[info] Using makefile-style concurrent boot in runlevel 2. [ 25.341797] audit: type=1800 audit(1539955422.268:21): pid=5417 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="bootlogs" dev="sda1" ino=2419 res=0 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.74' (ECDSA) to the list of known hosts. 2018/10/19 13:23:55 fuzzer started 2018/10/19 13:23:57 dialing manager at 10.128.0.26:43637 2018/10/19 13:23:57 syscalls: 1 2018/10/19 13:23:57 code coverage: enabled 2018/10/19 13:23:57 comparison tracing: enabled 2018/10/19 13:23:57 setuid sandbox: enabled 2018/10/19 13:23:57 namespace sandbox: enabled 2018/10/19 13:23:57 Android sandbox: /sys/fs/selinux/policy does not exist 2018/10/19 13:23:57 fault injection: enabled 2018/10/19 13:23:57 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2018/10/19 13:23:57 net packed injection: enabled 2018/10/19 13:23:57 net device setup: enabled 13:26:49 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_WKALM_RD(r0, 0x80247009, &(0x7f0000000040)) syzkaller login: [ 212.250977] IPVS: ftp: loaded support on port[0] = 21 13:26:49 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2}, 0x1c) listen(r1, 0x40) sendto$inet6(r0, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) [ 212.503777] IPVS: ftp: loaded support on port[0] = 21 13:26:49 executing program 2: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f00000001c0)=""/246) close(r0) [ 212.845939] IPVS: ftp: loaded support on port[0] = 21 13:26:50 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) syz_emit_ethernet(0x7ffff, &(0x7f0000000100)={@local, @link_local, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x7fff1, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast1}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "c8d1f6", 0x0, "071ccd"}}}}}}, &(0x7f0000000000)) [ 213.311723] IPVS: ftp: loaded support on port[0] = 21 13:26:50 executing program 4: sysfs$1(0x1, &(0x7f0000000140)='cgroup\x00') [ 213.916616] IPVS: ftp: loaded support on port[0] = 21 [ 213.955605] bridge0: port 1(bridge_slave_0) entered blocking state [ 213.963161] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.970701] device bridge_slave_0 entered promiscuous mode [ 214.122034] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.153317] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.160723] device bridge_slave_1 entered promiscuous mode 13:26:51 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x2102001ffe, 0x0, 0xfffffffffffffffe, &(0x7f0000000180), 0xffffffffffffffff) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f00000000c0)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10) connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @multicast1}, 0x10) [ 214.289868] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.312511] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.319842] device bridge_slave_0 entered promiscuous mode [ 214.346187] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 214.443038] bridge0: port 2(bridge_slave_1) entered blocking state [ 214.462194] bridge0: port 2(bridge_slave_1) entered disabled state [ 214.469988] device bridge_slave_1 entered promiscuous mode [ 214.494851] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 214.523214] IPVS: ftp: loaded support on port[0] = 21 [ 214.604236] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 214.720055] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 214.866234] bridge0: port 1(bridge_slave_0) entered blocking state [ 214.878194] bridge0: port 1(bridge_slave_0) entered disabled state [ 214.900082] device bridge_slave_0 entered promiscuous mode [ 214.918754] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 215.036920] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.052280] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.059633] device bridge_slave_1 entered promiscuous mode [ 215.085643] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 215.122719] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 215.151463] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 215.265863] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 215.295092] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 215.349896] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.374673] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.382054] device bridge_slave_0 entered promiscuous mode [ 215.397729] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 215.411727] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 215.427816] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 215.450003] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.498339] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.523035] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.543749] device bridge_slave_1 entered promiscuous mode [ 215.554012] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 215.561137] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 215.681641] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 215.769203] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 215.819326] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 215.827155] team0: Port device team_slave_0 added [ 215.845408] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 215.904746] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 215.955692] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 215.973241] team0: Port device team_slave_1 added [ 215.981227] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 215.999484] team0: Port device team_slave_0 added [ 216.154540] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.161989] team0: Port device team_slave_1 added [ 216.208619] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.276705] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 216.328433] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.337863] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 216.359327] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.368993] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.383151] device bridge_slave_0 entered promiscuous mode [ 216.395056] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 216.403374] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 216.446415] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 216.457843] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 216.483726] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 216.491886] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.512522] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.528669] device bridge_slave_1 entered promiscuous mode [ 216.553242] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.565776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.577012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 216.591457] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 216.603984] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 216.611318] team0: Port device team_slave_0 added [ 216.631683] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 216.641354] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 216.658945] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 216.682662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 216.699514] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.722981] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.738251] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 216.751757] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 216.762652] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 216.785040] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 216.803020] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 216.833512] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 216.869110] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 216.881106] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 216.889657] team0: Port device team_slave_1 added [ 216.902761] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 216.911582] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 216.949858] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.965205] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.992336] device bridge_slave_0 entered promiscuous mode [ 217.044980] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 217.051855] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.060797] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.127337] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.143035] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.150441] device bridge_slave_1 entered promiscuous mode [ 217.183665] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 217.202996] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.259127] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 217.273886] team0: Port device team_slave_0 added [ 217.281336] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 217.290165] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 217.313619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.321722] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.344686] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 217.354479] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 217.419376] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 217.450079] team0: Port device team_slave_1 added [ 217.461292] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 217.482862] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 217.489966] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.503274] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.523773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 217.548117] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 217.572473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.580392] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.646883] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 217.672741] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.710788] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 217.732195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.747754] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.766364] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 217.822517] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 217.830196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.843012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.889454] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 217.986911] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 218.001425] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 218.011722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.058745] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.091289] team0: Port device team_slave_0 added [ 218.108536] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.115084] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.121982] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.128394] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.158253] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 218.206115] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 218.233054] team0: Port device team_slave_1 added [ 218.322605] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 218.346090] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 218.382254] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 218.401586] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 218.502904] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 218.509763] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 218.518154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 218.540588] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 218.563073] team0: Port device team_slave_0 added [ 218.592442] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.598819] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.605531] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.611907] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.632926] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 218.658895] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 218.675915] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 218.692809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 218.727247] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 218.743634] team0: Port device team_slave_1 added [ 218.848197] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 218.867153] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 218.882965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 218.898903] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 218.923331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 218.937458] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 218.980808] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 219.062781] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 219.069935] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 219.089226] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 219.106526] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.112973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.119642] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.126074] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.136299] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 219.171033] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 219.202771] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 219.210792] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 219.343148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 219.353619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 219.681887] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.688328] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.695041] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.701417] bridge0: port 1(bridge_slave_0) entered forwarding state [ 219.730312] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 220.331820] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.338259] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.344981] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.351351] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.373455] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 220.422705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.429914] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 220.612919] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.619333] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.626048] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.632453] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.646575] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 221.462407] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 223.383255] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.649407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.819127] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.152415] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.241016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.386867] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 224.402389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.411807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.522545] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 224.532381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 224.539432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 224.701876] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 224.812619] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.906837] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.154166] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 225.160339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.172952] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.216616] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.241632] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 225.520876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.562216] 8021q: adding VLAN 0 to HW filter on device bond0 [ 225.602984] 8021q: adding VLAN 0 to HW filter on device team0 [ 225.707778] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 225.722601] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 225.729706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 225.992760] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 226.008897] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 226.131841] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.434100] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 226.440272] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 226.452714] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.462646] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 226.468784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 226.489305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 226.891795] 8021q: adding VLAN 0 to HW filter on device team0 [ 226.909781] 8021q: adding VLAN 0 to HW filter on device team0 13:27:04 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000157, 0x4c004800) pipe2(&(0x7f0000000000), 0x0) [ 228.013026] hrtimer: interrupt took 47931 ns [ 228.087525] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/l1tf.html for details. 13:27:05 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000200)) 13:27:05 executing program 0: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000157, 0x4c004800) pipe2(&(0x7f0000000000), 0x0) 13:27:05 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c) connect$inet6(r1, &(0x7f00000005c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) ioctl$SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1) connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) socketpair(0x1, 0x80000, 0x0, &(0x7f0000000000)) r2 = dup2(r1, r1) sendto$inet6(r1, &(0x7f00000003c0), 0x0, 0x4008000, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000580)=[{&(0x7f00000000c0)=@abs, 0x30, &(0x7f0000000040), 0x0, &(0x7f0000000140)}], 0x353c71a0e71fbf0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f00000001c0)={0x0, @speck128, 0x0, "2a8404ffcbaffac1"}) [ 228.542031] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 13:27:05 executing program 2: r0 = socket$inet(0x10, 0x3, 0x4) sendmsg(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) recvmmsg(r0, &(0x7f0000001b40)=[{{&(0x7f00000001c0)=@alg, 0x80, &(0x7f0000001440), 0x0, &(0x7f0000001480)=""/177, 0xb1}}], 0x1, 0x0, &(0x7f0000001c40)={0x77359400}) 13:27:05 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x10, 0xffffffffffffffff, 0x0) tkill(0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50}, 0x50) write$FUSE_STATFS(0xffffffffffffffff, &(0x7f0000000340)={0x60}, 0x60) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x6, 0x4, 0x8, 0x400, 0x0, 0x1}, 0x2c) 13:27:06 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:06 executing program 0: write$P9_RLCREATE(0xffffffffffffffff, &(0x7f0000006200)={0x18, 0xf, 0x0, {{0x0, 0x2, 0x8}, 0x1000}}, 0x18) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x805, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000006c0)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000005d40)={0x0, 0x10000}, &(0x7f0000006140)=0x8) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) futex(&(0x7f0000000080)=0x2, 0xf, 0x0, &(0x7f0000000380)={0x0, 0x989680}, &(0x7f00000003c0)=0x2, 0x0) flistxattr(r2, &(0x7f0000000400)=""/168, 0xfffffffffffffcc0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000006100)={'team0\x00'}) epoll_wait(0xffffffffffffffff, &(0x7f0000000180)=[{}], 0x1, 0x9) unshare(0x40000000) r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x100ffe, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000540)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000680)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x24000}, 0xc, &(0x7f0000000640)={&(0x7f0000000980)=ANY=[@ANYBLOB="17012abd7000fbdbdf25080000001c0008000500000000010008000500ac1414bb340001000800060072720000080009003c000000080002e33c000000080001000a00000008000800c9a40000080009001000000008000400ffffff7f18000300140002006272696467655f736c617665080005000008000020000100080001000a000000080008000071393af5867aed519d000000080007000000005508e63e00fc681f7535626f4d932385e84641e3328a733b1e3c20ac017e9e14a16f0666fae2f65d5d6b20417a3e5e9e91c948a2940e27999ad3dab19d03938ffbaee56b1d3552970688688b71303130bcf777fcf694a14dc24d1c2aa313bdf9c88d38c1d6c75862a31ba1af172487b236d2f172e750435ff21a46ae071fcbee05f36fcf8e48873104e7c2288987b3ffb424934aaa75308af5b9c774228d3afb175e109898a3db61f4619742cd4cdf6dd9b6dcbd9e7340"], 0x1}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000002c0)={0x0, 0x1ec4, 0xffe, &(0x7f0000000040)}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x2) lseek(r4, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpgid(0x0) getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}, &(0x7f00000000c0)=0x10) ioctl$RTC_PLL_GET(0xffffffffffffffff, 0x80207011, &(0x7f0000000100)) fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000180), 0x8402) 13:27:06 executing program 3: r0 = socket$kcm(0xa, 0x802, 0x88) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x4e24, 0x0, @mcast2, 0x9}, 0x80, &(0x7f00000024c0)=[{&(0x7f0000001300)="35370e1ce69237a6d1711241cf69c6cbc7533767807a8c526fab1f361f0076568c65f1753c2b93f754ee7e627a4256520c3c2a234a03c98a5bc6fab61e259cf077742ed304e6b317ef01b9f64fb8de8b2e67343011c1c1e277c2f7ba79c7b2f6f4dad070ae48954364d88298396c085fbd9193150e5a66a6c56f701cd3d4a90b77689103d6f5f67f37aff9601f4ce743f085b2a8495162405879657e1f76877b858a26afbbfccdb528954a55aaea1e22f9125d7bd231d50df22e445697f55487202a326beea20ce0e6376e", 