mount+0x564/0x3070 [ 1885.665853] ? copy_mount_string+0x40/0x40 [ 1885.670079] ? rcu_pm_notify+0xc0/0xc0 [ 1885.673957] ? copy_mount_options+0x5f/0x380 [ 1885.678356] ? rcu_read_lock_sched_held+0x108/0x120 [ 1885.683360] ? kmem_cache_alloc_trace+0x616/0x780 [ 1885.688196] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1885.693722] ? _copy_from_user+0xdf/0x150 [ 1885.697880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1885.703429] ? copy_mount_options+0x285/0x380 [ 1885.707941] ksys_mount+0x12d/0x140 [ 1885.711569] __x64_sys_mount+0xbe/0x150 [ 1885.715533] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1885.720539] do_syscall_64+0x1b1/0x800 [ 1885.724419] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1885.729248] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1885.734163] ? syscall_return_slowpath+0x30f/0x5c0 [ 1885.739081] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1885.744434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1885.749264] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1885.754441] RIP: 0033:0x455a09 [ 1885.757613] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1885.765304] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1885.772558] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1885.779811] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1885.787071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:49 executing program 3: r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:49 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:49 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000070000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:49 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530ff", 0x0) close(r0) 2018/05/15 14:04:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000feffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:49 executing program 4 (fault-call:0 fault-nth:68): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:49 executing program 2: syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x16040) r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f0000000480)=[{&(0x7f0000000100)=""/193}, {&(0x7f0000000200)=""/244}, {&(0x7f0000000300)=""/255}, {&(0x7f0000000400)=""/107, 0x33f}], 0x1) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f00000004c0)={0x0, 0x0, [0x80000001, 0xcba6, 0x101, 0x7]}) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="ff"], 0x1) 2018/05/15 14:04:49 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x73000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1885.794324] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1885.896338] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1885.912381] FAULT_INJECTION: forcing a failure. [ 1885.912381] name failslab, interval 1, probability 0, space 0, times 0 [ 1885.923772] CPU: 0 PID: 4569 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1885.930971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1885.940338] Call Trace: [ 1885.942955] dump_stack+0x1b9/0x294 [ 1885.946607] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1885.951815] ? kernel_text_address+0x79/0xf0 [ 1885.956291] ? __unwind_start+0x166/0x330 [ 1885.960466] ? __kernel_text_address+0xd/0x40 [ 1885.965007] should_fail.cold.4+0xa/0x1a [ 1885.969099] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1885.974228] ? save_stack+0xa9/0xd0 [ 1885.977884] ? graph_lock+0x170/0x170 [ 1885.981703] ? kasan_kmalloc+0xc4/0xe0 [ 1885.985617] ? kmem_cache_alloc_trace+0x152/0x780 [ 1885.990476] ? kobject_uevent_env+0x20f/0xea0 2018/05/15 14:04:49 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff9c}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:49 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000007000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1885.994988] ? kobject_uevent+0x1f/0x30 [ 1885.998972] ? device_add+0xb01/0x16d0 [ 1886.002881] ? device_create_groups_vargs+0x1ff/0x270 [ 1886.008094] ? find_held_lock+0x36/0x1c0 [ 1886.012164] ? __lock_is_held+0xb5/0x140 [ 1886.016246] ? check_same_owner+0x320/0x320 [ 1886.020588] ? rcu_note_context_switch+0x710/0x710 [ 1886.025542] __should_failslab+0x124/0x180 [ 1886.029804] should_failslab+0x9/0x14 [ 1886.033644] __kmalloc+0x2c8/0x760 [ 1886.037215] ? kobject_uevent_env+0x20f/0xea0 [ 1886.041719] ? rcu_read_lock_sched_held+0x108/0x120 2018/05/15 14:04:49 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5400000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1886.046745] ? kobject_get_path+0xc2/0x1a0 [ 1886.050999] kobject_get_path+0xc2/0x1a0 [ 1886.055077] kobject_uevent_env+0x234/0xea0 [ 1886.059412] ? device_pm_add+0x221/0x340 [ 1886.063497] kobject_uevent+0x1f/0x30 [ 1886.067307] device_add+0xb01/0x16d0 [ 1886.071041] ? device_private_init+0x230/0x230 [ 1886.075641] ? kfree+0x1e9/0x260 [ 1886.079027] ? kfree_const+0x5e/0x70 [ 1886.082757] device_create_groups_vargs+0x1ff/0x270 [ 1886.087788] device_create_vargs+0x46/0x60 [ 1886.092043] bdi_register_va.part.10+0xbb/0x9b0 2018/05/15 14:04:49 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1886.096724] ? cgwb_kill+0x630/0x630 [ 1886.100456] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1886.106009] ? bdi_init+0x416/0x510 [ 1886.109648] ? wb_init+0x9e0/0x9e0 [ 1886.113198] ? bdi_alloc_node+0x67/0xe0 [ 1886.117176] ? bdi_alloc_node+0x67/0xe0 [ 1886.121165] ? rcu_read_lock_sched_held+0x108/0x120 [ 1886.126194] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1886.131489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1886.137046] ? refcount_sub_and_test+0x212/0x330 [ 1886.141813] bdi_register_va+0x68/0x80 [ 1886.145696] super_setup_bdi_name+0x123/0x220 [ 1886.150184] ? kill_block_super+0x100/0x100 [ 1886.154501] ? kmem_cache_alloc_trace+0x616/0x780 [ 1886.159360] fuse_fill_super+0xe6e/0x1e20 [ 1886.163500] ? fuse_get_root_inode+0x190/0x190 [ 1886.168080] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1886.173600] ? vsnprintf+0x242/0x1b40 [ 1886.177388] ? pointer+0xa20/0xa20 [ 1886.180918] ? vsprintf+0x40/0x40 [ 1886.184377] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1886.189377] ? set_blocksize+0x2c4/0x350 [ 1886.193425] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1886.198966] mount_bdev+0x30c/0x3e0 [ 1886.202581] ? fuse_get_root_inode+0x190/0x190 [ 1886.207152] fuse_mount_blk+0x34/0x40 [ 1886.210954] mount_fs+0xae/0x328 [ 1886.214317] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1886.218888] ? may_umount+0xb0/0xb0 [ 1886.222498] ? _raw_read_unlock+0x22/0x30 [ 1886.226631] ? __get_fs_type+0x97/0xc0 [ 1886.230506] do_mount+0x564/0x3070 [ 1886.234038] ? copy_mount_string+0x40/0x40 [ 1886.238261] ? rcu_pm_notify+0xc0/0xc0 [ 1886.242160] ? copy_mount_options+0x5f/0x380 [ 1886.246570] ? rcu_read_lock_sched_held+0x108/0x120 [ 1886.251582] ? kmem_cache_alloc_trace+0x616/0x780 [ 1886.256412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1886.261935] ? _copy_from_user+0xdf/0x150 [ 1886.266074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1886.271606] ? copy_mount_options+0x285/0x380 [ 1886.276103] ksys_mount+0x12d/0x140 [ 1886.279746] __x64_sys_mount+0xbe/0x150 [ 1886.283705] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1886.288707] do_syscall_64+0x1b1/0x800 [ 1886.292595] ? finish_task_switch+0x1ca/0x840 [ 1886.297079] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1886.302005] ? syscall_return_slowpath+0x30f/0x5c0 [ 1886.306929] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1886.312282] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1886.317115] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1886.322378] RIP: 0033:0x455a09 [ 1886.325559] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1886.333254] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1886.340506] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:04:50 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="dc49fe765b8b760c652b3c02adf44242a37080"], 0x1) [ 1886.347760] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1886.355025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1886.362277] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:50 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000011000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1886.400102] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:50 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x100000000000003d) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) ioctl$sock_netrom_TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) 2018/05/15 14:04:50 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000400000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:50 executing program 4 (fault-call:0 fault-nth:69): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:50 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:50 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:50 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) lseek(r0, 0x0, 0x3) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000040)=0xa7, &(0x7f0000000080)=0x4) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES64=r0], @ANYRES16=r0], 0xa) 2018/05/15 14:04:50 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:50 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000ffffffe400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1887.278891] FAULT_INJECTION: forcing a failure. [ 1887.278891] name failslab, interval 1, probability 0, space 0, times 0 [ 1887.290334] CPU: 0 PID: 4620 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1887.297542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1887.306907] Call Trace: [ 1887.309531] dump_stack+0x1b9/0x294 [ 1887.313185] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1887.318402] ? __mutex_lock+0x7d9/0x17f0 [ 1887.322504] should_fail.cold.4+0xa/0x1a [ 1887.326581] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1887.331688] ? kasan_kmalloc+0xc4/0xe0 [ 1887.335577] ? graph_lock+0x170/0x170 [ 1887.339373] ? find_held_lock+0x36/0x1c0 [ 1887.343537] ? __lock_is_held+0xb5/0x140 [ 1887.347599] ? check_same_owner+0x320/0x320 [ 1887.351909] ? kasan_check_write+0x14/0x20 [ 1887.356133] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1887.361053] ? rcu_note_context_switch+0x710/0x710 [ 1887.365997] __should_failslab+0x124/0x180 [ 1887.370229] should_failslab+0x9/0x14 [ 1887.374024] kmem_cache_alloc+0x2af/0x760 [ 1887.378168] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1887.383087] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1887.388092] __kernfs_new_node+0xe7/0x580 [ 1887.392242] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1887.397012] ? mutex_unlock+0xd/0x10 [ 1887.400721] ? kernfs_activate+0x20e/0x2a0 [ 1887.404964] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1887.409816] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1887.415339] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1887.419915] kernfs_new_node+0x80/0xf0 [ 1887.423793] __kernfs_create_file+0x4d/0x330 [ 1887.428188] sysfs_add_file_mode_ns+0x21a/0x560 [ 1887.432847] sysfs_add_file+0x4e/0x60 [ 1887.436635] sysfs_merge_group+0xfa/0x230 [ 1887.440775] dpm_sysfs_add+0x161/0x210 [ 1887.444665] device_add+0xa11/0x16d0 [ 1887.448373] ? device_private_init+0x230/0x230 [ 1887.452948] ? kfree+0x1e9/0x260 [ 1887.456644] ? kfree_const+0x5e/0x70 [ 1887.460356] device_create_groups_vargs+0x1ff/0x270 [ 1887.465369] device_create_vargs+0x46/0x60 [ 1887.469610] bdi_register_va.part.10+0xbb/0x9b0 [ 1887.474265] ? cgwb_kill+0x630/0x630 [ 1887.477984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1887.483513] ? bdi_init+0x416/0x510 [ 1887.487126] ? wb_init+0x9e0/0x9e0 [ 1887.490653] ? bdi_alloc_node+0x67/0xe0 [ 1887.494612] ? bdi_alloc_node+0x67/0xe0 [ 1887.498574] ? rcu_read_lock_sched_held+0x108/0x120 [ 1887.503578] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1887.508844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1887.514372] ? refcount_sub_and_test+0x212/0x330 [ 1887.519116] bdi_register_va+0x68/0x80 [ 1887.522995] super_setup_bdi_name+0x123/0x220 [ 1887.527482] ? kill_block_super+0x100/0x100 [ 1887.531808] ? kmem_cache_alloc_trace+0x616/0x780 [ 1887.536643] fuse_fill_super+0xe6e/0x1e20 [ 1887.540782] ? fuse_get_root_inode+0x190/0x190 [ 1887.545353] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1887.550875] ? vsnprintf+0x242/0x1b40 [ 1887.554667] ? pointer+0xa20/0xa20 [ 1887.558198] ? vsprintf+0x40/0x40 [ 1887.561639] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1887.566639] ? set_blocksize+0x2c4/0x350 [ 1887.570689] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1887.576215] mount_bdev+0x30c/0x3e0 [ 1887.579829] ? fuse_get_root_inode+0x190/0x190 [ 1887.584400] fuse_mount_blk+0x34/0x40 [ 1887.588188] mount_fs+0xae/0x328 [ 1887.591543] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1887.596114] ? may_umount+0xb0/0xb0 [ 1887.599728] ? _raw_read_unlock+0x22/0x30 [ 1887.603861] ? __get_fs_type+0x97/0xc0 [ 1887.607739] do_mount+0x564/0x3070 [ 1887.611269] ? copy_mount_string+0x40/0x40 [ 1887.615489] ? rcu_pm_notify+0xc0/0xc0 [ 1887.619368] ? copy_mount_options+0x5f/0x380 [ 1887.623764] ? rcu_read_lock_sched_held+0x108/0x120 [ 1887.628775] ? kmem_cache_alloc_trace+0x616/0x780 [ 1887.633610] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1887.639135] ? copy_mount_options+0x285/0x380 [ 1887.643619] ksys_mount+0x12d/0x140 [ 1887.647247] __x64_sys_mount+0xbe/0x150 [ 1887.651224] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1887.656227] do_syscall_64+0x1b1/0x800 [ 1887.660109] ? finish_task_switch+0x1ca/0x840 [ 1887.664589] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1887.669504] ? syscall_return_slowpath+0x30f/0x5c0 [ 1887.674425] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1887.679777] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1887.684620] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1887.689795] RIP: 0033:0x455a09 [ 1887.692970] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1887.700664] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1887.707918] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1887.715175] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1887.722427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:51 executing program 4 (fault-call:0 fault-nth:70): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:51 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000110000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:51 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1887.729679] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1887.765592] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1887.832373] FAULT_INJECTION: forcing a failure. [ 1887.832373] name failslab, interval 1, probability 0, space 0, times 0 [ 1887.843842] CPU: 1 PID: 4643 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1887.851044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1887.860408] Call Trace: [ 1887.863020] dump_stack+0x1b9/0x294 [ 1887.866670] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1887.871876] ? __mutex_lock+0x7d9/0x17f0 [ 1887.875960] should_fail.cold.4+0xa/0x1a 2018/05/15 14:04:51 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:51 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1887.880040] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1887.885156] ? kasan_kmalloc+0xc4/0xe0 [ 1887.889060] ? graph_lock+0x170/0x170 [ 1887.892878] ? find_held_lock+0x36/0x1c0 [ 1887.896955] ? __lock_is_held+0xb5/0x140 [ 1887.901045] ? check_same_owner+0x320/0x320 [ 1887.905402] ? kasan_check_write+0x14/0x20 [ 1887.909660] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1887.914617] ? rcu_note_context_switch+0x710/0x710 [ 1887.919567] __should_failslab+0x124/0x180 [ 1887.923817] should_failslab+0x9/0x14 [ 1887.927634] kmem_cache_alloc+0x2af/0x760 2018/05/15 14:04:51 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1887.931798] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1887.936749] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1887.941785] __kernfs_new_node+0xe7/0x580 [ 1887.945950] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1887.950720] ? mutex_unlock+0xd/0x10 [ 