0xcb}], 0x1, &(0x7f00000025c0)=ANY=[]}, 0x8000) sendmsg$kcm(r0, &(0x7f0000000180)={&(0x7f0000000100)=@nl=@unspec, 0x80, &(0x7f0000000040)=[{&(0x7f0000000280)="93c88e3333594a1999c410a056b3ee9b75f2322cbc3b8508be8404fc27f50966149b404433b55126e0e6e6ea44ecf6655e70bb00ca32231ddb504ab895b490badca389c1f1df5b9d1bcad35110ad132a46f1cdb6f55db57e37d5fd530edeaf3a61e6a0cb351dfeb6e9c1a88a0e92609769013ab514a1341014e4f7ba5de3de12630f8e6ea8b13a61778ed679f137a535bcc0e9f4cf09e47b23521d0b60e3d27e501c9cdc8080707175fdd8d58c8f2dd5bd339294ff3e1297280488ad2429d454612a63802779399f3d3a10532728cc422ae82fe3a41e40542f84c3c2be40af12579963e2c85f17cffd5276eb2145baeae700122f0faa25e561dc1b2ab8f377cbca3bfa2c5534c4b9b96f3a714532dd91555961b7fe01e51b382b457b65a3542f70c4cf8cb4e71a4eb801b95f705a06c18a7940fc710435f1b8c7fe1c0eb7d5bb6aa3901fde453bd966de373c0e8711eefb0e5cb26213cd9dfa96db4ee9e3dddfbd9bc9012dfcd645c63fd60c1ee2b81a2b184d36e977b2d5fdb07e11d7ed33788bb0bb39efa144a87dc82ea626d0898d90f92af1fb02cb16e095f08cc8d503cc753ab591b9322d00d15a8c34cfcf423b6cd5ccd42afc6f2835e132688753877b72a1c568f24008b76cbf50ce70df6b32bff3b6e57fe34dec2b179fc92db5b72ba74a7729f50d5edc481ecf13916346b8f59d64135bf7697d80a92586360b5d22fa1f5c783e393ac929c75e73fc2fd7cf64cc8b0566eea09c98f98c45fc13f45fc2d86b934d780673fc0288b15906ba6d94e701cd212d58cf6b924ae72e109c685b1bd4d07b7844b2a1452bdf2c6acbefda70d34adfcfaf4f35a4b0997b791aa4b789418f0cac2d66610b373101d77f52d2f0c7863db30595c9cb3cfe012749cdb66b5c81ec3a9d93bbe39ac2fecd5291e947b0866c12be20f8c880c45bb68b663019ba1bd0579fe6e1b4e7013adcff49be42f1abee6eb065d5cead9b127f09a3220da001f128b259eade6c41fbe7eaf07cad57d90a27511c9b647aadb14ff1ce414d615e97ba44c47a02909101d3ea73eb903e4732d989812e662a2ff764e296d5927ae593cc69df7b597eb21564e01a558db35bb751d163cdb175829cd08339f9c84cb27e9f8eded7a84db36dc9551e47f1bb10b18ecc36f7c0c446f108181207f7cac92c39fd5622e17e6b2de9fb84686e4ae47aa15ea68ebc70e3d2a336952ad59c287fa38869be6f15f6cc580a6ffe18404090f1c76691a7869cd55606ef17a17d7c6d5702be96822aac5808e9d346f668cd86212c555aba00a97ad488bc3579668ecba7ec25fe2f058f4b6ca586748ccb1c2f9df49a7dbc02d0e517bcbde488441ea8c4b377a5acdbcb7ecb9a35bc70448a78a4feaf0969ef432e2e6076a038e6467a4ecfcfe5ca0aa07e3bdc82c86b3f5d6162d1245a6b8e596604a060aea121f77960da5adbbb9bf9fe399f4e6ba166a5e103f49ec0adc205059cdf52bc1bf6a69cc0083d221d80e5620702422cafadcc95cc8cb9f576727a6924f5fd68bf1bb11e106b1454c6d356aa37c10eaf6b0a25c195b67eff4868b5768a0bf5a3c4e7891db56a886ded306d13a9729b61b6db0317204020624ab41209c0b8cd486aac8eb89764c4681a58dfa28fc39bd7196f9faac5276d51e06a59bdf57045ef1bc6e446cbd3cd9b86992c1445c3632d08c3455d7bf621c9afc9800866115d10b51bd8c85d0455a5b4ed03a7646a8eaeac0e81d1ad5a7d42e2aadcf3c79850a019f130c51637ba93a42bee1081c049bd51bf5259396fc898668f66570aa10c9b828710b40149b2d9416dc836664d5fa3a04c10662ac6b0298957ae7908ddc15c0ba258cd945cdf7d2deebdedf08d5cff13f500ceeddda4a29dcb313454d644908e0e4586d99106bc8607744e5398e08da7064d8ba892997b7ef6caba8ccd96a02a519ef22a7532d77efa7d1956a4618357209edaef183839e26fcd3e97e36c63ae685aa2a5fe17c9affe22dc5fdfffbe037b5e1c84cd5c842d6149e8baa1ca92a1e39cd8a71c4a4ecf4c9742b879d9b33a004085a571618a0c6a6cd04adbee38ca3043e8e5e4b591dfa695d913d50f7550f6acc990c396fd2c50c359ae5481302b287bd8d36bf0006d8e03e5dc9bdf4708e67851f16b9274934da5c2983ef5c223df8bfa455e6ef79df6dbd2fc911598679fb7aea99cc66fdb1252dff22332e7e7bef4d519a16b5c0455d679143d9a31a0951bfccc4366486c701deb4d662e94e659704f9ebcc26fad3e496d10d69fafd0ec6fa858feeb714ae06e78eeb44781af9e80ae65026e551678f4045adb383706cf32a2e7c935df9984001af9a9617d79febd5fe32c3b55b9c8d2d540da0f1b117afe272f5ff48e3c2a6747d15c48bfd9b59a6e8799222357830b81a9c951369dc7a4328f251b92b785c2224eae1d9e9bc31ef6ef2ddf4eba797d1643e53da414cd48632906470046f1af5591e01e7a21dfaf432d552cb0560cf2521d492b9a9fcad2410040bcd16ac74cf855218bfb0dec2d4424bf07180ec061eb85fc6bfd86683d06f166281ec11efe41e459a1cbb43f6814b2ff417a5ddfb9b74981d1dff5688fa22f97e44d07e1489d1265ddb323d05a313486d70b745b809eab97247f5339b2a9be665429fe1395540e1d712137e0a171f10ad82ddf1316d4c64d57e7cebf05ab74162bf7adc4f2fde11b3744da5f9dc6ffc64663ce5671f0a855a9747279ccaa3c87cfd821ebfd27ab856b9d2a5601d8b8351b7b95b078bbdfb1eaefc6274042002115a119223e984e3f697c873cb9cfa7c1fc9a8c349f19c7b03174be399d0d0e2766c2be88b715f9af48eb0c6e70ee6240d0f7ff68cd0e35919f21f57ffb33118ad959119ff4adf4e8dccc7e3ba3795e4a8f8c1d020904712fd5c5fc4e72d2b6854914827a91acc67334362ec95123eaa7f707c456f71217f4cff2c26008f9d748fc6eca2038680bcbb1fd077141630e209751dc0ac62539f2ace69a9c214c9dc6fb6b59191d19dda059475fde33f7082d5ef21fd9e691e524b5d9c1ee8e4a0db77ab33f31f308f7f8343ea5c3941f4ddf72304c833e063a7c4dd7daf55b6a0a650eb3d3ec42bf57d6ea8fcee3c86a67fef77c166b590dfd4a353b899afe59d7a4a7665b0328676f2733998e46d5a6446e772c1a0e26987487776f4cbadea099dda1951e8c4f98c2282dab737b99813a4a7d208b905df8ef08cb59660b959f4d", 0x8f6}], 0x1, &(0x7f0000001280)}, 0x0) 13:27:06 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x10, 0xffffffffffffffff, 0x0) tkill(0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50}, 0x50) write$FUSE_STATFS(0xffffffffffffffff, &(0x7f0000000340)={0x60}, 0x60) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x6, 0x4, 0x8, 0x400, 0x0, 0x1}, 0x2c) [ 229.349846] IPVS: ftp: loaded support on port[0] = 21 [ 229.685905] IPVS: ftp: loaded support on port[0] = 21 13:27:06 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000540)="66660f3882811344bd85b87f7800000f23c80f21f8350000f0000f23f866ba2100b0faee0f01f70f20c035040000000f22c0360f00d6660f3801a7627a33460f234cb83e0000000f23d00f21f835100000020f23f866baa10066ed", 0x5b}], 0x1, 0x0, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x1, 0x0, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 13:27:06 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) 13:27:06 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x6, 0x10, 0xffffffffffffffff, 0x0) tkill(0x0, 0x0) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000100)={0x50}, 0x50) write$FUSE_STATFS(0xffffffffffffffff, &(0x7f0000000340)={0x60}, 0x60) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x6, 0x4, 0x8, 0x400, 0x0, 0x1}, 0x2c) 13:27:06 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:06 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0xffffffc3}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0xe3b, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x800) 13:27:06 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0xc39) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) syz_mount_image$ext4(&(0x7f00000001c0)='ext2\x00', &(0x7f0000000200)='./file0\x00', 0x195, 0x1, &(0x7f0000000740)=[{&(0x7f00000006c0)="35bce4a5b1bf1fecf0773ee7764c06d77f92ca1b190c01d87615b5325cd2584c7f2aed", 0x23}], 0x40, &(0x7f0000000800)={[{@sb={'sb', 0x3d, 0x101}}, {@abort='abort'}, {@orlov='orlov'}, {@nolazytime='nolazytime'}, {@noblock_validity='noblock_validity'}, {@orlov='orlov'}, {@nojournal_checksum='nojournal_checksum'}], [{@appraise='appraise'}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:07 executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000dc00000000000000819500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f00000002c0)={r1, r2}) 13:27:07 executing program 3: r0 = socket$kcm(0xa, 0x802, 0x88) sendmsg$kcm(r0, &(0x7f0000000240)={&(0x7f0000000080)=@in6={0xa, 0x4e24, 0x0, @mcast2, 0x9}, 0x80, &(0x7f00000024c0)=[{&(0x7f0000001300)="35370e1ce69237a6d1711241cf69c6cbc7533767807a8c526fab1f361f0076568c65f1753c2b93f754ee7e627a4256520c3c2a234a03c98a5bc6fab61e259cf077742ed304e6b317ef01b9f64fb8de8b2e67343011c1c1e277c2f7ba79c7b2f6f4dad070ae48954364d88298396c085fbd9193150e5a66a6c56f701cd3d4a90b77689103d6f5f67f37aff9601f4ce743f085b2a8495162405879657e1f76877b858a26afbbfccdb528954a55aaea1e22f9125d7bd231d50df22e445697f55487202a326beea20ce0e637", 0xca}], 0x1, &(0x7f00000025c0)=ANY=[]}, 0x8000) sendmsg$kcm(r0, &(0x7f0000000180)={&(0x7f0000000100)=@nl=@unspec, 0x80, &(0x7f0000000040)=[{&(0x7f0000000280)="93c88e3333594a1999c410a056b3ee9b75f2322cbc3b8508be8404fc27f50966149b404433b55126e0e6e6ea44ecf6655e70bb00ca32231ddb504ab895b490badca389c1f1df5b9d1bcad35110ad132a46f1cdb6f55db57e37d5fd530edeaf3a61e6a0cb351dfeb6e9c1a88a0e92609769013ab514a1341014e4f7ba5de3de12630f8e6ea8b13a61778ed679f137a535bcc0e9f4cf09e47b23521d0b60e3d27e501c9cdc8080707175fdd8d58c8f2dd5bd339294ff3e1297280488ad2429d454612a63802779399f3d3a10532728cc422ae82fe3a41e40542f84c3c2be40af12579963e2c85f17cffd5276eb2145baeae700122f0faa25e561dc1b2ab8f377cbca3bfa2c5534c4b9b96f3a714532dd91555961b7fe01e51b382b457b65a3542f70c4cf8cb4e71a4eb801b95f705a06c18a7940fc710435f1b8c7fe1c0eb7d5bb6aa3901fde453bd966de373c0e8711eefb0e5cb26213cd9dfa96db4ee9e3dddfbd9bc9012dfcd645c63fd60c1ee2b81a2b184d36e977b2d5fdb07e11d7ed33788bb0bb39efa144a87dc82ea626d0898d90f92af1fb02cb16e095f08cc8d503cc753ab591b9322d00d15a8c34cfcf423b6cd5ccd42afc6f2835e132688753877b72a1c568f24008b76cbf50ce70df6b32bff3b6e57fe34dec2b179fc92db5b72ba74a7729f50d5edc481ecf13916346b8f59d64135bf7697d80a92586360b5d22fa1f5c783e393ac929c75e73fc2fd7cf64cc8b0566eea09c98f98c45fc13f45fc2d86b934d780673fc0288b15906ba6d94e701cd212d58cf6b924ae72e109c685b1bd4d07b7844b2a1452bdf2c6acbefda70d34adfcfaf4f35a4b0997b791aa4b789418f0cac2d66610b373101d77f52d2f0c7863db30595c9cb3cfe012749cdb66b5c81ec3a9d93bbe39ac2fecd5291e947b0866c12be20f8c880c45bb68b663019ba1bd0579fe6e1b4e7013adcff49be42f1abee6eb065d5cead9b127f09a3220da001f128b259eade6c41fbe7eaf07cad57d90a27511c9b647aadb14ff1ce414d615e97ba44c47a02909101d3ea73eb903e4732d989812e662a2ff764e296d5927ae593cc69df7b597eb21564e01a558db35bb751d163cdb175829cd08339f9c84cb27e9f8eded7a84db36dc9551e47f1bb10b18ecc36f7c0c446f108181207f7cac92c39fd5622e17e6b2de9fb84686e4ae47aa15ea68ebc70e3d2a336952ad59c287fa38869be6f15f6cc580a6ffe18404090f1c76691a7869cd55606ef17a17d7c6d5702be96822aac5808e9d346f668cd86212c555aba00a97ad488bc3579668ecba7ec25fe2f058f4b6ca586748ccb1c2f9df49a7dbc02d0e517bcbde488441ea8c4b377a5acdbcb7ecb9a35bc70448a78a4feaf0969ef432e2e6076a038e6467a4ecfcfe5ca0aa07e3bdc82c86b3f5d6162d1245a6b8e596604a060aea121f77960da5adbbb9bf9fe399f4e6ba166a5e103f49ec0adc205059cdf52bc1bf6a69cc0083d221d80e5620702422cafadcc95cc8cb9f576727a6924f5fd68bf1bb11e106b1454c6d356aa37c10eaf6b0a25c195b67eff4868b5768a0bf5a3c4e7891db56a886ded306d13a9729b61b6db0317204020624ab41209c0b8cd486aac8eb89764c4681a58dfa28fc39bd7196f9faac5276d51e06a59bdf57045ef1bc6e446cbd3cd9b86992c1445c3632d08c3455d7bf621c9afc9800866115d10b51bd8c85d0455a5b4ed03a7646a8eaeac0e81d1ad5a7d42e2aadcf3c79850a019f130c51637ba93a42bee1081c049bd51bf5259396fc898668f66570aa10c9b828710b40149b2d9416dc836664d5fa3a04c10662ac6b0298957ae7908ddc15c0ba258cd945cdf7d2deebdedf08d5cff13f500ceeddda4a29dcb313454d644908e0e4586d99106bc8607744e5398e08da7064d8ba892997b7ef6caba8ccd96a02a519ef22a7532d77efa7d1956a4618357209edaef183839e26fcd3e97e36c63ae685aa2a5fe17c9affe22dc5fdfffbe037b5e1c84cd5c842d6149e8baa1ca92a1e39cd8a71c4a4ecf4c9742b879d9b33a004085a571618a0c6a6cd04adbee38ca3043e8e5e4b591dfa695d913d50f7550f6acc990c396fd2c50c359ae5481302b287bd8d36bf0006d8e03e5dc9bdf4708e67851f16b9274934da5c2983ef5c223df8bfa455e6ef79df6dbd2fc911598679fb7aea99cc66fdb1252dff22332e7e7bef4d519a16b5c0455d679143d9a31a0951bfccc4366486c701deb4d662e94e659704f9ebcc26fad3e496d10d69fafd0ec6fa858feeb714ae06e78eeb44781af9e80ae65026e551678f4045adb383706cf32a2e7c935df9984001af9a9617d79febd5fe32c3b55b9c8d2d540da0f1b117afe272f5ff48e3c2a6747d15c48bfd9b59a6e8799222357830b81a9c951369dc7a4328f251b92b785c2224eae1d9e9bc31ef6ef2ddf4eba797d1643e53da414cd48632906470046f1af5591e01e7a21dfaf432d552cb0560cf2521d492b9a9fcad2410040bcd16ac74cf855218bfb0dec2d4424bf07180ec061eb85fc6bfd86683d06f166281ec11efe41e459a1cbb43f6814b2ff417a5ddfb9b74981d1dff5688fa22f97e44d07e1489d1265ddb323d05a313486d70b745b809eab97247f5339b2a9be665429fe1395540e1d712137e0a171f10ad82ddf1316d4c64d57e7cebf05ab74162bf7adc4f2fde11b3744da5f9dc6ffc64663ce5671f0a855a9747279ccaa3c87cfd821ebfd27ab856b9d2a5601d8b8351b7b95b078bbdfb1eaefc6274042002115a119223e984e3f697c873cb9cfa7c1fc9a8c349f19c7b03174be399d0d0e2766c2be88b715f9af48eb0c6e70ee6240d0f7ff68cd0e35919f21f57ffb33118ad959119ff4adf4e8dccc7e3ba3795e4a8f8c1d020904712fd5c5fc4e72d2b6854914827a91acc67334362ec95123eaa7f707c456f71217f4cff2c26008f9d748fc6eca2038680bcbb1fd077141630e209751dc0ac62539f2ace69a9c214c9dc6fb6b59191d19dda059475fde33f7082d5ef21fd9e691e524b5d9c1ee8e4a0db77ab33f31f308f7f8343ea5c3941f4ddf72304c833e063a7c4dd7daf55b6a0a650eb3d3ec42bf57d6ea8fcee3c86a67fef77c166b590dfd4a353b899afe59d7a4a7665b0328676f2733998e46d5a6446e772c1a0e26987487776f4cbadea099dda1951e8c4f98c2282dab737b99813a4a7d208b905df8ef08cb59660b959f4d", 0x8f6}], 0x1, &(0x7f0000001280)}, 0x0) 13:27:07 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:07 executing program 4: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000002400)=ANY=[@ANYBLOB="8d2fe21682760ff28f3bf7550efd0f09242f8ba9ccfad182d2da1ab5441f333a58e5be73da9c"], 0x26) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000200)) 13:27:07 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0xf, "e44c73447167624765b26a8652eff3"}, &(0x7f0000000100)=0x33) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000157, 0x4c004800) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:07 executing program 5: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') [ 230.567570] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:07 executing program 3: recvmsg$kcm(0xffffffffffffffff, &(0x7f00000025c0)={&(0x7f0000002240)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f0000002480), 0x0, &(0x7f00000024c0)=""/206, 0xce}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_flowlabel\x00') preadv(r0, &(0x7f00000017c0), 0x1fe, 0x0) 13:27:07 executing program 4: r0 = gettid() syslog(0x2, &(0x7f0000000080)=""/65, 0x26b) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f00000001c0)={[], 0x0, 0x0, 0x6, 0x0, 0x7}) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000000), &(0x7f0000000080)}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) fcntl$getown(0xffffffffffffffff, 0x9) memfd_create(&(0x7f0000000040)='{+cpuset%\x00', 0x4) tkill(r0, 0x1000000000016) [ 230.731635] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:07 executing program 1: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:07 executing program 0: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f0000005b5a6ebee0"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:07 executing program 2: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0xf, "e44c73447167624765b26a8652eff3"}, &(0x7f0000000100)=0x33) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000157, 0x4c004800) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:07 executing program 5: lsetxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x3) semget$private(0x0, 0x6, 0x80) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000540)="66660f3882811344bd85b87f7800000f23c80f21f8350000f0000f23f866ba2100b0faee0f01f70f20c035040000000f22c0360f00d6660f3801a7627a33460f234cb83e0000000f23d00f21f835100000020f23f866baa10066ed", 0x5b}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x1, 0x0, &(0x7f0000000000), 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x3, &(0x7f0000000400)=[{0x9, 0x0, 0xb1b4, 0x2}, {0x9, 0x8, 0x8, 0x9}, {0x8, 0x0, 0x0, 0x2}]}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f0000000840)={0x14, 0x11, 0x1, {0x6, 0x4, 0x4}}, 0x14) socket$packet(0x11, 0x6, 0x300) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000006c0)={{{@in6, @in6=@mcast1}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000480)=0xe8) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000600)) sendto$packet(0xffffffffffffffff, &(0x7f0000000300)="91", 0x1, 0x0, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setfsuid(r3) clock_gettime(0x0, &(0x7f00000004c0)) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000640)={0x0, 0x0, 0x1}) pipe2(&(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$sock_inet6_tcp_SIOCATMARK(r4, 0x8905, &(0x7f0000000880)) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000340)='trusted.overlay.nlink\x00', &(0x7f0000000380)={'U+', 0x1}, 0x28, 0x1) r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200)='/dev/hwrng\x00', 0x400800, 0x0) ioctl$UI_SET_MSCBIT(r5, 0x40045568, 0x0) ioctl$DRM_IOCTL_SG_ALLOC(0xffffffffffffffff, 0xc0106438, &(0x7f0000000240)={0x1}) utimes(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)) 13:27:07 executing program 4: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:08 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x1d4) connect$inet6(r0, &(0x7f0000000080), 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0xca) mmap(&(0x7f00000be000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000340)={0xa, 0x0, 0x0, @ipv4={[], [], @local}}, 0x1c) getsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000280)=""/21, &(0x7f00000002c0)=0x15) 13:27:08 executing program 4: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r0, 0xffefffefffffff82) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000000000)="f8", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6, 0x0, 0x0, 0x8000, 0x0, 0x11}, 0x98) write$binfmt_misc(r1, &(0x7f0000000240)={'syz1'}, 0x1fef0) accept4(r0, &(0x7f0000000400)=@ipx, &(0x7f0000000340)=0xffffffffffffffe9, 0x0) [ 231.188784] print_req_error: I/O error, dev loop0, sector 0 13:27:08 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) dup3(r0, r1, 0x0) 13:27:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:08 executing program 0: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f0000005b5a6ebee0"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:08 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f00000000c0)={'\x00', 0x400}) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000080)={'%ridge_slave@1\x00', 0x200}) 13:27:08 executing program 5: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f000000"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) [ 231.556647] print_req_error: I/O error, dev loop0, sector 0 13:27:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) [ 231.851795] print_req_error: I/O error, dev loop0, sector 0 13:27:08 executing program 2: creat(&(0x7f0000000180)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000002c0)) 13:27:08 executing program 0: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f0000005b5a6ebee0"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:08 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f000087bff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x404c534a, &(0x7f0000c6afa4)) 13:27:08 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:08 executing program 5: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f000000"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:09 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) pipe2(&(0x7f0000000000), 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:09 executing program 1: creat(&(0x7f0000000140)='./bus\x00', 0x0) r0 = open(&(0x7f00000004c0)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)) ftruncate(0xffffffffffffffff, 0x0) 13:27:09 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 232.233660] print_req_error: I/O error, dev loop0, sector 0 [ 232.270700] kauditd_printk_skb: 9 callbacks suppressed 13:27:09 executing program 0: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f0000005b5a6ebee0"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:09 executing program 5: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f000000"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) [ 232.270715] audit: type=1804 audit(1539955629.198:31): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor1" name="/root/syzkaller-testdir218591102/syzkaller.68bHUj/11/bus" dev="sda1" ino=16534 res=1 13:27:09 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 232.339908] audit: type=1804 audit(1539955629.258:32): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor1" name="/root/syzkaller-testdir218591102/syzkaller.68bHUj/11/bus" dev="sda1" ino=16534 res=1 13:27:09 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r1, 0x4c00, r0) [ 232.468308] audit: type=1804 audit(1539955629.258:33): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor1" name="/root/syzkaller-testdir218591102/syzkaller.68bHUj/11/bus" dev="sda1" ino=16534 res=1 13:27:09 executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) read$FUSE(r0, &(0x7f0000000580), 0x124c) read$FUSE(r0, &(0x7f00000040c0), 0x1000) write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x1}, 0x50) read$FUSE(r0, &(0x7f00000030c0), 0x1000) lstat(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)) setxattr$trusted_overlay_nlink(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'U-', 0x8}, 0xfd9f, 0x0) 13:27:09 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:09 executing program 5: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000680)=ANY=[@ANYBLOB='\vd\x00\x00'], &(0x7f0000000700)=0x1) add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f00000005c0), 0x0, 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000140)=0x0) perf_event_open(&(0x7f0000000a40)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, @perf_config_ext, 0x204}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$intptr(0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000001ec0)={&(0x7f0000000880)={0x10, 0x0, 0x0, 0x4080000}, 