1887.954446] ? kernfs_activate+0x20e/0x2a0 [ 1887.958693] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1887.963558] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1887.969116] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1887.973717] kernfs_new_node+0x80/0xf0 [ 1887.977618] __kernfs_create_file+0x4d/0x330 [ 1887.982044] sysfs_add_file_mode_ns+0x21a/0x560 [ 1887.986726] sysfs_add_file+0x4e/0x60 [ 1887.990536] sysfs_merge_group+0xfa/0x230 [ 1887.994702] dpm_sysfs_add+0x161/0x210 [ 1887.998599] device_add+0xa11/0x16d0 [ 1888.002332] ? device_private_init+0x230/0x230 [ 1888.006944] ? kfree+0x1e9/0x260 [ 1888.010320] ? kfree_const+0x5e/0x70 [ 1888.014046] device_create_groups_vargs+0x1ff/0x270 [ 1888.019081] device_create_vargs+0x46/0x60 [ 1888.023317] bdi_register_va.part.10+0xbb/0x9b0 [ 1888.027975] ? cgwb_kill+0x630/0x630 [ 1888.031679] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.037204] ? bdi_init+0x416/0x510 [ 1888.040816] ? wb_init+0x9e0/0x9e0 [ 1888.044340] ? bdi_alloc_node+0x67/0xe0 [ 1888.048297] ? bdi_alloc_node+0x67/0xe0 [ 1888.052256] ? rcu_read_lock_sched_held+0x108/0x120 [ 1888.057259] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1888.062526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.068053] ? refcount_sub_and_test+0x212/0x330 [ 1888.072801] bdi_register_va+0x68/0x80 [ 1888.076683] super_setup_bdi_name+0x123/0x220 [ 1888.081163] ? kill_block_super+0x100/0x100 [ 1888.085469] ? kmem_cache_alloc_trace+0x616/0x780 [ 1888.090305] fuse_fill_super+0xe6e/0x1e20 [ 1888.094446] ? fuse_get_root_inode+0x190/0x190 [ 1888.099029] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1888.104551] ? vsnprintf+0x242/0x1b40 [ 1888.108358] ? pointer+0xa20/0xa20 [ 1888.111893] ? vsprintf+0x40/0x40 [ 1888.115348] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1888.120358] ? set_blocksize+0x2c4/0x350 [ 1888.124407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.129932] mount_bdev+0x30c/0x3e0 [ 1888.133545] ? fuse_get_root_inode+0x190/0x190 [ 1888.138122] fuse_mount_blk+0x34/0x40 [ 1888.141919] mount_fs+0xae/0x328 [ 1888.145274] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1888.149847] ? may_umount+0xb0/0xb0 [ 1888.153458] ? _raw_read_unlock+0x22/0x30 [ 1888.157613] ? __get_fs_type+0x97/0xc0 [ 1888.161493] do_mount+0x564/0x3070 [ 1888.165033] ? copy_mount_string+0x40/0x40 [ 1888.169255] ? rcu_pm_notify+0xc0/0xc0 [ 1888.173146] ? copy_mount_options+0x5f/0x380 [ 1888.177544] ? rcu_read_lock_sched_held+0x108/0x120 [ 1888.182549] ? kmem_cache_alloc_trace+0x616/0x780 [ 1888.187399] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1888.192924] ? _copy_from_user+0xdf/0x150 [ 1888.197063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.202583] ? copy_mount_options+0x285/0x380 [ 1888.207086] ksys_mount+0x12d/0x140 [ 1888.210704] __x64_sys_mount+0xbe/0x150 [ 1888.214681] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1888.219685] do_syscall_64+0x1b1/0x800 [ 1888.223559] ? finish_task_switch+0x1ca/0x840 [ 1888.228041] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1888.232960] ? syscall_return_slowpath+0x30f/0x5c0 [ 1888.237892] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1888.243247] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1888.248089] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1888.253274] RIP: 0033:0x455a09 [ 1888.256471] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1888.264165] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1888.271420] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1888.278687] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1888.285940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1888.293222] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1888.327495] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:52 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=@gettaction={0x108, 0x32, 0x601, 0x70bd29, 0x25dfdbfd, {0x0, 0x8, 0x1}, [@action_gd=@TCA_ACT_TAB={0x78, 0x1, [{0x10, 0xb, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x14, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x6, @TCA_ACT_INDEX={0x8, 0x3, 0x7fff}}, {0x10, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfff}}, {0x10, 0xe, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0x1d, @TCA_ACT_INDEX={0x8, 0x3, 0x3f}}, {0x14, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'sample\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x24, 0x1, [{0x10, 0x17, @TCA_ACT_INDEX={0x8, 0x3, 0xec8b}}, {0x10, 0xec9e, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2}, @action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0x10, 0x2, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0x10, 0x6, @TCA_ACT_INDEX={0x8, 0x3, 0xded9}}, {0x10, 0x2, @TCA_ACT_INDEX={0x8, 0x3, 0x2f}}, {0x18, 0x1d, @TCA_ACT_KIND={0x10, 0x1, 'connmark\x00'}}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x2400c080}, 0xc000) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="9f00"], 0x1) 2018/05/15 14:04:52 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0&', 0x0) close(r0) 2018/05/15 14:04:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:52 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:52 executing program 4 (fault-call:0 fault-nth:71): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:52 executing program 3: r0 = socket$pppoe(0x18, 0x1, 0x0) ioctl(r0, 0x38e3, &(0x7f0000000080)="4a32f1abe1ff8df956b30eaae5fb7e7e37e79bb23c4680171d78e9bfc27e234b29d494236555b37b935f0663665b77ae9f8464a5cdaf5c73f9e1307bdce9f05b345ff406e66968c50ffd434e67a4c5f2d07938af5db4264976e1ed1be401b26bfa15") r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) fchdir(r1) accept$ax25(r1, &(0x7f0000000100), &(0x7f0000000140)=0x10) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x80000, 0x0) getpeername$netlink(r1, &(0x7f0000000040), &(0x7f0000000180)=0xc) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:52 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000007fffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:52 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1888.485367] FAULT_INJECTION: forcing a failure. [ 1888.485367] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.496489] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1888.496783] CPU: 0 PID: 4693 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1888.512660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1888.522024] Call Trace: [ 1888.524636] dump_stack+0x1b9/0x294 [ 1888.528289] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1888.533499] ? __mutex_lock+0x7d9/0x17f0 [ 1888.537586] should_fail.cold.4+0xa/0x1a [ 1888.541670] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1888.546796] ? kasan_kmalloc+0xc4/0xe0 [ 1888.550707] ? graph_lock+0x170/0x170 [ 1888.554539] ? find_held_lock+0x36/0x1c0 [ 1888.559356] ? __lock_is_held+0xb5/0x140 [ 1888.563452] ? check_same_owner+0x320/0x320 [ 1888.567795] ? kasan_check_write+0x14/0x20 [ 1888.572050] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1888.577002] ? rcu_note_context_switch+0x710/0x710 [ 1888.581952] __should_failslab+0x124/0x180 [ 1888.586206] should_failslab+0x9/0x14 [ 1888.590030] kmem_cache_alloc+0x2af/0x760 [ 1888.594197] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1888.599149] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1888.604196] __kernfs_new_node+0xe7/0x580 [ 1888.608360] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1888.613114] ? mutex_unlock+0xd/0x10 [ 1888.616822] ? kernfs_activate+0x20e/0x2a0 [ 1888.621054] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1888.625894] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1888.631417] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1888.635992] kernfs_new_node+0x80/0xf0 [ 1888.639872] __kernfs_create_file+0x4d/0x330 [ 1888.644267] sysfs_add_file_mode_ns+0x21a/0x560 [ 1888.648928] sysfs_add_file+0x4e/0x60 [ 1888.652718] sysfs_merge_group+0xfa/0x230 [ 1888.656855] dpm_sysfs_add+0x161/0x210 [ 1888.660727] device_add+0xa11/0x16d0 [ 1888.664430] ? device_private_init+0x230/0x230 [ 1888.668997] ? kfree+0x1e9/0x260 [ 1888.672356] ? kfree_const+0x5e/0x70 [ 1888.676057] device_create_groups_vargs+0x1ff/0x270 [ 1888.681061] device_create_vargs+0x46/0x60 [ 1888.685282] bdi_register_va.part.10+0xbb/0x9b0 [ 1888.689938] ? cgwb_kill+0x630/0x630 [ 1888.693641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.699164] ? bdi_init+0x416/0x510 [ 1888.702775] ? wb_init+0x9e0/0x9e0 [ 1888.706303] ? bdi_alloc_node+0x67/0xe0 [ 1888.710265] ? bdi_alloc_node+0x67/0xe0 [ 1888.714232] ? rcu_read_lock_sched_held+0x108/0x120 [ 1888.719241] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1888.724512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.730042] ? refcount_sub_and_test+0x212/0x330 [ 1888.734789] bdi_register_va+0x68/0x80 [ 1888.738665] super_setup_bdi_name+0x123/0x220 [ 1888.743146] ? kill_block_super+0x100/0x100 [ 1888.747453] ? kmem_cache_alloc_trace+0x616/0x780 [ 1888.752288] fuse_fill_super+0xe6e/0x1e20 [ 1888.756428] ? fuse_get_root_inode+0x190/0x190 [ 1888.761002] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1888.766541] ? vsnprintf+0x242/0x1b40 [ 1888.770337] ? pointer+0xa20/0xa20 [ 1888.773869] ? vsprintf+0x40/0x40 [ 1888.777308] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1888.782310] ? set_blocksize+0x2c4/0x350 [ 1888.786374] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.791899] mount_bdev+0x30c/0x3e0 [ 1888.795516] ? fuse_get_root_inode+0x190/0x190 [ 1888.800089] fuse_mount_blk+0x34/0x40 [ 1888.803910] mount_fs+0xae/0x328 [ 1888.807286] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1888.811858] ? may_umount+0xb0/0xb0 [ 1888.815471] ? _raw_read_unlock+0x22/0x30 [ 1888.819604] ? __get_fs_type+0x97/0xc0 [ 1888.823480] do_mount+0x564/0x3070 [ 1888.827009] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1888.831409] ? copy_mount_string+0x40/0x40 [ 1888.835630] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1888.840633] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1888.845375] ? retint_kernel+0x10/0x10 [ 1888.849252] ? copy_mount_options+0x1d9/0x380 [ 1888.853734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1888.859255] ? copy_mount_options+0x285/0x380 [ 1888.863737] ksys_mount+0x12d/0x140 [ 1888.867354] __x64_sys_mount+0xbe/0x150 [ 1888.871312] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1888.876330] do_syscall_64+0x1b1/0x800 [ 1888.880218] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1888.885048] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1888.889967] ? syscall_return_slowpath+0x30f/0x5c0 [ 1888.894887] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1888.900244] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1888.905075] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1888.910246] RIP: 0033:0x455a09 [ 1888.913421] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1888.921114] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1888.928368] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:04:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:52 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1888.935624] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1888.942880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1888.950142] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:52 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000050000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:52 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000300", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1888.999738] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:52 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000100", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:52 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8800000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:52 executing program 4 (fault-call:0 fault-nth:72): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:52 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000400000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1889.128562] FAULT_INJECTION: forcing a failure. [ 1889.128562] name failslab, interval 1, probability 0, space 0, times 0 [ 1889.140100] CPU: 1 PID: 4721 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1889.147303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1889.156667] Call Trace: [ 1889.159280] dump_stack+0x1b9/0x294 [ 1889.162935] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1889.168145] ? __mutex_lock+0x7d9/0x17f0 [ 1889.172229] should_fail.cold.4+0xa/0x1a [ 1889.176311] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1889.181435] ? kasan_kmalloc+0xc4/0xe0 [ 1889.183713] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1889.185340] ? graph_lock+0x170/0x170 [ 1889.185363] ? find_held_lock+0x36/0x1c0 [ 1889.185387] ? __lock_is_held+0xb5/0x140 [ 1889.185416] ? check_same_owner+0x320/0x320 [ 1889.210390] ? kasan_check_write+0x14/0x20 [ 1889.214635] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1889.219591] ? rcu_note_context_switch+0x710/0x710 [ 1889.224542] __should_failslab+0x124/0x180 [ 1889.228799] should_failslab+0x9/0x14 [ 1889.232610] kmem_cache_alloc+0x2af/0x760 [ 1889.236781] ? __mutex_unlock_slowpath+0x180/0x8a0 [ 1889.241735] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 1889.246768] __kernfs_new_node+0xe7/0x580 [ 1889.250931] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 1889.255701] ? mutex_unlock+0xd/0x10 [ 1889.259426] ? kernfs_activate+0x20e/0x2a0 [ 1889.263674] ? kernfs_walk_and_get_ns+0x320/0x320 [ 1889.268540] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 1889.274088] ? kernfs_link_sibling+0x1d2/0x3b0 [ 1889.278700] kernfs_new_node+0x80/0xf0 [ 1889.282613] __kernfs_create_file+0x4d/0x330 [ 1889.287040] sysfs_add_file_mode_ns+0x21a/0x560 [ 1889.291743] sysfs_add_file+0x4e/0x60 [ 1889.295573] sysfs_merge_group+0xfa/0x230 [ 1889.299746] dpm_sysfs_add+0x161/0x210 [ 1889.303649] device_add+0xa11/0x16d0 [ 1889.307385] ? device_private_init+0x230/0x230 [ 1889.311985] ? kfree+0x1e9/0x260 [ 1889.315357] ? kfree_const+0x5e/0x70 [ 1889.319070] device_create_groups_vargs+0x1ff/0x270 [ 1889.324078] device_create_vargs+0x46/0x60 [ 1889.328311] bdi_register_va.part.10+0xbb/0x9b0 [ 1889.332973] ? cgwb_kill+0x630/0x630 [ 1889.336682] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1889.342203] ? bdi_init+0x416/0x510 [ 1889.345814] ? wb_init+0x9e0/0x9e0 [ 1889.349342] ? bdi_alloc_node+0x67/0xe0 [ 1889.353333] ? bdi_alloc_node+0x67/0xe0 [ 1889.357297] ? rcu_read_lock_sched_held+0x108/0x120 [ 1889.362323] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1889.367591] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1889.373116] ? refcount_sub_and_test+0x212/0x330 [ 1889.377877] bdi_register_va+0x68/0x80 [ 1889.381757] super_setup_bdi_name+0x123/0x220 [ 1889.386243] ? kill_block_super+0x100/0x100 [ 1889.391312] ? kmem_cache_alloc_trace+0x616/0x780 [ 1889.396149] fuse_fill_super+0xe6e/0x1e20 [ 1889.400288] ? fuse_get_root_inode+0x190/0x190 [ 1889.404861] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1889.410385] ? vsnprintf+0x242/0x1b40 [ 1889.414175] ? pointer+0xa20/0xa20 [ 1889.417705] ? vsprintf+0x40/0x40 [ 1889.421148] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1889.426150] ? set_blocksize+0x2c4/0x350 [ 1889.430201] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1889.435726] mount_bdev+0x30c/0x3e0 [ 1889.439340] ? fuse_get_root_inode+0x190/0x190 [ 1889.443914] fuse_mount_blk+0x34/0x40 [ 1889.447702] mount_fs+0xae/0x328 [ 1889.451060] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1889.455627] ? may_umount+0xb0/0xb0 [ 1889.459238] ? _raw_read_unlock+0x22/0x30 [ 1889.463370] ? __get_fs_type+0x97/0xc0 [ 1889.467245] do_mount+0x564/0x3070 [ 1889.470776] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1889.475173] ? copy_mount_string+0x40/0x40 [ 1889.479393] ? rcu_pm_notify+0xc0/0xc0 [ 1889.483287] ? copy_mount_options+0x5f/0x380 [ 1889.487681] ? rcu_read_lock_sched_held+0x108/0x120 [ 1889.492683] ? kmem_cache_alloc_trace+0x616/0x780 [ 1889.497512] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1889.503044] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1889.508570] ? copy_mount_options+0x285/0x380 [ 1889.513057] ksys_mount+0x12d/0x140 [ 1889.516671] __x64_sys_mount+0xbe/0x150 [ 1889.520630] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1889.525635] do_syscall_64+0x1b1/0x800 [ 1889.529519] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1889.534354] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1889.539271] ? syscall_return_slowpath+0x30f/0x5c0 [ 1889.544190] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1889.549541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1889.554395] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1889.559572] RIP: 0033:0x455a09 [ 1889.562747] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1889.570444] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1889.577706] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1889.584962] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1889.592216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1889.599470] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:53 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "0000000000000000000000000000000000000000fffffffe00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:53 executing program 4 (fault-call:0 fault-nth:73): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:53 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:53 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c6530c8", 0x0) close(r0) 2018/05/15 14:04:53 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) readv(r0, &(0x7f0000002880)=[{&(0x7f0000000100)=""/30, 0x1e}, {&(0x7f0000001380)=""/2, 0x2}, {&(0x7f00000013c0)=""/239, 0xef}, {&(0x7f00000014c0)=""/51, 0x33}, {&(0x7f0000001500)=""/104, 0x68}, {&(0x7f0000002940)=""/96, 0x1}, {&(0x7f0000001600)=""/42, 0x2a}, {&(0x7f0000001640)=""/181, 0xffffffffffffff3a}, {&(0x7f0000001700)=""/4096, 0x1000}, {&(0x7f0000002700)=""/144, 0xfffffffffffffcd4}], 0xa) write$binfmt_elf64(r0, &(0x7f00000011c0)=ANY=[@ANYPTR64=&(0x7f0000000140)=ANY=[@ANYBLOB="9506583f01544c385accc608445a149516951747a2d01a01f6644fc2d58824e81425318ffe8a401f5a0e402a2df75d2e5c02bea30f3b515015b051e149dc7e51f2c6b22cfc6bef77c0f6a3b12290cee729ac98404a04e7", @ANYBLOB="ee07bd0dce7e7982e858fb09202ec1258b8454c74f876d2714fd23ddd6c1d35a6e79f3a77562fe0143d0cea8291105da5ee63e9bfe018f848e558d160b38821d713f52b564a84d49e57b92980c66298751defdd2bbc305a6e74fc0caeb8720ea9246f9713d4361bb493fbbe476196a242fecbfbce2fe615f5d0c8f6d438fe5612181016afe2c12b6987c3fe242f49c5bc6fee34e0f32b827182753fab49a6ed3ce296b556f4a35485d841acc76d74d85fc937e7fb351d269ec13254e6012fe0aac8981165836729ad31fc46428a0fc0d2b1c61581668393b186d6ec9ba37ec947bec5f50622728b9d28fd9faeab49b48a1fdc3496a78a7a6d55c11f8ea6eafa79256ee6810e504a2965702c928335b3e37116d12c04911d9894bbe5780cfcd458a30520424c3804e5890da0ccd32f5334f745f5c0f3a71fb449137736e1ce27e130e44f3c248787071a9398fc977339736f7cf948e98cc8c985d0438665ff4ca48e6b25b3e1373cdc21b1c8a697a7167224de1f6283276c1ed523ced78ff032beaebbb6c9bb06a32d59eedfb900605decaf6cceded018e362ce502ee39413652a61887680820d810e9e031b74a19273daa066e193932d93d252b577b517e05abe15983396d3a017cdc16cc066b87275184a02d39f967e12702a74b1f54e42554e481b5578da50fd8d33049d0d258118d2271709adedbbabc8dd77b8c75d11a0f33b6fe84a1ff7effe5d7b15e30443b76afd6b002fe277b1ce939281cca1e97ab010c9a92fad46f426987d6ff76dbdd0d70b728af3281c53ff267cb2c5de3e247159850dead0201242741fd27eb2e128530359e13daebf410b0bcae21c1331a229ff3049d12081bb4e5936624662785804f9dae01e3ab3a88cbe5f8f34c3cd4e0e016f456582733ba91bcfb66ff7dd962122887b96d2a34f88763b5f9341324771e1cab30953b4b74b1bf7e0e5463c88730a3ea422c0dc7bf60a9aa1c3e6a04b984a377ac5c9bed237ce010cd95bba23498a0156538cf9a5f886c84109550e949d2850a2b650c1e7aa442898e14f140eb53c8cfc48945cc28ff262afd6b402ce0b78ec7dfe513231740a8a3f264c25616a2b236b1d573696b130b2612712f4ee8ff30ed083870c14f3bae9e50bdc62bc2c76264b0fa341088b0d7519136636f59f9cf088ad75b3b98cecb62b6e0f82b8444d8e2bb5655a8d6813939e7959ad5a5dc1e9eaef9df8d8b68b385d6541d7251340c06c5e724e1a4ffa3eae7f3346d0fb1a1a1d3c464f99318a5f2c5254170235440730390ca22774cc82f6982e2fbed70561c4901e59ba6a2c0f37e7068aa5a6fedb13ac961c8e3d1b6f7e46e492e116ee2ff28559fdb8ada7d341496b0d22706659aa0ded35cdb76b9ce88cc98e68d20530cb115a2016ffe766714179b2fb43f9e73f82df3424a5fa731c3cf4a43e603da30d8e56155b50930de7417927ed6e625a70012bf5149429724f571696e377026eba3ebd7ef4581df12919a9980d2882c69e7701a98c4f687cef334e21b0f447dbaf2560a0de3b8f9a824e948f092cb6a69e6659117c86f4a58d887fb085f3a435c83bad4558eae3297692cd111857c8d219cd674fb77c591d050f5ebc8735ecf9e019a57674b2cd5a261c2d142ddc7d951d4548aa3ecfbe4d250a9088985bca51f200692ee49b84af01b9895682b220f6af635f6f64b6351e2b5b28a8a494e748bc442e415ad7737da5e0bf3ca7eaf1de4e2d49028a670d27080516a90b23dfbbcf2c7118dee97711fce05a6faf9b6a70d7adb4a9b88d3b36f9c273b134dd0eace08337968f409ddb5852798d27489ee1c5ce5ad21b65fb44c1ddf1c4c037a5ed1049bffe2ce2a5265b9b0149e07d8858b2473853678b106f0a8e283e252589258cff38e943d068015e2e475cd6ed81341433722330c0ae3f713641628a721924a4ffa89a95870133cbc9add12ab1171f432f72340689ad44408997bb910b569955a0d97c4372563e18d1720ae90d6c3809935aadf17227d66d9c4322a3caccf6429308f2272b75e9bb348d48cce5e9e607576ae686f83f23285b66e3a444ac1bd63d5c2825fffe92836d225dcbe56543972e824881551621fce9379027b2051f0a946ce23414c629896c2c18ee5f3b0ff4dbce989dab7c7dba1b000946a50d2f10f5f76f13e49c632e005d296823b8225986afc5c3aaa01c224cf56aa4057891771fcc137fc3393c8e2ceb143526814ffafd8f8da5887f9db325197a1be5be537a1c774f535ee191a0743113721f1cb8b85c235d9f4e43743e52d285bd14808eb27a58dd83c3de9580fa5e3ec0fcdc9925c0e4bd3ecef9408ad25091582d1fd15e009e669c248ac66dfa2194e413d1f500674a55bbabef356166f3230f20d91b5d6a3428e9711caa15021b4c4f5a616b5caba475892bc0f3622ae5034c711ba221a4acb3d17a21a5c5e57c7f3b7d16b5d94d7d13a47f0d0391d229b983a8ef455d3c95070b5ebf3c3e19fd656c95571254533eaba1e251fb2419f4b474b8a12d105dfaa334224a7e27436182cb679bac9260656c254902b7ce46a8f1be5f6c646687c80a9d4718460ce1799d4595d3c6beb012567a7cfa413194d5f64814e2507c6c165e772caa6c7e0d94b915866695f12eb62fdc8e85eb64243565e080cc0d4befe2b29e3d29abd6b7dff9de5bf6464d1d4c74337f08906372bf1e6676e9ece2e5bf01afd3e554db9c1c410ed085c218866405f1bc838544862846ba7d496ee449509e2623ad3d63b8b3da008064fd4ecf9d64f987b09de06664a5ce688f065b054639fc8a5f8ccd000c0fc453905ed193e8a34d7ebe723f5d910d7a92067c56a2b9b0860abd25d503ed12b6ffd0e8e8b7ea967933252cd8714ca120299b99a55d5565c727cc0d2fb162b19a5eaea8748b4481ab634562d98e2715d7678371d9fe989b5c23db8624e09474e723930392f8c0595fa369053f3471a15f4aa4ee5b2b92466b30a673ad5dbdb4457324d72c4b04b409e39a64878e16db6e12a5878bf89dda1468f1b3ebb15dad9998a31583fba5b65d3e494be8dc1283ff56ed6d561920cc377cbb96cd4e96f444f7c6d4ea6273649a1f61a879f5163836bd33ffee8fd5b754e35e240985999a55c735f1bb1796efec79a7eb80364e70ee810f1767a7ad2138c82d31883e9535a29b01b4c73fc274f8f5daea6f2da1643cd424ee6f700a84c7c8451c6c50e285215c8716d3a108756c65301e9cd826ec33900b3e432ce0c41795ed4a2ef3cd9c0b9194f84559d2ee91882b2e3814c4af32a600c05d213f15fbcd190b4845fd5282ee1d5cbf47023d1a59277d685eaa281dc668f03027ffdba81eef972f2c99de46a65cf94199c74438cd3bda9d9212326ce690452516fe48d64461c1a7f910d24309bf37e7f154c3131720b00a94b31bfd060d199d4bf6430d7584463d52795819d31d9c1d686fab3921bded3ba334df093748434100c0fa81348befa60ebe2bbe9d43252e94bfa245eadeb2583efb8a2b21c471e1adca352d06158e9360201ccce4c75c34b42bd0a0416880b4475cfbbc8c87e4aa86316258ee5ab6768b6ea044b2a64d74c385fc314b5d99928497acf27abb7b50343f3ea919a2a3d750a2377c989d59fde091da5bc823cdb083a98bf48a97effd8b93df68e114e83e442488f2c304e25445c48c94ba3f5858e94377f4996a740f79078837c77efc8145616117febf51a81ace690edd3bb8086bcdca07d2400256a6ff8e6bf4da5b8bf053ac810b9f14c0799899bc1ba73b4fcf0ee849c68b8936709ca0f6fead55a0af09aa3f900990026da555e6668ab38aaf03d892cec168c7bfbecaebdfa55b4ae9578a523e0e648e45b4caee1b99037dccea2c4e6414df1dbc6ec40b379eba73b5ec8522de37486d976427736651fe5ab5e42f63aa422d656570535d5bd825df4b3ba1f3736162471deacb81ca86d4bb9cb3955d78a284dd4a8aeaef8f7f571f3c2efd74287c7682f7241ba8410532da15c190b88bb00501ab01caa278f9bbfc55c94c26f63f6f1fb0009cc543db8405efa8516d27b164525eca8c44e9d69ba94b7e74d47ba03e1507fe73fd77e60bd4a831a4f1232cf27e98eed60eec275abbd5f7d95b9cca856c298591168723027050af965291dbfc360f8f8456d526ff814d2191d667234ad038bda6fa1e6c15a44ac72770a88039c7f2394d64d60da9e0148d4a7effc803028f03e78817ba32fd6d1bc460f273338b7c9e8b0f4fed310c8e9f2d25fdac0cd0628f81eb3bf7995f26c1d98b2fe7d49463da619cf7bc8f50d40e0df281466f95d500b9850b4903c9142a44d93bb6a26308187c000dba3cd369c86232a09dc1299cecd0c5be41d7960ab65a2f38aa5e245d2c4121cddf98930a328e758fd7f4b92d7ba20c0af9ae03594175d8aedad9f55112598b2ffa520f748fed0403753637d85afbd7a273692040e860ef9ff700725446978d901bbd5c86efae4d8e7d2ae300633a9e32a9d7ee5551fc53f37cb8110008fe723b7f614694d9a269677420320a8c244e962d8fe8d4c5163b30db22b3e7c0f57e791aed5b15abef162ffa3854866b482aa09e1615adee851ccf021eaa021d7fec526336335119acd0000733ad14064aa6b68b3d000b76e8e3a186d28d6d0376709881983868c0f16984bfea4239c9c0d817bb373e54aca0ccc3fa0e2f449fec992a6693fd209e8c72e7a034f817c2f697991127f9cd8606c6577fbb8d9850f8086478b58d829fd928668117f588749fa783cc2a5e8729a628c7ad4d5a3970d90de430d8f93efb44f93a1121f7e02c942411f4a5eeb319ed65b6885270b2b33a8b470982a54f4e5c995c0689f7967ffee882d2f5d32e17983a0d837ec5e4db15a397eea62da79188e293529c78119cde324dbf8540fee636da1adbc68efc96c10e1521d6cb6749a991eb7ef03ab26bbe7d5484ef959cbaad02332268c1335c6a2441fb49ec1d873a21e7546e482f9334071f64e386e2e76c4eabfc4d333ca86d1fcdb60c8a21ad5d4006fc670b4b040d94ecae35e30f804199f9ce77ec8b872ea6d5c19b5bbbaf2ba094c6fc9d233c27f4436d63f118f50f7ee61b2bb186a2d23674da1db698eabc046254402e0d1a4c34000dc7ec4f5c1af9003b257bdffa119764032d0e6c952c276f3733126ae2f5d446e809fd2383d470bfdc742a005c2ca1de4ed81fb7154c8e0377b1ef6d8388f8cd1eaf8d5b996d9533ba2ad723d791bcb82b75f005ac9d2801f24c9c4196d710ad45e1ff7f2d6a27cd7d57fd9a7b27fe3c9fbf09d0ebea4a5f5103aee9f86e73718e5227a3c8393988ebe1447159e95e9911e166754b083b8f5e0579347dfa9cce29e99f4e09db2daeaf656e411e156f7680bb78608540d3b2dc2e47bf60e6f34d4daee14f47d89e2b39a05edc307286afda094b9efe96619422230e47c3a1cf34fbe7493a40cbeaa2b370feaa93287a6789a0b50ac5d50f8629c83fb7d14998c1a1da293d71de6d9b34e1bd31839ad4c5984620bd40c5afb8fa8d6f35a0c229429b3181ab0d61e0217d5687b2478c204adae52a9bbff6bc10f4c49bfcf6e3c5b3064895a5bdeba40dbf054a40659bfd61829c222d34b1c4264bafb35bc38f2588e289fd19bbd564c55f5c861d1a94bb41764f20fab416a438ef75381a3e9f39e2e28e6213be4190c2a1c1c6622473b57d04239165f051854012e387c470327c218ee50f8e1d7505cefe13fa444a11828b74579130c6fc7e804b17770b1f50631f0bd1ba5ea75f6ba", @ANYRES32], @ANYBLOB="07efc251409063ae8e9b40d1b6462ba9abdd70b9f7f96063c00d983fce3665ab1e7f3ca7ed7f4c07472a34f10fba091deaa47ef4b00839c7704810bc35d04d814f1174ece2c0bc68ac1e559f2402cb13f188772fb7b45a0feeabf7e20d708e66447a7faddf6fd20d6bdf6b71e0a89c3da4bcf8daedbfe2fab2eecd73ca65b4ecf3d589fd0ccd17061c25df85ddd12648c999bfb296eeb8e383dc20f4bc78fad6d5ae328a5e0e69245d3349c0871b77902feeba34b7362a4cf34c670bd19758446d06d88baf23587604c451884813f59eb1d40c41c918f3ad385954f7aea075f662cfaa7978efaac2", @ANYRES64, @ANYBLOB="a55811b5abec86d73d6be9afec9ebd838a1e2230d8d02de05b29648e1bebcb32845134cf3f07a773bbcde6422729ffe6fe5bca3e946e8fd05f4d10e778027896617d4455eb62db41e160eab921142a48f4cbea74e10c8aab37118dd4ac75d2a1b1c65cf183e64fdbf7b53af28ed1f0a411c5d33c5c8617c470a3447507ed1912f2ecc98338c93d217214decc150aa281ca51cec54b3493e63d6b3f4bab5069f7c5e2c9867ff0a79f9fa535ecf5d82da0b0e960f615f34315a1", @ANYRES32], 0x5b) setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f00000000c0)=0x1, 0x4) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000040)=0x10000) fdatasync(r0) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710, @my=0x0}, 0x10) 2018/05/15 14:04:53 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x1, 0x1, 0x7, 0x101, 0x0}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000240)={0x7ff, 0x200, 0x800000000000000, 0x69, r1}, &(0x7f0000000280)=0x10) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={0x0, 0x65}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r2, 0x7fffffff}, 0x8) 2018/05/15 14:04:53 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000005000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:53 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000880000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:53 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x43000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1889.803667] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:53 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000040)=0x1) 2018/05/15 14:04:53 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1889.965917] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1889.971508] FAULT_INJECTION: forcing a failure. [ 1889.971508] name failslab, interval 1, probability 0, space 0, times 0 [ 1889.986557] CPU: 1 PID: 4787 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1889.993763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1890.003133] Call Trace: [ 1890.005753] dump_stack+0x1b9/0x294 [ 1890.009414] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1890.014629] ? __lock_is_held+0xb5/0x140 [ 1890.018716] ? __account_cfs_rq_runtime+0x600/0x600 [ 1890.023763] should_fail.cold.4+0xa/0x1a [ 1890.027851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1890.032982] ? update_load_avg+0x2570/0x2570 [ 1890.037416] ? graph_lock+0x170/0x170 [ 1890.041238] ? find_held_lock+0x36/0x1c0 [ 1890.045329] ? __lock_is_held+0xb5/0x140 [ 1890.049420] ? check_same_owner+0x320/0x320 [ 1890.053788] ? rcu_note_context_switch+0x710/0x710 [ 1890.058747] __should_failslab+0x124/0x180 [ 1890.063009] should_failslab+0x9/0x14 [ 1890.066829] kmem_cache_alloc+0x2af/0x760 [ 1890.071001] ? _raw_spin_unlock_irq+0x27/0x70 [ 1890.075528] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1890.080575] __d_alloc+0xc0/0xd30 [ 1890.084086] ? shrink_dcache_for_umount+0x290/0x290 [ 1890.084265] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1890.089121] ? preempt_notifier_register+0x1e0/0x1e0 [ 1890.089148] ? debug_check_no_locks_freed+0x310/0x310 [ 1890.089168] ? __schedule+0x809/0x1e30 [ 1890.112104] d_alloc+0x8e/0x370 [ 1890.115395] ? print_usage_bug+0xc0/0xc0 [ 1890.119471] ? __d_alloc+0xd30/0xd30 [ 1890.123211] d_alloc_parallel+0x152/0x1e80 [ 1890.127461] ? kobject_uevent+0x1f/0x30 [ 1890.131449] ? graph_lock+0x170/0x170 [ 1890.135272] ? __lock_acquire+0x7f5/0x5140 [ 1890.139539] ? __d_lookup_rcu+0xa80/0xa80 [ 1890.143710] ? print_usage_bug+0xc0/0xc0 [ 1890.145078] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1890.147792] ? find_held_lock+0x36/0x1c0 [ 1890.147817] ? lock_downgrade+0x8e0/0x8e0 [ 1890.147839] ? mark_held_locks+0xc9/0x160 [ 1890.147859] ? __raw_spin_lock_init+0x1c/0x100 [ 1890.147875] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1890.147891] ? __lockdep_init_map+0x105/0x590 [ 1890.147905] ? __lockdep_init_map+0x105/0x590 [ 1890.147919] ? lockdep_init_map+0x9/0x10 [ 1890.147937] ? __init_waitqueue_head+0x96/0x140 [ 1890.196313] ? init_wait_entry+0x1b0/0x1b0 [ 1890.200574] ? d_alloc_parallel+0x1e80/0x1e80 [ 1890.201684] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:53 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000005000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:53 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000e4ffffff00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:53 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1890.205101] ? lock_release+0xa10/0xa10 [ 1890.205114] ? graph_lock+0x170/0x170 [ 1890.205132] __lookup_slow+0x1e6/0x540 [ 1890.205150] ? vfs_unlink+0x510/0x510 [ 1890.229340] ? d_lookup+0x219/0x330 [ 1890.232996] lookup_one_len+0x1c7/0x210 [ 1890.236993] ? lookup_one_len_unlocked+0xf0/0xf0 [ 1890.241771] ? down_write+0x87/0x120 [ 1890.245543] ? start_creating+0xb1/0x200 [ 1890.249632] ? down_read+0x1b0/0x1b0 [ 1890.253362] ? mntput+0x74/0xa0 [ 1890.256653] ? simple_pin_fs+0xa4/0x190 [ 1890.260641] start_creating+0xc6/0x200 [ 1890.264547] debugfs_create_dir+0x23/0x3c0 [ 1890.268809] bdi_register_va.part.10+0x318/0x9b0 [ 1890.273580] ? cgwb_kill+0x630/0x630 [ 1890.277343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1890.282897] ? bdi_init+0x416/0x510 [ 1890.286553] ? wb_init+0x9e0/0x9e0 [ 1890.290116] ? bdi_alloc_node+0x67/0xe0 [ 1890.294102] ? bdi_alloc_node+0x67/0xe0 [ 1890.298088] ? rcu_read_lock_sched_held+0x108/0x120 [ 1890.303121] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1890.308421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1890.313977] ? refcount_sub_and_test+0x212/0x330 [ 1890.318752] bdi_register_va+0x68/0x80 [ 1890.322653] super_setup_bdi_name+0x123/0x220 [ 1890.327166] ? kill_block_super+0x100/0x100 [ 1890.331509] ? kmem_cache_alloc_trace+0x616/0x780 [ 1890.336385] fuse_fill_super+0xe6e/0x1e20 [ 1890.340572] ? fuse_get_root_inode+0x190/0x190 [ 1890.345179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1890.350821] ? vsnprintf+0x242/0x1b40 [ 1890.354638] ? pointer+0xa20/0xa20 [ 1890.358209] ? vsprintf+0x40/0x40 [ 1890.361688] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1890.366728] ? set_blocksize+0x2c4/0x350 [ 1890.370840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1890.376397] mount_bdev+0x30c/0x3e0 [ 1890.380051] ? fuse_get_root_inode+0x190/0x190 [ 1890.384663] fuse_mount_blk+0x34/0x40 [ 1890.388484] mount_fs+0xae/0x328 [ 1890.391865] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1890.396445] ? may_umount+0xb0/0xb0 [ 1890.400064] ? _raw_read_unlock+0x22/0x30 [ 1890.404200] ? __get_fs_type+0x97/0xc0 [ 1890.408090] do_mount+0x564/0x3070 [ 1890.411631] ? copy_mount_string+0x40/0x40 [ 1890.415850] ? rcu_pm_notify+0xc0/0xc0 [ 1890.419727] ? copy_mount_options+0x5f/0x380 [ 1890.424125] ? rcu_read_lock_sched_held+0x108/0x120 [ 1890.429133] ? kmem_cache_alloc_trace+0x616/0x780 [ 1890.433967] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1890.439496] ? _copy_from_user+0xdf/0x150 [ 1890.443635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1890.449160] ? copy_mount_options+0x285/0x380 [ 1890.453648] ksys_mount+0x12d/0x140 [ 1890.457266] __x64_sys_mount+0xbe/0x150 [ 1890.461237] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1890.466243] do_syscall_64+0x1b1/0x800 [ 1890.470126] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1890.474963] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1890.479893] ? syscall_return_slowpath+0x30f/0x5c0 [ 1890.484828] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1890.490194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1890.495049] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1890.500229] RIP: 0033:0x455a09 [ 1890.503430] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1890.511131] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1890.518393] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1890.525649] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1890.532906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1890.540161] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:54 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:54 executing program 4 (fault-call:0 fault-nth:74): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:54 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0), 0x0) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000080)=""/163, &(0x7f0000000140)=0xa3) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:04:54 executing program 3: syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x20, 0x20400) r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$evdev(r0, &(0x7f0000000080)=[{{0x77359400}, 0x2, 0x3}, {{0x77359400}, 0x0, 0x6, 0x401}], 0x30) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:54 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:54 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:54 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:54 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000088000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1890.895943] FAULT_INJECTION: forcing a failure. [ 1890.895943] name failslab, interval 1, probability 0, space 0, times 0 [ 1890.907744] CPU: 0 PID: 4828 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1890.911726] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1890.914943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1890.933122] Call Trace: [ 1890.935731] dump_stack+0x1b9/0x294 [ 1890.939391] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1890.944613] ? is_bpf_text_address+0xd7/0x170 [ 1890.949122] ? kernel_text_address+0x79/0xf0 [ 1890.953547] ? __unwind_start+0x166/0x330 [ 1890.957714] should_fail.cold.4+0xa/0x1a [ 1890.961797] ? __save_stack_trace+0x7e/0xd0 [ 1890.966144] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1890.971266] ? graph_lock+0x170/0x170 [ 1890.975071] ? save_stack+0x43/0xd0 [ 1890.978691] ? kasan_kmalloc+0xc4/0xe0 [ 1890.982571] ? kasan_slab_alloc+0x12/0x20 [ 1890.986715] ? find_held_lock+0x36/0x1c0 [ 1890.990776] ? __lock_is_held+0xb5/0x140 [ 1890.994841] ? check_same_owner+0x320/0x320 [ 1890.999154] ? rcu_note_context_switch+0x710/0x710 [ 1891.004072] __should_failslab+0x124/0x180 [ 1891.008294] should_failslab+0x9/0x14 [ 1891.012122] kmem_cache_alloc_node_trace+0x26f/0x770 [ 1891.017217] __kmalloc_node_track_caller+0x33/0x70 [ 1891.022163] __kmalloc_reserve.isra.38+0x3a/0xe0 [ 1891.026906] __alloc_skb+0x14d/0x780 [ 1891.030622] ? skb_scrub_packet+0x580/0x580 [ 1891.034929] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1891.040191] ? netlink_has_listeners+0x2ff/0x4c0 [ 1891.044935] ? netlink_tap_init_net+0x3c0/0x3c0 [ 1891.049596] kobject_uevent_env+0x801/0xea0 [ 1891.053905] ? device_pm_add+0x221/0x340 [ 1891.057955] kobject_uevent+0x1f/0x30 [ 1891.061745] device_add+0xb01/0x16d0 [ 1891.065448] ? device_private_init+0x230/0x230 [ 1891.070021] ? kfree+0x1e9/0x260 [ 1891.073376] ? kfree_const+0x5e/0x70 [ 1891.077075] device_create_groups_vargs+0x1ff/0x270 [ 1891.082080] device_create_vargs+0x46/0x60 [ 1891.086303] bdi_register_va.part.10+0xbb/0x9b0 [ 1891.090958] ? cgwb_kill+0x630/0x630 [ 1891.094662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.100185] ? bdi_init+0x416/0x510 [ 1891.103797] ? wb_init+0x9e0/0x9e0 [ 1891.107321] ? bdi_alloc_node+0x67/0xe0 [ 1891.111278] ? bdi_alloc_node+0x67/0xe0 [ 1891.115239] ? rcu_read_lock_sched_held+0x108/0x120 [ 1891.120242] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1891.125506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.131035] ? refcount_sub_and_test+0x212/0x330 [ 1891.135780] bdi_register_va+0x68/0x80 [ 1891.139666] super_setup_bdi_name+0x123/0x220 [ 1891.144148] ? kill_block_super+0x100/0x100 [ 1891.148476] ? kmem_cache_alloc_trace+0x616/0x780 [ 1891.153320] fuse_fill_super+0xe6e/0x1e20 [ 1891.157458] ? fuse_get_root_inode+0x190/0x190 [ 1891.162033] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1891.167562] ? vsnprintf+0x242/0x1b40 [ 1891.171353] ? pointer+0xa20/0xa20 [ 1891.174886] ? vsprintf+0x40/0x40 [ 1891.178328] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1891.183339] ? set_blocksize+0x2c4/0x350 [ 1891.187386] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.192912] mount_bdev+0x30c/0x3e0 [ 1891.196526] ? fuse_get_root_inode+0x190/0x190 [ 1891.201096] fuse_mount_blk+0x34/0x40 [ 1891.204901] mount_fs+0xae/0x328 [ 1891.208254] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1891.212824] ? may_umount+0xb0/0xb0 [ 1891.216432] ? _raw_read_unlock+0x22/0x30 [ 1891.220566] ? __get_fs_type+0x97/0xc0 [ 1891.224441] do_mount+0x564/0x3070 [ 1891.227974] ? copy_mount_string+0x40/0x40 [ 1891.232196] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1891.236939] ? retint_kernel+0x10/0x10 [ 1891.240827] ? copy_mount_options+0x1a1/0x380 [ 1891.245313] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 1891.250143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.255666] ? copy_mount_options+0x285/0x380 [ 1891.260149] ksys_mount+0x12d/0x140 [ 1891.263763] __x64_sys_mount+0xbe/0x150 [ 1891.267727] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1891.272744] do_syscall_64+0x1b1/0x800 [ 1891.276632] ? finish_task_switch+0x1ca/0x840 [ 1891.281117] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1891.286042] ? syscall_return_slowpath+0x30f/0x5c0 [ 1891.290964] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1891.296319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1891.301153] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1891.306328] RIP: 0033:0x455a09 [ 1891.309498] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1891.317198] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1891.324453] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1891.331711] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1891.338966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/05/15 14:04:55 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:55 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000040000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1891.346219] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:55 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="9f6a5b4acfd23b8d8aec9b39eaaff0267bad16f2a3a9af18c8b8dc7876d8ea51cfadbf6693aff8d18ecefe07"], 0x1) 2018/05/15 14:04:55 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000fffffffe00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:55 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000060000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:55 executing program 4 (fault-call:0 fault-nth:75): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1891.417271] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:04:55 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:55 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000078030000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1891.519707] FAULT_INJECTION: forcing a failure. [ 1891.519707] name failslab, interval 1, probability 0, space 0, times 0 [ 1891.531112] CPU: 1 PID: 4865 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1891.538313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1891.547677] Call Trace: [ 1891.550287] dump_stack+0x1b9/0x294 [ 1891.553929] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1891.559125] ? kobject_uevent_env+0x62e/0xea0 [ 1891.563658] should_fail.cold.4+0xa/0x1a 2018/05/15 14:04:55 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80ffff}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:55 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000feffffff00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1891.567746] ? debug_check_no_locks_freed+0x310/0x310 [ 1891.572960] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1891.578090] ? __might_sleep+0x95/0x190 [ 1891.582089] ? graph_lock+0x170/0x170 [ 1891.585904] ? __mutex_lock+0x7d9/0x17f0 [ 1891.590083] ? unwind_get_return_address+0x61/0xa0 [ 1891.595040] ? find_held_lock+0x36/0x1c0 [ 1891.599165] ? __lock_is_held+0xb5/0x140 [ 1891.603282] ? check_same_owner+0x320/0x320 [ 1891.607630] ? rcu_note_context_switch+0x710/0x710 [ 1891.612603] ? put_dec+0xf0/0xf0 [ 1891.615998] ? format_decode+0x1a9/0xae0 2018/05/15 14:04:55 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1891.620079] __should_failslab+0x124/0x180 [ 1891.624330] should_failslab+0x9/0x14 [ 1891.628148] kmem_cache_alloc_node+0x272/0x780 [ 1891.632775] __alloc_skb+0x111/0x780 [ 1891.636514] ? skb_scrub_packet+0x580/0x580 [ 1891.640869] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 1891.646083] ? netlink_has_listeners+0x2ff/0x4c0 [ 1891.650849] ? netlink_tap_init_net+0x3c0/0x3c0 [ 1891.655534] kobject_uevent_env+0x801/0xea0 [ 1891.659869] ? device_pm_add+0x221/0x340 [ 1891.663951] kobject_uevent+0x1f/0x30 [ 1891.667764] device_add+0xb01/0x16d0 [ 1891.671493] ? device_private_init+0x230/0x230 [ 1891.676092] ? kfree+0x1e9/0x260 [ 1891.679479] ? kfree_const+0x5e/0x70 [ 1891.683218] device_create_groups_vargs+0x1ff/0x270 [ 1891.688256] device_create_vargs+0x46/0x60 [ 1891.692512] bdi_register_va.part.10+0xbb/0x9b0 [ 1891.697204] ? cgwb_kill+0x630/0x630 [ 1891.700934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.706482] ? bdi_init+0x416/0x510 [ 1891.710120] ? wb_init+0x9e0/0x9e0 [ 1891.713675] ? bdi_alloc_node+0x67/0xe0 [ 1891.717659] ? bdi_alloc_node+0x67/0xe0 [ 1891.721644] ? rcu_read_lock_sched_held+0x108/0x120 [ 1891.726675] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1891.731970] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.737527] ? refcount_sub_and_test+0x212/0x330 [ 1891.742304] bdi_register_va+0x68/0x80 [ 1891.746215] super_setup_bdi_name+0x123/0x220 [ 1891.750720] ? kill_block_super+0x100/0x100 [ 1891.755055] ? kmem_cache_alloc_trace+0x616/0x780 [ 1891.759915] fuse_fill_super+0xe6e/0x1e20 [ 1891.764089] ? fuse_get_root_inode+0x190/0x190 [ 1891.768692] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1891.769846] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1891.774240] ? vsnprintf+0x242/0x1b40 [ 1891.774265] ? pointer+0xa20/0xa20 [ 1891.774285] ? vsprintf+0x40/0x40 [ 1891.774307] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1891.774323] ? set_blocksize+0x2c4/0x350 [ 1891.774343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.774362] mount_bdev+0x30c/0x3e0 [ 1891.774379] ? fuse_get_root_inode+0x190/0x190 [ 1891.774403] fuse_mount_blk+0x34/0x40 [ 1891.820555] mount_fs+0xae/0x328 [ 1891.823940] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1891.828538] ? may_umount+0xb0/0xb0 [ 1891.832183] ? _raw_read_unlock+0x22/0x30 [ 1891.836346] ? __get_fs_type+0x97/0xc0 [ 1891.840250] do_mount+0x564/0x3070 [ 1891.843807] ? copy_mount_string+0x40/0x40 [ 1891.848058] ? rcu_pm_notify+0xc0/0xc0 [ 1891.851958] ? copy_mount_options+0x5f/0x380 [ 1891.856373] ? rcu_read_lock_sched_held+0x108/0x120 [ 1891.861402] ? kmem_cache_alloc_trace+0x616/0x780 [ 1891.866254] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1891.871800] ? _copy_from_user+0xdf/0x150 [ 1891.875951] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1891.881497] ? copy_mount_options+0x285/0x380 [ 1891.885991] ksys_mount+0x12d/0x140 [ 1891.889628] __x64_sys_mount+0xbe/0x150 [ 1891.893599] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1891.898614] do_syscall_64+0x1b1/0x800 [ 1891.902499] ? finish_task_switch+0x1ca/0x840 [ 1891.907096] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1891.912040] ? syscall_return_slowpath+0x30f/0x5c0 [ 1891.916963] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1891.922320] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1891.927162] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1891.932333] RIP: 0033:0x455a09 [ 1891.935513] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1891.943231] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1891.950493] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1891.957757] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:04:55 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4800}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:55 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000000ffffffff00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:55 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:55 executing program 3: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x183, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000240)={0x0, 0x6, 0x4, 0x2}) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000280)="b971090000b8e8f50000ba000000000f30c442dda967bb48b8f6cf0000000000000f23d00f21f8351000000d0f23f8b9a00b00000f3266b829000f00d8c74424005c390000c7442402eb000000c7442406000000000f011c24f4b9ea0800000f322ef26c0f20e035000040000f22e0", 0x6f}], 0x1, 0x2, &(0x7f0000000340), 0x0) arch_prctl(0x1001, &(0x7f0000000040)="b1a126c5a1b9a5c1f0a6d2caa5512187848fa40c844f9acd4bb4d526df3ea643d532608736d0ba70b1ac157d1125d464510d47bc50789d0b49c0dfb6bc6d795b0800071a5c8ae83c72443fe59b1f05dc875b67863a454731dafa6cd2675c0851534294fd2f6cc4dbe86e45abf870b0b17036617939581617807818b75674862a20add22bc6c440e4ac4c0e8828695ba519852826190a7d5b9c0ac6430a2c109b5c0fca7d120235e3e81d3a8225bccf6e1ceb6f7a87ecbb335c1b45bce0836de89b62c03581c0aba6f1189e7b87a433") ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000140)={0x7ff, 0x4, 0xfffffffffffffffe, 'queue0\x00', 0x53}) readv(r1, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:55 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000030000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:55 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) [ 