0xc, &(0x7f0000001e80)={&(0x7f0000000600)=ANY=[@ANYBLOB="dadcfd938b94bc0175e1268a4ea64226013aaa67da0011e7c505ba0b85e218455e7a7bf1ffea2be81add000000000000000000000000003ddf4008e6ecdf2b4e67f7abe86a7fe43b90ab760ea47ec3155de57bcafa9eae2a024a42e0a22c5e66b0410630ba17b552362e9e229ad5236fc10160a5fa1b48e82155012ccf6d641724d2ca15ddee0ba292a939c2f30cc54c319b469c6c22dad63ddaa15dc9cfdeef998fcc89cf3d0810b1111639e011ded34083cb422bc94e1056fe20f28c4f9d20845a35c38a"], 0x1}, 0x1, 0x0, 0x0, 0x80}, 0x40) bind$inet(r1, &(0x7f0000000400)={0x2, 0x2004e25, @remote}, 0x8abb0a022360233c) r3 = socket$nl_generic(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r3, 0x89f1, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="00000000000000eaa8dd7b982103077de94e581219960e54ecbd686aae2e0c5b4f9b6fbc05000000008d1cfb5a4aac0fff0f000000"]}) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f0000000380)={@remote}, &(0x7f00000003c0)=0x14) r4 = dup2(r1, r1) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000007c0)={0x0, 0x8001, 0x0, 0x7, 0x2}) socketpair(0x3, 0x5, 0xc8, &(0x7f0000000780)) setsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000a00)={0x0, @multicast2, @local}, 0xc) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000000)={0x0, 0xa8}, &(0x7f0000000040)=0x8) getsockopt$ARPT_SO_GET_INFO(r4, 0x0, 0x60, &(0x7f0000000700)={'filter\x00'}, &(0x7f00000001c0)=0x7) syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') fcntl$notify(r4, 0x402, 0x13) socket$netlink(0x10, 0x3, 0x0) sched_setaffinity(0x0, 0x375, &(0x7f0000000140)=0x5) r5 = open(&(0x7f0000000580)='./file0\x00', 0x0, 0x85) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r5, 0x29, 0xd3, &(0x7f00000005c0)={{0xa, 0x4e20, 0x0, @empty, 0x7ff}, {0xa, 0x4e20, 0x400, @mcast2, 0x1ff}, 0x0, [0x9, 0x800, 0x8001]}, 0x5c) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000340)='\x00') socket$netlink(0x10, 0x3, 0xc) ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000380)) 13:27:09 executing program 0: timer_create(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, @thr={&(0x7f0000000380), &(0x7f00000002c0)}}, &(0x7f0000000240)) r0 = syz_open_dev$usbmon(&(0x7f00008be000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r0, 0x80089203, 0x20000000) 13:27:09 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:09 executing program 4: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) pipe2(&(0x7f0000000000), 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:09 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:09 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:09 executing program 0: clone(0x2102001ff8, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) getrandom(&(0x7f0000000240)=""/4096, 0x1000, 0x2) 13:27:09 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)) open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:09 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) 13:27:09 executing program 5: 13:27:10 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000023c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x5452, &(0x7f0000000080)={'bridge_slave@1\x00'}) 13:27:10 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:10 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r1, 0x8912, &(0x7f00000001c0)="153f6234488dd25d5c6070") connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) getsockopt$inet_buf(r0, 0x0, 0xe, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90) 13:27:10 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r1) ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) 13:27:10 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)) open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:10 executing program 4: bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000000), 0x2}, 0x20) r0 = socket$kcm(0xa, 0x922000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000040)=@nl=@unspec={0x0, 0x0, 0x0, 0x80fe}, 0x80, &(0x7f0000003800)}, 0x0) 13:27:10 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:10 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:10 executing program 2: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) 13:27:10 executing program 5: socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) preadv(0xffffffffffffffff, &(0x7f0000000480), 0x1000000000000157, 0x4c004800) pipe2(&(0x7f0000000000), 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='net/ip_vs_stats\x00') 13:27:10 executing program 1: 13:27:10 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:10 executing program 2: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) 13:27:10 executing program 1: [ 233.935771] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:10 executing program 0: 13:27:11 executing program 2: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) 13:27:11 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) [ 234.055631] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:11 executing program 0: 13:27:11 executing program 1: 13:27:11 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:11 executing program 2: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:11 executing program 5: 13:27:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:11 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:11 executing program 2: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:11 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:11 executing program 5: [ 234.430600] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:11 executing program 2: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:11 executing program 0: 13:27:11 executing program 1: 13:27:11 executing program 5: [ 234.603366] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:11 executing program 0: 13:27:11 executing program 2: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:11 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:11 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:11 executing program 5: 13:27:11 executing program 1: 13:27:11 executing program 0: 13:27:11 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, 0xffffffffffffffff) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 13:27:11 executing program 1: 13:27:11 executing program 5: 13:27:11 executing program 0: 13:27:11 executing program 2: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:12 executing program 1: 13:27:12 executing program 5: 13:27:12 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r1) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r0) [ 235.120900] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:12 executing program 0: 13:27:12 executing program 1: 13:27:12 executing program 5: 13:27:12 executing program 3: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x4000) r1 = syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000280)='net/udp\x00') ioctl$LOOP_SET_FD(r0, 0x4c00, r2) ioctl$LOOP_SET_FD(r1, 0x4c00, 0xffffffffffffffff) 13:27:12 executing program 1: 13:27:12 executing program 0: 13:27:12 executing program 5: 13:27:12 executing program 2: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:12 executing program 1: 13:27:12 executing program 0: 13:27:12 executing program 5: [ 235.533832] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:12 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) 13:27:12 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:12 executing program 3: 13:27:12 executing program 5: 13:27:12 executing program 0: 13:27:12 executing program 1: 13:27:12 executing program 3: 13:27:12 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:12 executing program 1: 13:27:12 executing program 5: 13:27:12 executing program 0: 13:27:12 executing program 3: [ 236.027789] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) 13:27:13 executing program 0: 13:27:13 executing program 3: 13:27:13 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:13 executing program 1: 13:27:13 executing program 5: 13:27:13 executing program 1: 13:27:13 executing program 5: 13:27:13 executing program 0: 13:27:13 executing program 3: 13:27:13 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:13 executing program 5: [ 236.414229] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) 13:27:13 executing program 0: 13:27:13 executing program 1: 13:27:13 executing program 3: r0 = socket(0x1000000000000010, 0x80802, 0x0) r1 = dup(r0) write(r1, &(0x7f0000000140)="240000002d001f02ff07f4f9002304000a04f511080001000201009f0800028001000000", 0x24) 13:27:13 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:13 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x78, &(0x7f0000013e95), 0x4) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x11, &(0x7f0000000300), &(0x7f0000000340)=0x9b) close(r2) close(r1) 13:27:13 executing program 1: 13:27:13 executing program 0: 13:27:13 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:13 executing program 3: 13:27:13 executing program 5: 13:27:13 executing program 0: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000300)) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) [ 236.749032] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:13 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) 13:27:13 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:13 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) 13:27:13 executing program 3: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) setsockopt$packet_int(r0, 0x107, 0x0, &(0x7f0000000180)=0x20, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) 13:27:13 executing program 5: r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240)}}]}) ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0) 13:27:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 237.016112] binder: release 7761:7762 transaction 2 out, still active [ 237.085009] binder: undelivered TRANSACTION_COMPLETE [ 237.125739] binder: BINDER_SET_CONTEXT_MGR already set [ 237.131712] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 237.153625] binder: 7761:7776 ioctl 40046207 0 returned -16 [ 237.170798] binder_alloc: 7761: binder_alloc_buf, no vma [ 237.189401] binder: 7761:7762 transaction failed 29189/-3, size 0-0 line 2973 [ 237.217187] binder: send failed reply for transaction 2, target dead [ 237.228320] binder: undelivered TRANSACTION_ERROR: 29189 13:27:14 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:14 executing program 5: r0 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$P9_RREMOVE(r1, &(0x7f0000000280)={0xff60}, 0xe3c7) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) sched_setattr(0x0, &(0x7f00000003c0)={0x0, 0x1, 0x0, 0x0, 0x5}, 0x0) fcntl$setstatus(r2, 0x4, 0x6100) fdatasync(r1) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = geteuid() fcntl$getown(r1, 0x9) shmctl$IPC_SET(0x0, 0x1, &(0x7f0000000180)={{0x7fffffff, 0x0, 0x0, r3, 0x0, 0x11, 0x8}, 0x800, 0x5, 0x100000001, 0x7fffffff, 0x0, 0x0, 0x40}) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000200)={0x0, r1}) [ 237.493155] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:14 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:15 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x2, &(0x7f0000000200)=0xbf207ff, 0x9, 0x0) get_mempolicy(&(0x7f0000000040), &(0x7f00003e8000), 0x401, &(0x7f0000336000/0x3000)=nil, 0x2) 13:27:15 executing program 0: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100), 0xc, &(0x7f0000000000)={&(0x7f0000006240)=ANY=[@ANYBLOB="10000000000000001c0012000c000100697036746e6c00000c9702000800080000000000"], 0x1}}, 0x0) r1 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r1, &(0x7f0000000140)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)}], 0x492492492492805, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) 13:27:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:15 executing program 1: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x40031, 0xffffffffffffffff, 0x80000000) 13:27:15 executing program 5: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000300)) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x20, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) 13:27:15 executing program 3: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) epoll_create1(0x0) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000000)) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000180)=0x20, 0x4) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) 13:27:15 executing program 1: r0 = socket(0x200000000000011, 0x4000000000080002, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6_vti0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @broadcast}, 0x14) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000000), 0xfffffe63) r4 = epoll_create1(0x0) socketpair$inet6(0xa, 0x0, 0x0, &(0x7f0000000000)) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000300)) read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3) sendmmsg(r0, &(0x7f0000000d00), 0x400004e, 0x0) 13:27:15 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:15 executing program 0: 13:27:15 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 238.963475] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:16 executing program 0: 13:27:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:16 executing program 0: [ 239.225721] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:16 executing program 0: 13:27:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 239.422668] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:16 executing program 0: r0 = socket$inet6(0xa, 0x803, 0x3) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0a5c3d023c126285718070") madvise(&(0x7f0000ff6000/0x4000)=nil, 0x4000, 0xcb) 13:27:16 executing program 5: 13:27:16 executing program 3: 13:27:16 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f00000000c0)={0xffffffffffff8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) 13:27:16 executing program 5: 13:27:16 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:16 executing program 1: 13:27:16 executing program 5: 13:27:16 executing program 3: [ 239.902644] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:16 executing program 0: 13:27:16 executing program 1: 13:27:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:17 executing program 0: 13:27:17 executing program 3: 13:27:17 executing program 5: 13:27:17 executing program 1: [ 240.186698] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:17 executing program 5: 13:27:17 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:17 executing program 3: 13:27:17 executing program 0: 13:27:17 executing program 1: 13:27:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:17 executing program 5: 13:27:17 executing program 1: 13:27:17 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:17 executing program 5: 13:27:17 executing program 3: 13:27:17 executing program 0: 13:27:17 executing program 4: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:18 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:18 executing program 1: 13:27:18 executing program 5: 13:27:18 executing program 3: 13:27:18 executing program 0: 13:27:18 executing program 5: 13:27:18 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 241.192686] EXT4-fs: 1 callbacks suppressed [ 241.192700] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:18 executing program 1: 13:27:18 executing program 3: 13:27:18 executing program 0: 13:27:18 executing program 3: 13:27:18 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:18 executing program 5: 13:27:18 executing program 1: 13:27:18 executing program 0: 13:27:18 executing program 3: 13:27:18 executing program 5: 13:27:18 executing program 1: [ 241.466446] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:18 executing program 3: 13:27:18 executing program 0: 13:27:18 executing program 5: 13:27:18 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:18 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:18 executing program 1: 13:27:19 executing program 5: 13:27:19 executing program 3: 13:27:19 executing program 1: 13:27:19 executing program 0: [ 242.116959] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:19 executing program 1: 13:27:19 executing program 3: 13:27:19 executing program 5: 13:27:19 executing program 0: 13:27:19 executing program 1: [ 242.358602] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:19 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:19 executing program 3: 13:27:19 executing program 0: 13:27:19 executing program 5: 13:27:19 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:19 executing program 1: 13:27:19 executing program 0: 13:27:19 executing program 3: 13:27:19 executing program 5: 13:27:19 executing program 1: [ 243.007869] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:20 executing program 0: 13:27:20 executing program 5: 13:27:20 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) sendmsg$alg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:20 executing program 1: 13:27:20 executing program 3: 13:27:20 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:20 executing program 5: 13:27:20 executing program 0: 13:27:20 executing program 3: 13:27:20 executing program 5: 13:27:20 executing program 1: 13:27:20 executing program 0: [ 243.921778] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:20 executing program 5: 13:27:20 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:20 executing program 3: 13:27:20 executing program 1: 13:27:20 executing program 0: 13:27:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:21 executing program 5: 13:27:21 executing program 1: 13:27:21 executing program 3: 13:27:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:21 executing program 0: 13:27:21 executing program 1: 13:27:21 executing program 5: 13:27:21 executing program 3: 13:27:21 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000d80)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) read(r0, &(0x7f0000000100)=""/11, 0x3bd) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000040)) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000240)) r4 = syz_open_pts(r0, 0x0) close(r2) dup2(r3, r4) [ 244.334397] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:21 executing program 2: bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg$alg(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r0, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:21 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000340)=@nfc, 0x80, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/53, 0x35}, {&(0x7f0000000400)=""/10, 0xa}, {&(0x7f0000000440)=""/27, 0x1b}, {&(0x7f0000000480)=""/78, 0x4e}, {&(0x7f0000000500)=""/35, 0x23}], 0x5, &(0x7f0000000600)=""/167, 0xa7, 0xfff}, 0x40000000) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb010018000000000000002c0000004400000040000000c3a399675c24cca8e2d90135b9cb7a282ba4ecec145f4e9d1b3a6db7d9cb4b6f2aac73a938cbcb4a44000000001108000000d9c7cd214165aa31fa370151b3b6f375e0a174ab04d966df5676a9102b9313302d9d7c49ea8ec372bbc4684670dded7649d9051432dcbda954c8dde5d637bbfea766c2aa631d1c01000000840437ed760a87e12b461b48e602af3dcba50104b4c8ae401e41f78801e5208b9703e6515c52114091164cbce0d2b6b13c189531dc870f142be8027b40338752857e92e415dacd7823910725e94745c054d7ffb7cc39727fbe"], &(0x7f0000000a80)=""/4096, 0xee, 0x1000, 0x1}, 0x20) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000040)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001b00)={0x0, r0, 0x0, 0x2, &(0x7f0000001ac0)='[\x00', 0x0}, 0x30) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001b40)=r2, 0x807d02264508a87d) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)=r3, 0x4) socketpair(0x0, 0x80007, 0x1, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x894c, &(0x7f0000000040)={0xffffffffffffffff}) r7 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x120, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000780)={&(0x7f0000000740)='./file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)=')\x00') ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f00000007c0)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000880)={r1, r5}) r8 = socket$kcm(0xa, 0x6, 0x0) socketpair(0x1, 0x3, 0xfffffffffffffffc, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) getpid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={r9, 0x2, 0x1, 0xfffffffffffffffc, &(0x7f0000000700)=[0x0, 0x0], 0x2}, 0x20) socketpair(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xd, 0x0, 0x0, 0x0, 0x0, r10}, 0xa) bpf$MAP_CREATE(0x0, &(0x7f0000000900)={0x0, 0x7, 0x80000000, 0x7, 0x8, 0x1, 0x10000}, 0x2c) ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000100)={r10, r11}) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000001a80)) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', r11}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) socketpair(0x7, 0xa, 0x4b, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r9, 0x40042409, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000540)={r12, 0x7, 0x1, 0x0, &(0x7f0000000300)=[0x0], 0x1}, 0x20) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, &(0x7f0000000000)={r11}) 13:27:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0xc39) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) syz_mount_image$ext4(&(0x7f00000001c0)='ext2\x00', &(0x7f0000000200)='./file0\x00', 0x195, 0x1, &(0x7f0000000740)=[{&(0x7f00000006c0)="35bce4a5b1bf1fecf0773ee7764c06d77f92ca1b190c01d87615b5325cd2584c7f2aed7c8f0d3b2889eae7967ae98020bf608de5b41fcff8347b0aea3529b0000f9ea692", 0x44}], 0x40, &(0x7f0000000800)={[{@sb={'sb', 0x3d, 