1891.965015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1891.972283] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:55 executing program 4 (fault-call:0 fault-nth:76): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1892.090393] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1892.128227] FAULT_INJECTION: forcing a failure. [ 1892.128227] name failslab, interval 1, probability 0, space 0, times 0 [ 1892.139650] CPU: 1 PID: 4912 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1892.146847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1892.156205] Call Trace: [ 1892.158811] dump_stack+0x1b9/0x294 [ 1892.162462] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1892.167667] ? lock_downgrade+0x8e0/0x8e0 [ 1892.171831] should_fail.cold.4+0xa/0x1a [ 1892.175903] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1892.181025] ? graph_lock+0x170/0x170 [ 1892.184845] ? kernel_text_address+0x79/0xf0 [ 1892.189266] ? __unwind_start+0x166/0x330 [ 1892.193431] ? __kernel_text_address+0xd/0x40 [ 1892.197944] ? find_held_lock+0x36/0x1c0 [ 1892.202022] ? __lock_is_held+0xb5/0x140 [ 1892.206099] ? check_same_owner+0x320/0x320 [ 1892.210414] ? device_create_groups_vargs+0x1ff/0x270 [ 1892.215592] ? device_create_vargs+0x46/0x60 [ 1892.219992] ? bdi_register_va.part.10+0xbb/0x9b0 [ 1892.224831] ? rcu_note_context_switch+0x710/0x710 [ 1892.229762] ? mount_bdev+0x30c/0x3e0 [ 1892.233570] ? fuse_mount_blk+0x34/0x40 [ 1892.237540] ? mount_fs+0xae/0x328 [ 1892.241083] __should_failslab+0x124/0x180 [ 1892.245309] should_failslab+0x9/0x14 [ 1892.249099] kmem_cache_alloc+0x2af/0x760 [ 1892.253253] skb_clone+0x1ed/0x4f0 [ 1892.256800] ? refcount_add_not_zero+0x290/0x320 [ 1892.261565] ? skb_split+0x11d0/0x11d0 [ 1892.265469] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1892.270484] ? netlink_trim+0x1b2/0x370 [ 1892.274448] ? netlink_skb_destructor+0x210/0x210 [ 1892.279277] ? cleanup_uevent_env+0x40/0x40 [ 1892.283606] netlink_broadcast_filtered+0x1024/0x1580 [ 1892.288826] ? __netlink_sendskb+0xd0/0xd0 [ 1892.293064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1892.298596] ? refcount_inc_not_zero+0x1dd/0x2d0 [ 1892.303348] ? refcount_add_not_zero+0x320/0x320 [ 1892.308090] ? cleanup_uevent_env+0x40/0x40 [ 1892.312412] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1892.317425] kobject_uevent_env+0x6e4/0xea0 [ 1892.321750] ? device_pm_add+0x221/0x340 [ 1892.325810] kobject_uevent+0x1f/0x30 [ 1892.329615] device_add+0xb01/0x16d0 [ 1892.333347] ? device_private_init+0x230/0x230 [ 1892.337927] ? kfree+0x1e9/0x260 [ 1892.341281] ? kfree_const+0x5e/0x70 [ 1892.344997] device_create_groups_vargs+0x1ff/0x270 [ 1892.350040] device_create_vargs+0x46/0x60 [ 1892.354279] bdi_register_va.part.10+0xbb/0x9b0 [ 1892.358941] ? cgwb_kill+0x630/0x630 [ 1892.362644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1892.368166] ? bdi_init+0x416/0x510 [ 1892.371786] ? wb_init+0x9e0/0x9e0 [ 1892.375314] ? bdi_alloc_node+0x67/0xe0 [ 1892.379272] ? bdi_alloc_node+0x67/0xe0 [ 1892.383248] ? rcu_read_lock_sched_held+0x108/0x120 [ 1892.388270] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1892.393539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1892.399065] ? refcount_sub_and_test+0x212/0x330 [ 1892.403811] bdi_register_va+0x68/0x80 [ 1892.407690] super_setup_bdi_name+0x123/0x220 [ 1892.412172] ? kill_block_super+0x100/0x100 [ 1892.416482] ? kmem_cache_alloc_trace+0x616/0x780 [ 1892.421318] fuse_fill_super+0xe6e/0x1e20 [ 1892.425457] ? fuse_get_root_inode+0x190/0x190 [ 1892.430042] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1892.435586] ? vsnprintf+0x242/0x1b40 [ 1892.439378] ? pointer+0xa20/0xa20 [ 1892.442907] ? vsprintf+0x40/0x40 [ 1892.446360] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1892.451380] ? set_blocksize+0x2c4/0x350 [ 1892.455430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1892.460952] mount_bdev+0x30c/0x3e0 [ 1892.464582] ? fuse_get_root_inode+0x190/0x190 [ 1892.469150] fuse_mount_blk+0x34/0x40 [ 1892.472955] mount_fs+0xae/0x328 [ 1892.476339] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1892.480941] ? may_umount+0xb0/0xb0 [ 1892.484558] ? _raw_read_unlock+0x22/0x30 [ 1892.488693] ? __get_fs_type+0x97/0xc0 [ 1892.492578] do_mount+0x564/0x3070 [ 1892.496115] ? copy_mount_string+0x40/0x40 [ 1892.500344] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1892.505107] ? retint_kernel+0x10/0x10 [ 1892.509000] ? copy_mount_options+0x1e3/0x380 [ 1892.513506] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1892.519042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1892.524584] ? copy_mount_options+0x285/0x380 [ 1892.529077] ksys_mount+0x12d/0x140 [ 1892.532695] __x64_sys_mount+0xbe/0x150 [ 1892.536652] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1892.541652] do_syscall_64+0x1b1/0x800 [ 1892.545527] ? finish_task_switch+0x1ca/0x840 [ 1892.550014] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1892.554938] ? syscall_return_slowpath+0x30f/0x5c0 [ 1892.559864] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1892.565226] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1892.570080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1892.575275] RIP: 0033:0x455a09 [ 1892.578463] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1892.586180] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1892.593439] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1892.600691] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1892.607946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1892.615215] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:56 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x40002, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000140)={0x0, 0x0, 0x10000, 0x4}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000180)={0x3, r1, 0x10002, 0x7d5f996}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x103000, 0x181) ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f00000000c0)) r3 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r3, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r3, &(0x7f0000000040)=ANY=[@ANYBLOB='\f'], 0x1) 2018/05/15 14:04:56 executing program 4 (fault-call:0 fault-nth:77): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:56 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:56 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:56 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000000000000000000000000007fffffe0000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:56 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:56 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000f4ec00", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:56 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f0000000980), 0x10000000000002f1) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[@ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYRES32=r0, @ANYPTR=&(0x7f0000000240)=ANY=[@ANYPTR64, @ANYRES64=r0, @ANYPTR, @ANYRES64=r0, @ANYBLOB="69aaccf08cfbb27d1baf1d8496ff44383e19c3eb1a709853ef7586ec09d4a3e3cc09b4e96503f04a733d3e3331692c09b258d2ceeded8ae7298670606b2d41ac690ac966f1ad4cec972ff1000633001ba0ec08306b5a2e"], @ANYRES32=r0, @ANYBLOB, @ANYRES16=r0, @ANYRES16=r0, @ANYRES16], @ANYPTR64=&(0x7f00000014c0)=ANY=[@ANYPTR=&(0x7f0000001440)=ANY=[@ANYPTR, @ANYPTR64, @ANYRES32=r0, @ANYRES64=r0], @ANYBLOB="f9730476c5ea6d07e7b8429d99a0435d7637439e51e4f65a2a6de82e2e19718dec2107091eae561dfae060c161ff0a4933e36b0653cf46d983db8198d5963b2731f4ba7b16a3657bea4244ba9b2b7426f3616d473af865358cdfe1a2d4c94507e102a271247f0179dfa7905b3cbe331514d68c2eb77d065ca67e5f31e7b29deaa9301c6b8ac6c675bf0b5ab5af1d8b8aeaa6e089b19166b4cb21f7ded7c1338567b58e81bad9f8381c809521d542cf6730", @ANYPTR=&(0x7f0000001480)=ANY=[@ANYPTR64]]], 0x10) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000180), &(0x7f00000001c0)=0xc) ppoll(&(0x7f0000000080)=[{r0, 0x10}, {r0, 0x40}, {r0, 0xa12d}, {r0, 0xc000}, {r0, 0x400c}], 0x5, &(0x7f0000000100)={r1, r2+10000000}, &(0x7f0000000140)={0xfffffffffffffffb}, 0x8) chroot(&(0x7f0000000040)='./file0\x00') ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000200)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) [ 1893.220767] FAULT_INJECTION: forcing a failure. [ 1893.220767] name failslab, interval 1, probability 0, space 0, times 0 [ 1893.232063] CPU: 0 PID: 4930 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1893.239268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1893.248629] Call Trace: [ 1893.251261] dump_stack+0x1b9/0x294 [ 1893.254906] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1893.260107] ? debug_check_no_locks_freed+0x310/0x310 [ 1893.265315] should_fail.cold.4+0xa/0x1a [ 1893.269399] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1893.274522] ? graph_lock+0x170/0x170 [ 1893.278340] ? print_usage_bug+0xc0/0xc0 [ 1893.282421] ? find_held_lock+0x36/0x1c0 [ 1893.286500] ? __lock_is_held+0xb5/0x140 [ 1893.290597] ? check_same_owner+0x320/0x320 [ 1893.294933] ? rcu_note_context_switch+0x710/0x710 [ 1893.299881] __should_failslab+0x124/0x180 [ 1893.304134] should_failslab+0x9/0x14 [ 1893.307948] kmem_cache_alloc+0x2af/0x760 [ 1893.312106] ? find_held_lock+0x36/0x1c0 [ 1893.316187] __d_alloc+0xc0/0xd30 2018/05/15 14:04:57 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1893.319769] ? shrink_dcache_for_umount+0x290/0x290 [ 1893.324794] ? __lock_acquire+0x7f5/0x5140 [ 1893.329032] ? rcu_is_watching+0x85/0x140 [ 1893.333197] ? debug_check_no_locks_freed+0x310/0x310 [ 1893.338432] ? graph_lock+0x170/0x170 [ 1893.342245] ? find_held_lock+0x36/0x1c0 [ 1893.346330] d_alloc+0x8e/0x370 [ 1893.349631] ? print_usage_bug+0xc0/0xc0 [ 1893.353704] ? __d_alloc+0xd30/0xd30 [ 1893.357443] d_alloc_parallel+0x152/0x1e80 [ 1893.361697] ? kobject_uevent+0x1f/0x30 [ 1893.365687] ? graph_lock+0x170/0x170 [ 1893.369506] ? __lock_acquire+0x7f5/0x5140 [ 1893.373768] ? __d_lookup_rcu+0xa80/0xa80 [ 1893.377936] ? print_usage_bug+0xc0/0xc0 [ 1893.382015] ? find_held_lock+0x36/0x1c0 [ 1893.386101] ? lock_downgrade+0x8e0/0x8e0 [ 1893.390263] ? mark_held_locks+0xc9/0x160 [ 1893.394425] ? __raw_spin_lock_init+0x1c/0x100 [ 1893.399024] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1893.404054] ? __lockdep_init_map+0x105/0x590 [ 1893.408565] ? __lockdep_init_map+0x105/0x590 [ 1893.413071] ? lockdep_init_map+0x9/0x10 [ 1893.417142] ? __init_waitqueue_head+0x96/0x140 2018/05/15 14:04:57 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000300", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1893.421821] ? init_wait_entry+0x1b0/0x1b0 [ 1893.426065] ? d_alloc_parallel+0x1e80/0x1e80 [ 1893.430570] ? lock_release+0xa10/0xa10 [ 1893.434558] ? graph_lock+0x170/0x170 [ 1893.438373] __lookup_slow+0x1e6/0x540 [ 1893.442285] ? vfs_unlink+0x510/0x510 [ 1893.446097] ? d_lookup+0x219/0x330 [ 1893.449752] lookup_one_len+0x1c7/0x210 [ 1893.453739] ? lookup_one_len_unlocked+0xf0/0xf0 [ 1893.458514] ? down_write+0x87/0x120 [ 1893.462250] ? start_creating+0xb1/0x200 [ 1893.466324] ? down_read+0x1b0/0x1b0 [ 1893.470046] ? mntput+0x74/0xa0 [ 1893.473339] ? simple_pin_fs+0xa4/0x190 [ 1893.477330] start_creating+0xc6/0x200 [ 1893.481239] debugfs_create_dir+0x23/0x3c0 [ 1893.485483] bdi_register_va.part.10+0x318/0x9b0 [ 1893.490244] ? cgwb_kill+0x630/0x630 [ 1893.493973] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1893.499648] ? bdi_init+0x416/0x510 [ 1893.503280] ? wb_init+0x9e0/0x9e0 [ 1893.506858] ? bdi_alloc_node+0x67/0xe0 [ 1893.510836] ? bdi_alloc_node+0x67/0xe0 [ 1893.514830] ? rcu_read_lock_sched_held+0x108/0x120 2018/05/15 14:04:57 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1893.519857] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1893.525143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1893.530784] ? refcount_sub_and_test+0x212/0x330 [ 1893.535554] bdi_register_va+0x68/0x80 [ 1893.539458] super_setup_bdi_name+0x123/0x220 [ 1893.543967] ? kill_block_super+0x100/0x100 [ 1893.548302] ? kmem_cache_alloc_trace+0x616/0x780 [ 1893.553162] fuse_fill_super+0xe6e/0x1e20 [ 1893.557326] ? fuse_get_root_inode+0x190/0x190 [ 1893.561928] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1893.567478] ? vsnprintf+0x242/0x1b40 [ 1893.571299] ? pointer+0xa20/0xa20 [ 1893.574863] ? vsprintf+0x40/0x40 [ 1893.578331] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1893.583359] ? set_blocksize+0x2c4/0x350 [ 1893.587443] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1893.593002] mount_bdev+0x30c/0x3e0 [ 1893.596638] ? fuse_get_root_inode+0x190/0x190 [ 1893.601243] fuse_mount_blk+0x34/0x40 [ 1893.605054] mount_fs+0xae/0x328 [ 1893.608446] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1893.613046] ? may_umount+0xb0/0xb0 [ 1893.616682] ? _raw_read_unlock+0x22/0x30 [ 1893.620834] ? __get_fs_type+0x97/0xc0 [ 1893.624730] do_mount+0x564/0x3070 [ 1893.628285] ? copy_mount_string+0x40/0x40 [ 1893.632564] ? rcu_pm_notify+0xc0/0xc0 [ 1893.636468] ? copy_mount_options+0x5f/0x380 [ 1893.640884] ? rcu_read_lock_sched_held+0x108/0x120 [ 1893.645909] ? kmem_cache_alloc_trace+0x616/0x780 [ 1893.650764] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1893.656316] ? _copy_from_user+0xdf/0x150 [ 1893.660479] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1893.666032] ? copy_mount_options+0x285/0x380 [ 1893.670547] ksys_mount+0x12d/0x140 [ 1893.674182] __x64_sys_mount+0xbe/0x150 [ 1893.678165] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1893.683192] do_syscall_64+0x1b1/0x800 [ 1893.687086] ? finish_task_switch+0x1ca/0x840 [ 1893.691597] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1893.696542] ? syscall_return_slowpath+0x30f/0x5c0 [ 1893.701489] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1893.706878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1893.711733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1893.716928] RIP: 0033:0x455a09 2018/05/15 14:04:57 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:57 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1893.720119] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1893.727838] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1893.735120] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1893.742398] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1893.749677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1893.756957] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:57 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:04:57 executing program 4 (fault-call:0 fault-nth:78): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:57 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1893.780303] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1893.880701] FAULT_INJECTION: forcing a failure. [ 1893.880701] name failslab, interval 1, probability 0, space 0, times 0 [ 1893.892115] CPU: 1 PID: 4964 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1893.899309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1893.908669] Call Trace: [ 1893.911273] dump_stack+0x1b9/0x294 [ 1893.914909] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1893.920118] ? d_add+0x605/0xa10 [ 1893.923490] ? lock_downgrade+0x8e0/0x8e0 [ 1893.927640] ? __kernel_text_address+0xd/0x40 [ 1893.932145] should_fail.cold.4+0xa/0x1a [ 1893.936212] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1893.941323] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1893.946349] ? graph_lock+0x170/0x170 [ 1893.950154] ? __lockdep_init_map+0x105/0x590 [ 1893.954659] ? find_held_lock+0x36/0x1c0 [ 1893.958726] ? __lock_is_held+0xb5/0x140 [ 1893.962805] ? check_same_owner+0x320/0x320 [ 1893.967134] ? rcu_note_context_switch+0x710/0x710 [ 1893.972073] __should_failslab+0x124/0x180 [ 1893.976314] should_failslab+0x9/0x14 [ 1893.980115] kmem_cache_alloc+0x2af/0x760 [ 1893.984271] alloc_inode+0xb2/0x190 [ 1893.987910] new_inode_pseudo+0x69/0x1a0 [ 1893.991983] ? prune_icache_sb+0x1a0/0x1a0 [ 1893.996228] ? down_read+0x1b0/0x1b0 [ 1893.999940] ? mntput+0x74/0xa0 [ 1894.003252] new_inode+0x1c/0x40 [ 1894.006631] debugfs_get_inode+0x19/0x120 [ 1894.010787] __debugfs_create_file+0xb5/0x400 [ 1894.015293] debugfs_create_file+0x57/0x70 [ 1894.019533] bdi_register_va.part.10+0x365/0x9b0 [ 1894.024293] ? cgwb_kill+0x630/0x630 [ 1894.028015] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1894.033552] ? bdi_init+0x416/0x510 [ 1894.037183] ? wb_init+0x9e0/0x9e0 [ 1894.040728] ? bdi_alloc_node+0x67/0xe0 [ 1894.044700] ? bdi_alloc_node+0x67/0xe0 [ 1894.048681] ? rcu_read_lock_sched_held+0x108/0x120 [ 1894.053703] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1894.058990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1894.064531] ? refcount_sub_and_test+0x212/0x330 [ 1894.069296] bdi_register_va+0x68/0x80 [ 1894.073187] super_setup_bdi_name+0x123/0x220 [ 1894.077681] ? kill_block_super+0x100/0x100 [ 1894.082006] ? kmem_cache_alloc_trace+0x616/0x780 [ 1894.086859] fuse_fill_super+0xe6e/0x1e20 [ 1894.091015] ? fuse_get_root_inode+0x190/0x190 [ 1894.095603] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1894.101143] ? vsnprintf+0x242/0x1b40 [ 1894.104953] ? pointer+0xa20/0xa20 [ 1894.108507] ? vsprintf+0x40/0x40 [ 1894.111964] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1894.117000] ? set_blocksize+0x2c4/0x350 [ 1894.121064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1894.126605] mount_bdev+0x30c/0x3e0 [ 1894.130237] ? fuse_get_root_inode+0x190/0x190 [ 1894.134823] fuse_mount_blk+0x34/0x40 [ 1894.138633] mount_fs+0xae/0x328 [ 1894.142009] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1894.146591] ? may_umount+0xb0/0xb0 [ 1894.150221] ? _raw_read_unlock+0x22/0x30 [ 1894.154367] ? __get_fs_type+0x97/0xc0 [ 1894.158265] do_mount+0x564/0x3070 [ 1894.161812] ? copy_mount_string+0x40/0x40 [ 1894.166065] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1894.171094] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1894.175856] ? retint_kernel+0x10/0x10 [ 1894.179751] ? copy_mount_options+0x1f0/0x380 [ 1894.184254] ? copy_mount_options+0x1f6/0x380 [ 1894.188752] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1894.194292] ? copy_mount_options+0x285/0x380 [ 1894.198791] ksys_mount+0x12d/0x140 [ 1894.202423] __x64_sys_mount+0xbe/0x150 [ 1894.206397] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1894.211416] do_syscall_64+0x1b1/0x800 [ 1894.215306] ? finish_task_switch+0x1ca/0x840 [ 1894.219806] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1894.224741] ? syscall_return_slowpath+0x30f/0x5c0 [ 1894.229679] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1894.235053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1894.239909] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1894.245097] RIP: 0033:0x455a09 [ 1894.248289] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1894.256008] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1894.263278] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1894.270545] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1894.277814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1894.285088] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:58 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000080)=""/137, 0x89}, {&(0x7f0000000140)=""/79, 0x4f}, {&(0x7f00000001c0)=""/37, 0x25}, {&(0x7f0000000200)=""/157, 0x9d}, {&(0x7f00000002c0)=""/135, 0x87}, {&(0x7f0000000380)=""/102, 0x66}], 0x6, &(0x7f0000000480)=""/24, 0x18, 0x3}, 0x101}], 0x1, 0x40000020, &(0x7f0000000500)) 2018/05/15 14:04:58 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000500", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:58 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:04:58 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000fffffffe00", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:58 executing program 4 (fault-call:0 fault-nth:79): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:04:58 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:04:58 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000010000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:04:58 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x4e23, @loopback=0x7f000001}, {0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x4, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xe}}, 'gre0\x00'}) syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0xffffffff, 0x400) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x0, 0x0) [ 1895.092770] FAULT_INJECTION: forcing a failure. [ 1895.092770] name failslab, interval 1, probability 0, space 0, times 0 [ 1895.104161] CPU: 0 PID: 4988 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1895.107955] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1895.111358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1895.111364] Call Trace: [ 1895.111397] dump_stack+0x1b9/0x294 [ 1895.111420] ? dump_stack_print_info.cold.2+0x52/0x52 2018/05/15 14:04:58 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1895.140938] ? d_add+0x605/0xa10 [ 1895.144320] ? lock_downgrade+0x8e0/0x8e0 [ 1895.148492] should_fail.cold.4+0xa/0x1a [ 1895.152572] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1895.157731] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1895.162764] ? graph_lock+0x170/0x170 [ 1895.166610] ? __lockdep_init_map+0x105/0x590 [ 1895.171120] ? find_held_lock+0x36/0x1c0 [ 1895.175203] ? __lock_is_held+0xb5/0x140 [ 1895.179294] ? check_same_owner+0x320/0x320 [ 1895.183632] ? rcu_note_context_switch+0x710/0x710 [ 1895.188575] __should_failslab+0x124/0x180 2018/05/15 14:04:58 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1895.192921] should_failslab+0x9/0x14 [ 1895.196730] kmem_cache_alloc+0x2af/0x760 [ 1895.200894] alloc_inode+0xb2/0x190 [ 1895.204526] new_inode_pseudo+0x69/0x1a0 [ 1895.208589] ? prune_icache_sb+0x1a0/0x1a0 [ 1895.212836] ? down_read+0x1b0/0x1b0 [ 1895.216556] ? mntput+0x74/0xa0 [ 1895.219850] new_inode+0x1c/0x40 [ 1895.223225] debugfs_get_inode+0x19/0x120 [ 1895.227387] debugfs_create_dir+0x75/0x3c0 [ 1895.231633] bdi_register_va.part.10+0x318/0x9b0 [ 1895.236400] ? cgwb_kill+0x630/0x630 [ 1895.240130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1895.245669] ? bdi_init+0x416/0x510 [ 1895.249305] ? wb_init+0x9e0/0x9e0 [ 1895.252855] ? bdi_alloc_node+0x67/0xe0 [ 1895.256833] ? bdi_alloc_node+0x67/0xe0 [ 1895.260808] ? rcu_read_lock_sched_held+0x108/0x120 [ 1895.265830] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1895.271123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1895.276668] ? refcount_sub_and_test+0x212/0x330 [ 1895.281437] bdi_register_va+0x68/0x80 [ 1895.285337] super_setup_bdi_name+0x123/0x220 2018/05/15 14:04:59 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000000000000000400", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1895.289837] ? kill_block_super+0x100/0x100 [ 1895.294167] ? kmem_cache_alloc_trace+0x616/0x780 [ 1895.299025] fuse_fill_super+0xe6e/0x1e20 [ 1895.303183] ? fuse_get_root_inode+0x190/0x190 [ 1895.307786] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1895.313328] ? vsnprintf+0x242/0x1b40 [ 1895.317140] ? pointer+0xa20/0xa20 [ 1895.320694] ? vsprintf+0x40/0x40 [ 1895.324159] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1895.329181] ? set_blocksize+0x2c4/0x350 [ 1895.333259] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1895.338811] mount_bdev+0x30c/0x3e0 2018/05/15 14:04:59 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1895.342444] ? fuse_get_root_inode+0x190/0x190 [ 1895.347040] fuse_mount_blk+0x34/0x40 [ 1895.350856] mount_fs+0xae/0x328 [ 1895.354240] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1895.358831] ? may_umount+0xb0/0xb0 [ 1895.362467] ? _raw_read_unlock+0x22/0x30 [ 1895.366620] ? __get_fs_type+0x97/0xc0 [ 1895.370521] do_mount+0x564/0x3070 [ 1895.374072] ? copy_mount_string+0x40/0x40 [ 1895.378320] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1895.383354] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1895.388128] ? retint_kernel+0x10/0x10 [ 1895.392061] ? copy_mount_options+0x1f0/0x380 [ 1895.396571] ? copy_mount_options+0x1f6/0x380 [ 1895.401091] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1895.406632] ? copy_mount_options+0x285/0x380 [ 1895.411138] ksys_mount+0x12d/0x140 [ 1895.414769] __x64_sys_mount+0xbe/0x150 [ 1895.418751] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1895.423786] do_syscall_64+0x1b1/0x800 [ 1895.427682] ? finish_task_switch+0x1ca/0x840 [ 1895.432186] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1895.437122] ? syscall_return_slowpath+0x30f/0x5c0 2018/05/15 14:04:59 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000100", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1895.442062] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1895.447436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1895.452290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1895.457479] RIP: 0033:0x455a09 [ 1895.460666] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1895.468383] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1895.475656] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1895.482929] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 2018/05/15 14:04:59 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000400", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:04:59 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7400000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1895.490202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1895.497469] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:04:59 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000040000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1895.587811] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:05:00 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000080)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0x7f, 0x1, 0x773e, {0x0, 0x989680}}) 2018/05/15 14:05:00 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "00000002b000", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:00 executing program 4 (fault-call:0 fault-nth:80): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:05:00 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18100000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:05:00 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:05:00 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000880000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:00 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000040)={0x3, {{0x2, 0x4e23, @broadcast=0xffffffff}}, 0x1, 0x5, [{{0x2, 0x4e22, @rand_addr=0x8}}, {{0x2, 0x4e23, @loopback=0x7f000001}}, {{0x2, 0x4e24}}, {{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}, {{0x2, 0x4e24}}]}, 0x310) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:05:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1896.373599] FAULT_INJECTION: forcing a failure. [ 1896.373599] name failslab, interval 1, probability 0, space 0, times 0 [ 1896.384924] CPU: 1 PID: 5037 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1896.392121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1896.401476] Call Trace: [ 1896.404087] dump_stack+0x1b9/0x294 [ 1896.407737] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1896.412949] ? d_add+0x605/0xa10 [ 1896.416330] ? lock_downgrade+0x8e0/0x8e0 [ 1896.420493] ? __kernel_text_address+0xd/0x40 [ 1896.425017] should_fail.cold.4+0xa/0x1a [ 1896.429097] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1896.434228] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1896.439257] ? graph_lock+0x170/0x170 [ 1896.443065] ? __lockdep_init_map+0x105/0x590 [ 1896.447574] ? find_held_lock+0x36/0x1c0 [ 1896.451779] ? __lock_is_held+0xb5/0x140 [ 1896.455862] ? check_same_owner+0x320/0x320 [ 1896.460297] ? rcu_note_context_switch+0x710/0x710 [ 1896.465243] __should_failslab+0x124/0x180 [ 1896.469490] should_failslab+0x9/0x14 [ 1896.473307] kmem_cache_alloc+0x2af/0x760 [ 1896.477509] alloc_inode+0xb2/0x190 [ 1896.481155] new_inode_pseudo+0x69/0x1a0 [ 1896.485225] ? prune_icache_sb+0x1a0/0x1a0 [ 1896.489475] ? down_read+0x1b0/0x1b0 [ 1896.493249] ? mntput+0x74/0xa0 [ 1896.496543] new_inode+0x1c/0x40 [ 1896.499920] debugfs_get_inode+0x19/0x120 [ 1896.504076] __debugfs_create_file+0xb5/0x400 [ 1896.508587] debugfs_create_file+0x57/0x70 [ 1896.512848] bdi_register_va.part.10+0x365/0x9b0 [ 1896.517613] ? cgwb_kill+0x630/0x630 [ 1896.521336] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1896.526877] ? bdi_init+0x416/0x510 [ 1896.530513] ? wb_init+0x9e0/0x9e0 [ 1896.534062] ? bdi_alloc_node+0x67/0xe0 [ 1896.538042] ? bdi_alloc_node+0x67/0xe0 [ 1896.542022] ? rcu_read_lock_sched_held+0x108/0x120 [ 1896.547054] ? kmem_cache_alloc_node_trace+0x34e/0x770 [ 1896.552343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1896.557896] ? refcount_sub_and_test+0x212/0x330 [ 1896.562665] bdi_register_va+0x68/0x80 [ 1896.566563] super_setup_bdi_name+0x123/0x220 [ 1896.571072] ? kill_block_super+0x100/0x100 [ 1896.575404] ? kmem_cache_alloc_trace+0x616/0x780 [ 1896.580270] fuse_fill_super+0xe6e/0x1e20 [ 1896.584431] ? fuse_get_root_inode+0x190/0x190 [ 1896.589025] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1896.594568] ? vsnprintf+0x242/0x1b40 [ 1896.598373] ? pointer+0xa20/0xa20 [ 1896.601908] ? vsprintf+0x40/0x40 [ 1896.605380] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1896.610385] ? set_blocksize+0x2c4/0x350 [ 1896.614449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1896.619978] mount_bdev+0x30c/0x3e0 [ 1896.623595] ? fuse_get_root_inode+0x190/0x190 [ 1896.628166] fuse_mount_blk+0x34/0x40 [ 1896.631970] mount_fs+0xae/0x328 [ 1896.635326] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1896.639900] ? may_umount+0xb0/0xb0 [ 1896.643512] ? _raw_read_unlock+0x22/0x30 [ 1896.647642] ? __get_fs_type+0x97/0xc0 [ 1896.651550] do_mount+0x564/0x3070 [ 1896.655083] ? copy_mount_string+0x40/0x40 [ 1896.659303] ? rcu_pm_notify+0xc0/0xc0 [ 1896.663182] ? copy_mount_options+0x5f/0x380 [ 1896.667575] ? rcu_read_lock_sched_held+0x108/0x120 [ 1896.672577] ? kmem_cache_alloc_trace+0x616/0x780 [ 1896.677412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1896.682935] ? _copy_from_user+0xdf/0x150 [ 1896.687073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1896.692592] ? copy_mount_options+0x285/0x380 [ 1896.697073] ksys_mount+0x12d/0x140 [ 1896.700686] __x64_sys_mount+0xbe/0x150 [ 1896.704645] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1896.709647] do_syscall_64+0x1b1/0x800 [ 1896.713517] ? finish_task_switch+0x1ca/0x840 [ 1896.717998] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1896.722919] ? syscall_return_slowpath+0x30f/0x5c0 [ 1896.727836] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1896.733192] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1896.738031] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1896.743205] RIP: 0033:0x455a09 [ 1896.746377] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1896.754072] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1896.761334] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:05:00 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000003000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "000000000000000000000000000000000000000200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1896.768597] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1896.775852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1896.783107] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1896.793487] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:05:00 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2800}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:05:00 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000000000200", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:00 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1896.899912] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:05:00 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000060000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000b00200", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:00 executing program 4 (fault-call:0 fault-nth:81): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) [ 1897.060231] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1897.065692] FAULT_INJECTION: forcing a failure. [ 1897.065692] name failslab, interval 1, probability 0, space 0, times 0 [ 