0x101}}, {@abort='abort'}, {@orlov='orlov'}, {@nolazytime='nolazytime'}, {@noblock_validity='noblock_validity'}, {@orlov='orlov'}, {@nojournal_checksum='nojournal_checksum'}], [{@appraise='appraise'}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$evdev(&(0x7f00000009c0)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000040)}) 13:27:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 244.605180] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 244.657137] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080), 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc1105518, &(0x7f0000000040)) 13:27:21 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000340)=@nfc, 0x80, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/53, 0x35}, {&(0x7f0000000400)=""/10, 0xa}, {&(0x7f0000000440)=""/27, 0x1b}, {&(0x7f0000000480)=""/78, 0x4e}, {&(0x7f0000000500)=""/35, 0x23}], 0x5, &(0x7f0000000600)=""/167, 0xa7, 0xfff}, 0x40000000) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb010018000000000000002c0000004400000040000000c3a399675c24cca8e2d90135b9cb7a282ba4ecec145f4e9d1b3a6db7d9cb4b6f2aac73a938cbcb4a44000000001108000000d9c7cd214165aa31fa370151b3b6f375e0a174ab04d966df5676a9102b9313302d9d7c49ea8ec372bbc4684670dded7649d9051432dcbda954c8dde5d637bbfea766c2aa631d1c01000000840437ed760a87e12b461b48e602af3dcba50104b4c8ae401e41f78801e5208b9703e6515c52114091164cbce0d2b6b13c189531dc870f142be8027b40338752857e92e415dacd7823910725e94745c054d7ffb7cc39727fbe"], &(0x7f0000000a80)=""/4096, 0xee, 0x1000, 0x1}, 0x20) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000040)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001b00)={0x0, r0, 0x0, 0x2, &(0x7f0000001ac0)='[\x00', 0x0}, 0x30) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001b40)=r2, 0x807d02264508a87d) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)=r3, 0x4) socketpair(0x0, 0x80007, 0x1, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x894c, &(0x7f0000000040)={0xffffffffffffffff}) r7 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x120, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000780)={&(0x7f0000000740)='./file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)=')\x00') ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f00000007c0)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000880)={r1, r5}) r8 = socket$kcm(0xa, 0x6, 0x0) socketpair(0x1, 0x3, 0xfffffffffffffffc, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) getpid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={r9, 0x2, 0x1, 0xfffffffffffffffc, &(0x7f0000000700)=[0x0, 0x0], 0x2}, 0x20) socketpair(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xd, 0x0, 0x0, 0x0, 0x0, r10}, 0xa) bpf$MAP_CREATE(0x0, &(0x7f0000000900)={0x0, 0x7, 0x80000000, 0x7, 0x8, 0x1, 0x10000}, 0x2c) ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000100)={r10, r11}) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000001a80)) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', r11}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) socketpair(0x7, 0xa, 0x4b, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r9, 0x40042409, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000540)={r12, 0x7, 0x1, 0x0, &(0x7f0000000300)=[0x0], 0x1}, 0x20) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, &(0x7f0000000000)={r11}) [ 244.777206] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:21 executing program 0: r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000340)=@nfc, 0x80, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/53, 0x35}, {&(0x7f0000000400)=""/10, 0xa}, {&(0x7f0000000440)=""/27, 0x1b}, {&(0x7f0000000480)=""/78, 0x4e}, {&(0x7f0000000500)=""/35, 0x23}], 0x5, &(0x7f0000000600)=""/167, 0xa7, 0xfff}, 0x40000000) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000980)=ANY=[@ANYBLOB="9feb010018000000000000002c0000004400000040000000c3a399675c24cca8e2d90135b9cb7a282ba4ecec145f4e9d1b3a6db7d9cb4b6f2aac73a938cbcb4a44000000001108000000d9c7cd214165aa31fa370151b3b6f375e0a174ab04d966df5676a9102b9313302d9d7c49ea8ec372bbc4684670dded7649d9051432dcbda954c8dde5d637bbfea766c2aa631d1c01000000840437ed760a87e12b461b48e602af3dcba50104b4c8ae401e41f78801e5208b9703e6515c52114091164cbce0d2b6b13c189531dc870f142be8027b40338752857e92e415dacd7823910725e94745c054d7ffb7cc39727fbe"], &(0x7f0000000a80)=""/4096, 0xee, 0x1000, 0x1}, 0x20) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000040)) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001b00)={0x0, r0, 0x0, 0x2, &(0x7f0000001ac0)='[\x00', 0x0}, 0x30) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000001b40)=r2, 0x807d02264508a87d) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000140)=r3, 0x4) socketpair(0x0, 0x80007, 0x1, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x894c, &(0x7f0000000040)={0xffffffffffffffff}) r7 = perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x120, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$kcm(0x29, 0x0, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000780)={&(0x7f0000000740)='./file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_SET_FILTER(r7, 0x40082406, &(0x7f00000000c0)=')\x00') ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f00000007c0)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000880)={r1, r5}) r8 = socket$kcm(0xa, 0x6, 0x0) socketpair(0x1, 0x3, 0xfffffffffffffffc, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) getpid() bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={r9, 0x2, 0x1, 0xfffffffffffffffc, &(0x7f0000000700)=[0x0, 0x0], 0x2}, 0x20) socketpair(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xd, 0x0, 0x0, 0x0, 0x0, r10}, 0xa) bpf$MAP_CREATE(0x0, &(0x7f0000000900)={0x0, 0x7, 0x80000000, 0x7, 0x8, 0x1, 0x10000}, 0x2c) ioctl$sock_kcm_SIOCKCMATTACH(r6, 0x89e0, &(0x7f0000000100)={r10, r11}) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000001a80)) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', r11}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000280)) socketpair(0x7, 0xa, 0x4b, &(0x7f0000000800)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r9, 0x40042409, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000540)={r12, 0x7, 0x1, 0x0, &(0x7f0000000300)=[0x0], 0x1}, 0x20) ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x8916, &(0x7f0000000000)={r11}) 13:27:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32", 0x8) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:21 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0xc39) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) syz_mount_image$ext4(&(0x7f00000001c0)='ext2\x00', &(0x7f0000000200)='./file0\x00', 0x195, 0x1, &(0x7f0000000740)=[{&(0x7f00000006c0)="35bce4a5b1bf1fecf0773ee7764c06d77f92ca1b190c01d87615b5325cd2584c7f2aed7c8f0d3b2889eae7967ae98020bf608de5b41fcff8347b0aea3529b0000f9ea692", 0x44}], 0x40, &(0x7f0000000800)={[{@sb={'sb', 0x3d, 0x101}}, {@abort='abort'}, {@orlov='orlov'}, {@nolazytime='nolazytime'}, {@noblock_validity='noblock_validity'}, {@orlov='orlov'}, {@nojournal_checksum='nojournal_checksum'}], [{@appraise='appraise'}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:21 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KDDELIO(0xffffffffffffffff, 0x4b35, 0xc39) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) syz_mount_image$ext4(&(0x7f00000001c0)='ext2\x00', &(0x7f0000000200)='./file0\x00', 0x195, 0x1, &(0x7f0000000740)=[{&(0x7f00000006c0)="35bce4a5b1bf1fecf0773ee7764c06d77f92ca1b190c01d87615b5325cd2584c7f2aed7c8f0d3b2889eae7967ae98020bf608de5b41fcff8347b0aea3529b0000f9ea692", 0x44}], 0x40, &(0x7f0000000800)={[{@sb={'sb', 0x3d, 0x101}}, {@abort='abort'}, {@orlov='orlov'}, {@nolazytime='nolazytime'}, {@noblock_validity='noblock_validity'}, {@orlov='orlov'}, {@nojournal_checksum='nojournal_checksum'}], [{@appraise='appraise'}]}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600), &(0x7f0000000ac0)=0xc) 13:27:21 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400", 0xc) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000", 0xe) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d0400000028", 0xf) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:22 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:22 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:22 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:23 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:23 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) 13:27:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 246.336095] EXT4-fs: 11 callbacks suppressed [ 246.336146] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:23 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:23 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) 13:27:23 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 246.591015] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 246.627529] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:23 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 246.732467] EXT4-fs (sda1): re-mounted. Opts: 13:27:23 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:23 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) 13:27:23 executing program 4 (fault-call:3 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 246.832864] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:23 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 247.001541] FAULT_INJECTION: forcing a failure. [ 247.001541] name failslab, interval 1, probability 0, space 0, times 1 [ 247.029923] CPU: 1 PID: 8363 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 247.038348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.038355] Call Trace: [ 247.038466] dump_stack+0x244/0x39d [ 247.038492] ? dump_stack_print_info.cold.1+0x20/0x20 [ 247.038550] should_fail.cold.4+0xa/0x17 [ 247.063442] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.063524] ? lock_downgrade+0x900/0x900 [ 247.063562] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 247.072841] ? retint_kernel+0x2d/0x2d [ 247.072865] ? find_held_lock+0x36/0x1c0 [ 247.072910] ? l2cap_sock_shutdown+0x378/0x10a0 [ 247.072978] ? perf_trace_sched_process_exec+0x860/0x860 [ 247.072999] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 247.100491] ? trace_hardirqs_on_caller+0xc0/0x310 [ 247.105500] __should_failslab+0x124/0x180 [ 247.109806] should_failslab+0x9/0x14 [ 247.113649] __kmalloc+0x2e0/0x760 [ 247.117213] ? strncpy_from_user+0x5a0/0x5a0 [ 247.117235] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 247.117338] ? __x64_sys_memfd_create+0x142/0x4f0 [ 247.117358] __x64_sys_memfd_create+0x142/0x4f0 [ 247.135999] ? memfd_fcntl+0x1910/0x1910 [ 247.140135] do_syscall_64+0x1b9/0x820 [ 247.144043] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 13:27:24 executing program 5 (fault-call:3 fault-nth:0): r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 