1897.080418] CPU: 0 PID: 5072 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1897.087608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1897.096956] Call Trace: [ 1897.099551] dump_stack+0x1b9/0x294 [ 1897.103187] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1897.108381] ? lockdep_init_map+0x9/0x10 [ 1897.112445] should_fail.cold.4+0xa/0x1a [ 1897.116511] ? do_raw_write_unlock.cold.8+0x3d/0x3d [ 1897.121531] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1897.126641] ? graph_lock+0x170/0x170 [ 1897.130440] ? find_held_lock+0x36/0x1c0 [ 1897.134504] ? find_held_lock+0x36/0x1c0 [ 1897.138570] ? __lock_is_held+0xb5/0x140 [ 1897.142650] ? check_same_owner+0x320/0x320 [ 1897.146984] ? make_kgid+0x23/0x30 [ 1897.150530] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 1897.156091] ? rcu_note_context_switch+0x710/0x710 [ 1897.161023] __should_failslab+0x124/0x180 [ 1897.165263] should_failslab+0x9/0x14 [ 1897.169064] kmem_cache_alloc+0x2af/0x760 [ 1897.173224] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1897.177809] ? kasan_check_write+0x14/0x20 [ 1897.182047] ? do_raw_spin_lock+0xc1/0x200 [ 1897.186295] __d_alloc+0xc0/0xd30 [ 1897.189754] ? fuse_iget+0x1dd/0x820 [ 1897.193472] ? shrink_dcache_for_umount+0x290/0x290 [ 1897.198494] ? fuse_change_attributes+0x810/0x810 [ 1897.203348] ? fuse_get_root_inode+0x121/0x190 [ 1897.207932] ? fuse_iget+0x820/0x820 [ 1897.211660] d_make_root+0x42/0x90 [ 1897.215204] fuse_fill_super+0x120e/0x1e20 [ 1897.219447] ? fuse_get_root_inode+0x190/0x190 [ 1897.224035] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1897.229572] ? vsnprintf+0x242/0x1b40 [ 1897.233384] ? pointer+0xa20/0xa20 [ 1897.236934] ? vsprintf+0x40/0x40 [ 1897.240391] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1897.245412] ? set_blocksize+0x2c4/0x350 [ 1897.249480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1897.255024] mount_bdev+0x30c/0x3e0 [ 1897.258656] ? fuse_get_root_inode+0x190/0x190 [ 1897.263242] fuse_mount_blk+0x34/0x40 [ 1897.267046] mount_fs+0xae/0x328 [ 1897.270421] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1897.275002] ? may_umount+0xb0/0xb0 [ 1897.278632] ? _raw_read_unlock+0x22/0x30 [ 1897.282779] ? __get_fs_type+0x97/0xc0 [ 1897.286696] do_mount+0x564/0x3070 [ 1897.290245] ? copy_mount_string+0x40/0x40 [ 1897.294482] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1897.299245] ? retint_kernel+0x10/0x10 [ 1897.303145] ? copy_mount_options+0x1f0/0x380 [ 1897.307641] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 1897.312485] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1897.318023] ? copy_mount_options+0x285/0x380 [ 1897.322522] ksys_mount+0x12d/0x140 [ 1897.326154] __x64_sys_mount+0xbe/0x150 [ 1897.330133] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1897.335155] do_syscall_64+0x1b1/0x800 [ 1897.339042] ? finish_task_switch+0x1ca/0x840 [ 1897.343544] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1897.348482] ? syscall_return_slowpath+0x30f/0x5c0 [ 1897.353417] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1897.358788] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1897.363642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1897.368832] RIP: 0033:0x455a09 [ 1897.372018] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1897.379728] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1897.386993] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1897.394276] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1897.401549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1897.408814] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:05:01 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x368}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="9f"], 0x1) 2018/05/15 14:05:01 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00\x00\x00\x00\x00\x00\a\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000050000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:01 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8f000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:05:01 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r0, 0xc0405519, &(0x7f0000000040)={0x81, 0x7, 0x1, 0x3f, "96e5d47079e18fcadb2fd623c6db03ef46952e541c2ae3182d953c1abfb12af6a6364854141a9a2cb9fe2d85", 0x4}) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:05:01 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)="2e2f636f6e74726f6c2f66696c653001", 0x0) close(r0) 2018/05/15 14:05:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:01 executing program 4 (fault-call:0 fault-nth:82): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000020000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:01 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1897.535567] FAULT_INJECTION: forcing a failure. [ 1897.535567] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1897.547429] CPU: 1 PID: 5094 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1897.554625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1897.563991] Call Trace: [ 1897.566597] dump_stack+0x1b9/0x294 [ 1897.570251] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1897.575456] ? __lock_acquire+0x7f5/0x5140 [ 1897.579721] should_fail.cold.4+0xa/0x1a 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000700000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1897.583804] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1897.588939] ? find_held_lock+0x36/0x1c0 [ 1897.593009] ? graph_lock+0x170/0x170 [ 1897.596828] ? lock_acquire+0x1dc/0x520 [ 1897.600816] ? lock_downgrade+0x8e0/0x8e0 [ 1897.604985] ? find_held_lock+0x36/0x1c0 [ 1897.609071] __alloc_pages_nodemask+0x34e/0xd70 [ 1897.613757] ? kasan_check_read+0x11/0x20 [ 1897.617922] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 1897.622961] ? rcu_read_unlock+0x35/0x70 [ 1897.627044] ? __lock_is_held+0xb5/0x140 [ 1897.631134] ? check_same_owner+0x320/0x320 [ 1897.635474] ? graph_lock+0x170/0x170 [ 1897.639294] cache_grow_begin+0x72/0x6c0 [ 1897.643373] kmem_cache_alloc+0x689/0x760 [ 1897.647532] ? find_held_lock+0x36/0x1c0 [ 1897.651611] fuse_alloc_inode+0x96/0x4f0 [ 1897.655692] ? fuse_dev_alloc+0x4e0/0x4e0 [ 1897.659854] ? lock_downgrade+0x8e0/0x8e0 [ 1897.664020] ? kasan_check_read+0x11/0x20 [ 1897.664956] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1897.668173] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1897.668192] ? do_raw_spin_trylock+0x1b0/0x1b0 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000004000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1897.668214] ? kasan_check_write+0x14/0x20 [ 1897.668234] ? find_inode.isra.19+0xc3/0x1d0 [ 1897.694564] ? fuse_dev_alloc+0x4e0/0x4e0 [ 1897.698728] alloc_inode+0x63/0x190 [ 1897.702370] iget5_locked+0x20e/0x570 [ 1897.706180] ? fuse_inode_eq+0x80/0x80 [ 1897.710077] ? fuse_init_file_inode+0x70/0x70 [ 1897.714586] ? inode_lru_isolate+0x580/0x580 [ 1897.719000] ? cgwb_kill+0x630/0x630 [ 1897.722725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1897.728279] ? print_usage_bug+0xc0/0xc0 [ 1897.732353] fuse_iget+0x1cc/0x820 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000010000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1897.735907] ? fuse_change_attributes+0x810/0x810 [ 1897.740771] fuse_get_root_inode+0x121/0x190 [ 1897.745193] ? fuse_iget+0x820/0x820 [ 1897.748929] ? _raw_spin_unlock_bh+0x30/0x40 [ 1897.753353] ? bdi_set_max_ratio+0x112/0x150 [ 1897.757780] fuse_fill_super+0x11e0/0x1e20 [ 1897.762036] ? fuse_get_root_inode+0x190/0x190 [ 1897.766652] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1897.772207] ? vsnprintf+0x242/0x1b40 [ 1897.776027] ? pointer+0xa20/0xa20 [ 1897.779589] ? vsprintf+0x40/0x40 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000003780000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1897.783067] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1897.788100] ? set_blocksize+0x2c4/0x350 [ 1897.792175] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1897.797728] mount_bdev+0x30c/0x3e0 [ 1897.801371] ? fuse_get_root_inode+0x190/0x190 [ 1897.805976] fuse_mount_blk+0x34/0x40 [ 1897.809788] mount_fs+0xae/0x328 [ 1897.813166] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1897.817755] ? may_umount+0xb0/0xb0 [ 1897.821387] ? _raw_read_unlock+0x22/0x30 [ 1897.825541] ? __get_fs_type+0x97/0xc0 [ 1897.829439] do_mount+0x564/0x3070 [ 1897.832991] ? copy_mount_string+0x40/0x40 [ 1897.837235] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1897.842267] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1897.847036] ? retint_kernel+0x10/0x10 [ 1897.850942] ? copy_mount_options+0x1d9/0x380 [ 1897.855447] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1897.860996] ? copy_mount_options+0x285/0x380 [ 1897.865491] ksys_mount+0x12d/0x140 [ 1897.869109] __x64_sys_mount+0xbe/0x150 [ 1897.873070] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1897.878081] do_syscall_64+0x1b1/0x800 [ 1897.881955] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 1897.886788] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1897.891706] ? syscall_return_slowpath+0x30f/0x5c0 [ 1897.896625] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1897.901979] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1897.906813] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1897.911989] RIP: 0033:0x455a09 [ 1897.915165] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1897.922856] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1897.930114] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 2018/05/15 14:05:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000000000000000100", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1897.937371] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1897.944627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1897.951886] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:05:01 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000110000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1897.998634] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested 2018/05/15 14:05:02 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[@ANYPTR64=&(0x7f0000000200)=ANY=[@ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRES64=r0, @ANYBLOB="f8b8553ed2ed9b2bc8e8f59d9b17f874ff8ad0927fef82c80614a9f4c4a789465b29a9109351cb90b219b95a8dc87fe3219e0c72be912551c41013220cf5afd5d5c12bc949", @ANYPTR64, @ANYRES64=r0], @ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES32=r0, @ANYPTR64, @ANYBLOB="3954644de92064ab0eda7488fcfcc488095bc1e78063686b5a0a5b7d2c4a6355471e79a6135622125a614cee79466ed233fe688b39b1fa5e8e14a4259320c2b7cb55c47004d2280d39d17ee5e60d1aa7c7d1f0840be7ee2071404161990f85070db275ef149246b39a5631081b70ef44bf04303cdb8193eb6530a98a9c6fb2e6f1386eb9b58f3a20ed3bb38f3a915b771435f9580f6e52fc481664d7745dc0d5b3ec122b5ae02dc1cec9090ab65a04956b3a6d7a277db101f45359e58a3fbd9266f1f6", @ANYRES32=r0, @ANYPTR64, @ANYBLOB, @ANYRES32=r0, @ANYPTR64], @ANYRES32=r0, @ANYRES32=r0, @ANYRES16=r0, @ANYBLOB="488e913032781a4f90e104a022b762b420c218cfa73986c78ca9c88d87318d907542a120e65a8e4f825b8a92845cec0aa93bcd8d166f7ec9633dc8b54687f8f2b4d96d47895316e0c7aff7b124a98220f7bc1fb55dec309e130187be6bb9a4f35b216217976b6526232ad5195d193e8e1285658a0920932743a11e11d64821bab974a6ecf517a0822bc01c9a6fba7bf5eabb5c0e", @ANYRES16=r0]], 0x8) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f00000002c0)=@req={0x28, &(0x7f0000000040)={'ip6tnl0\x00', @ifru_hwaddr=@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}}) 2018/05/15 14:05:02 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000040)={0x0, 0xf7, "61325b18daace28449ce48526511ee20a985b13802aac8213bddbb1a62577ba211bbbe26095beca8c22fd689cee2d2a241f769921484e31c2d1fd196ea3854eef20e1571c18e4ab152fa4a81f0178778cd3db46bd62393e93856c995c208a8c827583eae41d24ab8b653735ac82ce668aab846e8318fff73d6a09494a47b8562bed61d735f5564f370f5086136d1be4db945e0c798987240dc552f0f0efffd66467d531899a151d4036343325b61762a71d2add0533df4dcc4d40ca04985cd9bb9177daa06b508c1be96abedc72b56ed328a50ca809151d6799bdc761224e7b7d687d81d1d59227b2f5c6f5105d9d9d573e02909d94483"}, &(0x7f0000000140)=0xff) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000180)={r1, 0x72}, &(0x7f00000001c0)=0x8) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0xffffffffffffffc1}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) 2018/05/15 14:05:02 executing program 1: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') mkdir(&(0x7f0000000200)='./control/file0\x00', 0x0) close(r0) 2018/05/15 14:05:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "0000000000000500", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:02 executing program 4 (fault-call:0 fault-nth:83): syz_fuseblk_mount(&(0x7f0000000880)='./file0\x00', &(0x7f00000008c0)='./file0\x00', 0xa000, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/05/15 14:05:02 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, "00000000000000000000000000000000000600", 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) 2018/05/15 14:05:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000300000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c00}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1898.648132] FAULT_INJECTION: forcing a failure. [ 1898.648132] name failslab, interval 1, probability 0, space 0, times 0 [ 1898.659514] CPU: 1 PID: 5128 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1898.666729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1898.676097] Call Trace: [ 1898.678707] dump_stack+0x1b9/0x294 [ 1898.682353] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1898.687555] ? finish_task_switch+0x1ca/0x840 [ 1898.692071] ? finish_task_switch+0x182/0x840 [ 1898.696597] should_fail.cold.4+0xa/0x1a [ 1898.700681] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1898.705811] ? __schedule+0x809/0x1e30 [ 1898.709718] ? print_usage_bug+0xc0/0xc0 [ 1898.713809] ? __sched_text_start+0x8/0x8 [ 1898.717976] ? find_held_lock+0x36/0x1c0 [ 1898.722055] ? __lock_is_held+0xb5/0x140 [ 1898.726150] ? check_same_owner+0x320/0x320 [ 1898.730471] ? __mutex_init+0x1ef/0x280 [ 1898.734449] ? __ia32_sys_membarrier+0x150/0x150 [ 1898.739212] __should_failslab+0x124/0x180 [ 1898.743452] should_failslab+0x9/0x14 [ 1898.747257] kmem_cache_alloc_trace+0x2cb/0x780 [ 1898.751929] ? init_wait_entry+0x1b0/0x1b0 [ 1898.756191] fuse_alloc_inode+0x3ae/0x4f0 [ 1898.760364] ? fuse_dev_alloc+0x4e0/0x4e0 [ 1898.764527] ? lock_downgrade+0x8e0/0x8e0 [ 1898.768695] ? kasan_check_read+0x11/0x20 [ 1898.772864] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1898.777294] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1898.781903] ? kasan_check_write+0x14/0x20 [ 1898.784490] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1898.786155] ? find_inode.isra.19+0xc3/0x1d0 [ 1898.786178] ? fuse_dev_alloc+0x4e0/0x4e0 [ 1898.803463] alloc_inode+0x63/0x190 [ 1898.807095] iget5_locked+0x20e/0x570 [ 1898.810900] ? fuse_inode_eq+0x80/0x80 [ 1898.814801] ? fuse_init_file_inode+0x70/0x70 [ 1898.819318] ? inode_lru_isolate+0x580/0x580 [ 1898.823738] ? cgwb_kill+0x630/0x630 [ 1898.827469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1898.833018] ? print_usage_bug+0xc0/0xc0 [ 1898.837090] fuse_iget+0x1cc/0x820 [ 1898.840648] ? fuse_change_attributes+0x810/0x810 2018/05/15 14:05:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x69}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 2018/05/15 14:05:02 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1898.845503] fuse_get_root_inode+0x121/0x190 [ 1898.849917] ? fuse_iget+0x820/0x820 [ 1898.853650] ? _raw_spin_unlock_bh+0x30/0x40 [ 1898.858066] ? bdi_set_max_ratio+0x112/0x150 [ 1898.862496] fuse_fill_super+0x11e0/0x1e20 [ 1898.866751] ? fuse_get_root_inode+0x190/0x190 [ 1898.871360] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1898.876909] ? vsnprintf+0x242/0x1b40 [ 1898.880730] ? pointer+0xa20/0xa20 [ 1898.884307] ? vsprintf+0x40/0x40 [ 1898.887780] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1898.892810] ? set_blocksize+0x2c4/0x350 2018/05/15 14:05:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000037800000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) [ 1898.896885] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1898.902440] mount_bdev+0x30c/0x3e0 [ 1898.906082] ? fuse_get_root_inode+0x190/0x190 [ 1898.910674] fuse_mount_blk+0x34/0x40 [ 1898.914490] mount_fs+0xae/0x328 [ 1898.917873] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1898.922471] ? may_umount+0xb0/0xb0 [ 1898.926107] ? _raw_read_unlock+0x22/0x30 [ 1898.930264] ? __get_fs_type+0x97/0xc0 [ 1898.934170] do_mount+0x564/0x3070 [ 1898.937732] ? copy_mount_string+0x40/0x40 [ 1898.941978] ? rcu_pm_notify+0xc0/0xc0 2018/05/15 14:05:02 executing program 6: r0 = socket(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x44}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6100000000000000}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) [ 1898.945888] ? copy_mount_options+0x5f/0x380 [ 1898.950309] ? rcu_read_lock_sched_held+0x108/0x120 [ 1898.955340] ? kmem_cache_alloc_trace+0x616/0x780 [ 1898.960209] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1898.965767] ? _copy_from_user+0xdf/0x150 [ 1898.969940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1898.975500] ? copy_mount_options+0x285/0x380 [ 1898.980017] ksys_mount+0x12d/0x140 [ 1898.983666] __x64_sys_mount+0xbe/0x150 [ 1898.987668] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1898.992700] do_syscall_64+0x1b1/0x800 [ 1898.996598] ? finish_task_switch+0x1ca/0x840 [ 1899.001106] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1899.006045] ? syscall_return_slowpath+0x30f/0x5c0 [ 1899.010995] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1899.016392] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1899.021249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1899.026429] RIP: 0033:0x455a09 [ 1899.029620] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1899.037315] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 2018/05/15 14:05:02 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x80103) readv(r0, &(0x7f00000007c0)=[{&(0x7f0000000740)=""/114, 0x72}], 0x1) write$binfmt_elf64(r0, &(0x7f0000000040)=ANY=[], 0x0) [ 1899.044578] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1899.051842] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1899.059103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1899.066362] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/05/15 14:05:02 executing program 7: r0 = socket(0xa, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@nat={'rat\x00', 0x19, 0x2, 0x378, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x0, &(0x7f0000000000), &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000030000000000000000007663616e30000000000000000000000062726964676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000080200000802000040020000636f6d6d656e740000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000000000000000000000000000000000000000000000000000000aaaaaaaaaa00000000000000000000000000000000000000000000000000000030000074574c0474000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa00000000000000000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e300000000000000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a80000006172707265706c790015eecd2a0000000000000000000000000000000000000010000000000000000180c200000000000000000000000000"]}, 0x3f0) 2018/05/15 14:05:02 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={"62726f7574657fffffff00", 0x20, 0x2, 0x2b0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000600], 0x2, &(0x7f0000000240), &(0x7f0000000600)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, "000000000600", 0x0, 0xffffffffffffffff, 0x2, [{{{0x15, 0x0, 0x0, 'bcsf0\x00', 'bond_slave_1\x00', 'yam0\x00', 'team_slave_0\x00', @link_local={0x1, 0x80, 0xc2}, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xb0, 0x130, 0x180, [@statistic={'statistic\x00', 0x18}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@LED={'LED\x00', 0x28, {{'syz1\x00'}}}]}, @common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x7, 'syz0\x00'}}}}, {{{0x15, 0x0, 0x0, 'veth0_to_bridge\x00', 'ipddp0\x00', 'syz_tun\x00', 'rose0\x00', @random="60f9a9d474aa", [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x328) [ 1899.115331] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested [ 1899.123781] ================================================================== [ 1899.131512] BUG: KASAN: use-after-free in __lock_acquire+0x3888/0x5140 [ 1899.138195] Read of size 8 at addr ffff8801d3390bc8 by task syz-executor4/5128 [ 1899.145565] [ 1899.147201] CPU: 1 PID: 5128 Comm: syz-executor4 Not tainted 4.17.0-rc5+ #51 [ 1899.154388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1899.163744] Call Trace: [ 1899.166340] dump_stack+0x1b9/0x294 [ 1899.169969] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1899.175161] ? printk+0x9e/0xba [ 1899.178438] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 1899.183194] ? kasan_check_write+0x14/0x20 [ 1899.187433] print_address_description+0x6c/0x20b [ 1899.192275] ? __lock_acquire+0x3888/0x5140 [ 1899.196592] kasan_report.cold.7+0x242/0x2fe [ 1899.201001] __asan_report_load8_noabort+0x14/0x20 [ 1899.205928] __lock_acquire+0x3888/0x5140 [ 1899.210075] ? lock_downgrade+0x8e0/0x8e0 [ 1899.214221] ? kasan_check_read+0x11/0x20 [ 1899.218367] ? rcu_is_watching+0x85/0x140 [ 1899.222513] ? debug_check_no_locks_freed+0x310/0x310 [ 1899.227701] ? is_bpf_text_address+0xd7/0x170 [ 1899.232181] ? kernel_text_address+0x79/0xf0 [ 1899.236573] ? __unwind_start+0x166/0x330 [ 1899.240704] ? __kernel_text_address+0xd/0x40 [ 1899.245183] ? unwind_get_return_address+0x61/0xa0 [ 1899.250094] ? __save_stack_trace+0x7e/0xd0 [ 1899.254400] ? save_stack+0xa9/0xd0 [ 1899.258013] ? save_stack+0x43/0xd0 [ 1899.261627] ? __kasan_slab_free+0x11a/0x170 [ 1899.266024] ? kasan_slab_free+0xe/0x10 [ 1899.269983] ? kfree+0xd9/0x260 [ 1899.273246] ? unregister_shrinker+0x216/0x3a0 [ 1899.277812] ? deactivate_locked_super+0x70/0x100 [ 1899.282639] ? mount_bdev+0x37d/0x3e0 [ 1899.286429] ? fuse_mount_blk+0x34/0x40 [ 1899.290393] ? mount_fs+0xae/0x328 [ 1899.293917] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1899.298652] ? do_mount+0x564/0x3070 [ 1899.302347] ? ksys_mount+0x12d/0x140 [ 1899.306129] ? graph_lock+0x170/0x170 [ 1899.309915] ? kasan_check_read+0x11/0x20 [ 1899.314047] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1899.318439] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1899.323018] ? print_usage_bug+0xc0/0xc0 [ 1899.327065] ? kasan_check_write+0x14/0x20 [ 1899.331283] ? do_raw_spin_lock+0xc1/0x200 [ 1899.335500] lock_acquire+0x1dc/0x520 [ 1899.339284] ? fuse_kill_sb_blk+0x50/0xb0 [ 1899.343413] ? lock_release+0xa10/0xa10 [ 1899.347369] ? check_same_owner+0x320/0x320 [ 1899.351669] ? quarantine_put+0xeb/0x190 [ 1899.355714] ? rcu_note_context_switch+0x710/0x710 [ 1899.360628] ? __might_sleep+0x95/0x190 [ 1899.364598] down_write+0x87/0x120 [ 1899.368130] ? fuse_kill_sb_blk+0x50/0xb0 [ 1899.372258] ? down_read+0x1b0/0x1b0 [ 1899.375956] ? perf_trace_mm_vmscan_writepage+0x750/0x750 [ 1899.381476] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1899.386476] fuse_kill_sb_blk+0x50/0xb0 [ 1899.390997] deactivate_locked_super+0x97/0x100 [ 1899.395654] mount_bdev+0x37d/0x3e0 [ 1899.399262] ? fuse_get_root_inode+0x190/0x190 [ 1899.403824] fuse_mount_blk+0x34/0x40 [ 1899.407608] mount_fs+0xae/0x328 [ 1899.410958] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1899.415524] ? may_umount+0xb0/0xb0 [ 1899.419134] ? _raw_read_unlock+0x22/0x30 [ 1899.423260] ? __get_fs_type+0x97/0xc0 [ 1899.427129] do_mount+0x564/0x3070 [ 1899.430651] ? copy_mount_string+0x40/0x40 [ 1899.434867] ? rcu_pm_notify+0xc0/0xc0 [ 1899.438738] ? copy_mount_options+0x5f/0x380 [ 1899.443127] ? rcu_read_lock_sched_held+0x108/0x120 [ 1899.448127] ? kmem_cache_alloc_trace+0x616/0x780 [ 1899.452957] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1899.458476] ? _copy_from_user+0xdf/0x150 [ 1899.462608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1899.468126] ? copy_mount_options+0x285/0x380 [ 1899.472602] ksys_mount+0x12d/0x140 [ 1899.476210] __x64_sys_mount+0xbe/0x150 [ 1899.480167] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1899.485169] do_syscall_64+0x1b1/0x800 [ 1899.489041] ? finish_task_switch+0x1ca/0x840 [ 1899.493540] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1899.498451] ? syscall_return_slowpath+0x30f/0x5c0 [ 1899.503364] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1899.508709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1899.513536] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1899.518705] RIP: 0033:0x455a09 [ 1899.521875] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1899.529569] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1899.536818] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1899.544072] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1899.551329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1899.558580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1899.565832] [ 1899.567518] Allocated by task 5128: [ 1899.571133] save_stack+0x43/0xd0 [ 1899.574569] kasan_kmalloc+0xc4/0xe0 [ 1899.578264] kmem_cache_alloc_trace+0x152/0x780 [ 1899.582913] fuse_fill_super+0xc92/0x1e20 [ 1899.587044] mount_bdev+0x30c/0x3e0 [ 1899.590651] fuse_mount_blk+0x34/0x40 [ 1899.594432] mount_fs+0xae/0x328 [ 1899.597782] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1899.602343] do_mount+0x564/0x3070 [ 1899.605865] ksys_mount+0x12d/0x140 [ 1899.609475] __x64_sys_mount+0xbe/0x150 [ 1899.613434] do_syscall_64+0x1b1/0x800 [ 1899.617303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1899.622466] [ 1899.624071] Freed by task 5146: [ 1899.627333] save_stack+0x43/0xd0 [ 1899.630767] __kasan_slab_free+0x11a/0x170 [ 1899.634989] kasan_slab_free+0xe/0x10 [ 1899.638782] kfree+0xd9/0x260 [ 1899.641872] rcu_process_callbacks+0xa69/0x15f0 [ 1899.646522] __do_softirq+0x2e0/0xaf5 [ 1899.650317] [ 1899.651926] The buggy address belongs to the object at ffff8801d3390900 [ 1899.651926] which belongs to the cache kmalloc-1024 of size 1024 [ 1899.664737] The buggy address is located 712 bytes inside of [ 1899.664737] 1024-byte region [ffff8801d3390900, ffff8801d3390d00) [ 1899.676677] The buggy address belongs to the page: [ 1899.681586] page:ffffea00074ce400 count:1 mapcount:0 mapping:ffff8801d3390000 index:0xffff8801d3391200 compound_mapcount: 0 [ 1899.692836] flags: 0x2fffc0000008100(slab|head) [ 1899.697490] raw: 02fffc0000008100 ffff8801d3390000 ffff8801d3391200 0000000100000003 [ 1899.705355] raw: ffffea0006cd7d20 ffffea00072732a0 ffff8801da800ac0 0000000000000000 [ 1899.713214] page dumped because: kasan: bad access detected [ 1899.718898] [ 1899.720506] Memory state around the buggy address: [ 1899.725414] ffff8801d3390a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1899.732754] ffff8801d3390b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1899.740096] >ffff8801d3390b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1899.747431] ^ [ 1899.753121] ffff8801d3390c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1899.760458] ffff8801d3390c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1899.767792] ================================================================== [ 1899.775138] Disabling lock debugging due to kernel taint [ 1899.780565] Kernel panic - not syncing: panic_on_warn set ... [ 1899.780565] [ 1899.787911] CPU: 1 PID: 5128 Comm: syz-executor4 Tainted: G B 4.17.0-rc5+ #51 [ 1899.796465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1899.805798] Call Trace: [ 1899.808373] dump_stack+0x1b9/0x294 [ 1899.811983] ? dump_stack_print_info.cold.2+0x52/0x52 [ 1899.817158] ? lock_downgrade+0x8e0/0x8e0 [ 1899.821315] ? vprintk_default+0x28/0x30 [ 1899.825356] ? __lock_acquire+0x37b0/0x5140 [ 1899.829660] panic+0x22f/0x4de [ 1899.832833] ? add_taint.cold.5+0x16/0x16 [ 1899.836965] ? add_taint.cold.5+0x5/0x16 [ 1899.841014] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1899.845405] ? __lock_acquire+0x3888/0x5140 [ 1899.849705] kasan_end_report+0x47/0x4f [ 1899.853660] kasan_report.cold.7+0x76/0x2fe [ 1899.857964] __asan_report_load8_noabort+0x14/0x20 [ 1899.862877] __lock_acquire+0x3888/0x5140 [ 1899.867007] ? lock_downgrade+0x8e0/0x8e0 [ 1899.871139] ? kasan_check_read+0x11/0x20 [ 1899.875285] ? rcu_is_watching+0x85/0x140 [ 1899.879417] ? debug_check_no_locks_freed+0x310/0x310 [ 1899.884588] ? is_bpf_text_address+0xd7/0x170 [ 1899.889084] ? kernel_text_address+0x79/0xf0 [ 1899.893476] ? __unwind_start+0x166/0x330 [ 1899.897607] ? __kernel_text_address+0xd/0x40 [ 1899.902084] ? unwind_get_return_address+0x61/0xa0 [ 1899.906999] ? __save_stack_trace+0x7e/0xd0 [ 1899.911310] ? save_stack+0xa9/0xd0 [ 1899.914933] ? save_stack+0x43/0xd0 [ 1899.918543] ? __kasan_slab_free+0x11a/0x170 [ 1899.922940] ? kasan_slab_free+0xe/0x10 [ 1899.926900] ? kfree+0xd9/0x260 [ 1899.930165] ? unregister_shrinker+0x216/0x3a0 [ 1899.934727] ? deactivate_locked_super+0x70/0x100 [ 1899.939549] ? mount_bdev+0x37d/0x3e0 [ 1899.943333] ? fuse_mount_blk+0x34/0x40 [ 1899.947290] ? mount_fs+0xae/0x328 [ 1899.950811] ? vfs_kern_mount.part.34+0xd4/0x4d0 [ 1899.955547] ? do_mount+0x564/0x3070 [ 1899.959242] ? ksys_mount+0x12d/0x140 [ 1899.963029] ? graph_lock+0x170/0x170 [ 1899.966822] ? kasan_check_read+0x11/0x20 [ 1899.970953] ? do_raw_spin_unlock+0x9e/0x2e0 [ 1899.975342] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 1899.979920] ? print_usage_bug+0xc0/0xc0 [ 1899.983964] ? kasan_check_write+0x14/0x20 [ 1899.988184] ? do_raw_spin_lock+0xc1/0x200 [ 1899.992402] lock_acquire+0x1dc/0x520 [ 1899.996184] ? fuse_kill_sb_blk+0x50/0xb0 [ 1900.000315] ? lock_release+0xa10/0xa10 [ 1900.004269] ? check_same_owner+0x320/0x320 [ 1900.008571] ? quarantine_put+0xeb/0x190 [ 1900.012615] ? rcu_note_context_switch+0x710/0x710 [ 1900.017527] ? __might_sleep+0x95/0x190 [ 1900.021490] down_write+0x87/0x120 [ 1900.025015] ? fuse_kill_sb_blk+0x50/0xb0 [ 1900.029148] ? down_read+0x1b0/0x1b0 [ 1900.032843] ? perf_trace_mm_vmscan_writepage+0x750/0x750 [ 1900.038365] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 1900.043361] fuse_kill_sb_blk+0x50/0xb0 [ 1900.047320] deactivate_locked_super+0x97/0x100 [ 1900.051968] mount_bdev+0x37d/0x3e0 [ 1900.055578] ? fuse_get_root_inode+0x190/0x190 [ 1900.060143] fuse_mount_blk+0x34/0x40 [ 1900.063927] mount_fs+0xae/0x328 [ 1900.067278] vfs_kern_mount.part.34+0xd4/0x4d0 [ 1900.071841] ? may_umount+0xb0/0xb0 [ 1900.075447] ? _raw_read_unlock+0x22/0x30 [ 1900.079576] ? __get_fs_type+0x97/0xc0 [ 1900.083454] do_mount+0x564/0x3070 [ 1900.086983] ? copy_mount_string+0x40/0x40 [ 1900.091201] ? rcu_pm_notify+0xc0/0xc0 [ 1900.095071] ? copy_mount_options+0x5f/0x380 [ 1900.099461] ? rcu_read_lock_sched_held+0x108/0x120 [ 1900.104461] ? kmem_cache_alloc_trace+0x616/0x780 [ 1900.109305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 1900.114828] ? _copy_from_user+0xdf/0x150 [ 1900.118962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 1900.124484] ? copy_mount_options+0x285/0x380 [ 1900.128965] ksys_mount+0x12d/0x140 [ 1900.132575] __x64_sys_mount+0xbe/0x150 [ 1900.136532] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1900.141542] do_syscall_64+0x1b1/0x800 [ 1900.145413] ? finish_task_switch+0x1ca/0x840 [ 1900.149895] ? syscall_return_slowpath+0x5c0/0x5c0 [ 1900.154811] ? syscall_return_slowpath+0x30f/0x5c0 [ 1900.159723] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 1900.165077] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1900.169901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 1900.175074] RIP: 0033:0x455a09 [ 1900.178248] RSP: 002b:00007f3c6b410b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1900.185936] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000455a09 [ 1900.193186] RDX: 00000000004ba385 RSI: 0000000020000880 RDI: 00000000200008c0 [ 1900.200447] RBP: 00000000200008c0 R08: 00007f3c6b410b20 R09: 0000000000000000 [ 1900.207709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1900.214963] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1900.222686] Dumping ftrace buffer: [ 1900.226204] (ftrace buffer empty) [ 1900.229890] Kernel Offset: disabled [ 1900.233491] Rebooting in 86400 seconds..