247.149426] ? syscall_return_slowpath+0x5e0/0x5e0 [ 247.154368] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.159231] ? trace_hardirqs_on_caller+0x310/0x310 [ 247.164265] ? prepare_exit_to_usermode+0x291/0x3b0 [ 247.169301] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.174161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.174175] RIP: 0033:0x457569 13:27:24 executing program 4 (fault-call:3 fault-nth:1): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 247.174193] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.174202] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 247.174218] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 247.174227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 247.174237] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 247.174248] R10: 0000000020000100 R11: 0000000000000246 R12: 00007f5adf18c6d4 [ 247.174257] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000004 [ 247.242558] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 247.279514] FAULT_INJECTION: forcing a failure. [ 247.279514] name failslab, interval 1, probability 0, space 0, times 0 [ 247.291007] CPU: 1 PID: 8379 Comm: syz-executor5 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 247.299417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.308778] Call Trace: [ 247.311388] dump_stack+0x244/0x39d [ 247.315041] ? dump_stack_print_info.cold.1+0x20/0x20 [ 247.320258] ? mark_held_locks+0x130/0x130 [ 247.324517] should_fail.cold.4+0xa/0x17 [ 247.328594] ? __lock_acquire+0x62f/0x4c20 [ 247.332851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.337971] ? __lock_acquire+0x62f/0x4c20 [ 247.342226] ? mark_held_locks+0x130/0x130 [ 247.346480] ? mark_held_locks+0x130/0x130 [ 247.350732] ? __lock_acquire+0x62f/0x4c20 [ 247.354982] ? __lock_acquire+0x62f/0x4c20 [ 247.359233] ? __lock_acquire+0x62f/0x4c20 [ 247.363482] ? print_usage_bug+0xc0/0xc0 [ 247.367556] ? print_usage_bug+0xc0/0xc0 [ 247.371644] ? __lock_acquire+0x62f/0x4c20 [ 247.375891] ? mark_held_locks+0x130/0x130 [ 247.380140] ? mark_held_locks+0x130/0x130 [ 247.384386] ? mark_held_locks+0x130/0x130 [ 247.385666] FAULT_INJECTION: forcing a failure. [ 247.385666] name failslab, interval 1, probability 0, space 0, times 0 [ 247.388643] __should_failslab+0x124/0x180 [ 247.388673] should_failslab+0x9/0x14 [ 247.388691] kmem_cache_alloc_node+0x56/0x730 [ 247.388782] __alloc_skb+0x114/0x770 [ 247.388811] ? netdev_alloc_frag+0x1f0/0x1f0 [ 247.420597] ? lock_downgrade+0x900/0x900 [ 247.424818] ? check_preemption_disabled+0x48/0x280 [ 247.429902] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 247.434842] ? kasan_check_read+0x11/0x20 [ 247.439028] ? lwtunnel_get_encap_size+0xb4/0x3f0 [ 247.443883] ? lwtunnel_state_alloc+0x20/0x20 [ 247.448438] ? fib6_net_init+0x940/0x940 [ 247.452515] ? lock_release+0xa10/0xa10 [ 247.456501] ? do_raw_spin_trylock+0x270/0x270 [ 247.461113] inet6_rt_notify+0x101/0x2c0 [ 247.465188] fib6_del+0xf1c/0x12e0 [ 247.468739] ? zap_class+0x640/0x640 [ 247.472468] ? __lock_is_held+0xb5/0x140 [ 247.476560] ? fib6_locate+0x150/0x150 [ 247.480467] ? find_held_lock+0x36/0x1c0 [ 247.484544] ? lock_acquire+0x1ed/0x520 [ 247.488543] ? kasan_check_read+0x11/0x20 [ 247.492706] ? do_raw_spin_lock+0x14f/0x350 [ 247.497041] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 247.501987] ? rwlock_bug.part.2+0x90/0x90 [ 247.506236] ? rcu_softirq_qs+0x20/0x20 [ 247.510235] ip6_route_del+0x12b2/0x1790 [ 247.514317] ? ip6_route_dev_notify+0xc80/0xc80 [ 247.518992] ? find_held_lock+0x36/0x1c0 [ 247.523074] ? l3mdev_fib_table_by_index+0xf8/0x1b0 [ 247.528114] ? lock_downgrade+0x900/0x900 [ 247.532271] ? check_preemption_disabled+0x48/0x280 [ 247.537305] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 247.542245] ? kasan_check_read+0x11/0x20 [ 247.546403] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 247.551707] ipv6_route_ioctl+0x707/0xa80 [ 247.555862] ? zap_class+0x640/0x640 [ 247.559593] ? zap_class+0x640/0x640 [ 247.563357] ? rt6_purge_dflt_routers+0xb10/0xb10 [ 247.568282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 247.573869] ? _parse_integer+0x134/0x180 [ 247.578059] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 247.583260] inet6_ioctl+0x100/0x1f0 [ 247.587020] sock_do_ioctl+0xeb/0x420 [ 247.590838] ? compat_ifr_data_ioctl+0x170/0x170 [ 247.595605] ? check_preemption_disabled+0x48/0x280 [ 247.600647] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 247.605591] ? kasan_check_read+0x11/0x20 [ 247.609757] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 247.615048] ? rcu_softirq_qs+0x20/0x20 [ 247.619052] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 247.624278] sock_ioctl+0x313/0x690 [ 247.627923] ? dlci_ioctl_set+0x40/0x40 [ 247.631930] ? ksys_dup3+0x680/0x680 [ 247.635668] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 247.635689] ? dlci_ioctl_set+0x40/0x40 [ 247.635735] do_vfs_ioctl+0x1de/0x1720 [ 247.635750] ? __lock_is_held+0xb5/0x140 [ 247.635765] ? ioctl_preallocate+0x300/0x300 [ 247.635777] ? __fget_light+0x2e9/0x430 [ 247.635792] ? fget_raw+0x20/0x20 [ 247.644803] ? __sb_end_write+0xd9/0x110 [ 247.644824] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 247.644839] ? fput+0x130/0x1a0 [ 247.644863] ? do_syscall_64+0x9a/0x820 [ 247.681407] ? do_syscall_64+0x9a/0x820 [ 247.685397] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 247.690053] ? security_file_ioctl+0x94/0xc0 [ 247.694486] ksys_ioctl+0xa9/0xd0 [ 247.697955] __x64_sys_ioctl+0x73/0xb0 [ 247.701859] do_syscall_64+0x1b9/0x820 [ 247.705753] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 247.711137] ? syscall_return_slowpath+0x5e0/0x5e0 [ 247.716084] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.720940] ? trace_hardirqs_on_caller+0x310/0x310 [ 247.725971] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 247.731002] ? prepare_exit_to_usermode+0x291/0x3b0 [ 247.736036] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.740899] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 247.746103] RIP: 0033:0x457569 [ 247.749305] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 247.768243] RSP: 002b:00007fb4faf53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 247.775954] RAX: ffffffffffffffda RBX: 00007fb4faf53c90 RCX: 0000000000457569 [ 247.783232] RDX: 0000000020000380 RSI: 000000000000890c RDI: 0000000000000003 [ 247.790505] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 247.797770] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb4faf546d4 13:27:24 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 247.805037] R13: 00000000004c2083 R14: 00000000004d3000 R15: 0000000000000004 [ 247.813824] CPU: 0 PID: 8383 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 247.822239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 247.822245] Call Trace: [ 247.822268] dump_stack+0x244/0x39d [ 247.822291] ? dump_stack_print_info.cold.1+0x20/0x20 [ 247.822317] should_fail.cold.4+0xa/0x17 [ 247.822337] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 247.822355] ? trace_hardirqs_on_caller+0xc0/0x310 [ 247.822373] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 247.822403] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 247.822427] ? find_held_lock+0x36/0x1c0 [ 247.822515] ? udp6_set_csum+0xa8/0x5a0 [ 247.834818] ? expand_files.part.8+0x571/0x9a0 [ 247.834844] ? perf_trace_sched_process_exec+0x860/0x860 [ 247.885188] ? find_held_lock+0x36/0x1c0 [ 247.889264] __should_failslab+0x124/0x180 [ 247.893513] should_failslab+0x9/0x14 [ 247.897324] kmem_cache_alloc+0x2be/0x730 [ 247.901494] ? shmem_destroy_callback+0xc0/0xc0 [ 247.906175] shmem_alloc_inode+0x1b/0x40 [ 247.910254] alloc_inode+0x63/0x190 [ 247.913892] new_inode_pseudo+0x71/0x1a0 [ 247.918458] ? prune_icache_sb+0x1c0/0x1c0 [ 247.922715] ? _raw_spin_unlock+0x2c/0x50 [ 247.926881] new_inode+0x1c/0x40 [ 247.930261] shmem_get_inode+0xf1/0x920 [ 247.934268] ? shmem_encode_fh+0x340/0x340 [ 247.938516] ? lock_downgrade+0x900/0x900 [ 247.942682] ? lock_release+0xa10/0xa10 [ 247.946666] ? perf_trace_sched_process_exec+0x860/0x860 13:27:24 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000c00)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000340)={0x0, 0x2710}, 0x10) [ 247.952125] ? usercopy_warn+0x110/0x110 [ 247.956214] __shmem_file_setup.part.50+0x83/0x2a0 [ 247.961161] shmem_file_setup+0x65/0x90 [ 247.965157] __x64_sys_memfd_create+0x2af/0x4f0 [ 247.969822] ? memfd_fcntl+0x1910/0x1910 [ 247.973877] do_syscall_64+0x1b9/0x820 [ 247.977754] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 247.983105] ? syscall_return_slowpath+0x5e0/0x5e0 [ 247.988018] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 247.992848] ? trace_hardirqs_on_caller+0x310/0x310 [ 247.997853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.003394] ? prepare_exit_to_usermode+0x291/0x3b0 [ 248.008411] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.013252] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.018439] RIP: 0033:0x457569 [ 248.021618] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.040501] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 248.048199] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 13:27:25 executing program 5 (fault-call:3 fault-nth:1): r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 248.055465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 248.062718] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 248.069971] R10: 0000000020000100 R11: 0000000000000246 R12: 00007f5adf18c6d4 [ 248.077225] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000004 [ 248.139679] FAULT_INJECTION: forcing a failure. [ 248.139679] name failslab, interval 1, probability 0, space 0, times 0 [ 248.150975] CPU: 0 PID: 8392 Comm: syz-executor5 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 248.150985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.150992] Call Trace: [ 248.151018] dump_stack+0x244/0x39d [ 248.151043] ? dump_stack_print_info.cold.1+0x20/0x20 [ 248.151072] should_fail.cold.4+0xa/0x17 [ 248.151102] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 248.189398] ? __save_stack_trace+0x8d/0xf0 [ 248.193751] ? save_stack+0xa9/0xd0 [ 248.197405] ? save_stack+0x43/0xd0 [ 248.201037] ? kasan_kmalloc+0xc7/0xe0 [ 248.204931] ? kasan_slab_alloc+0x12/0x20 [ 248.209089] ? kmem_cache_alloc_node+0x144/0x730 [ 248.213858] ? __alloc_skb+0x114/0x770 [ 248.217755] ? inet6_rt_notify+0x101/0x2c0 [ 248.221994] ? fib6_del+0xf1c/0x12e0 [ 248.225712] ? ip6_route_del+0x12b2/0x1790 [ 248.229958] ? ipv6_route_ioctl+0x707/0xa80 [ 248.234288] ? inet6_ioctl+0x100/0x1f0 13:27:25 executing program 0: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 248.238183] ? sock_do_ioctl+0xeb/0x420 [ 248.242167] ? sock_ioctl+0x313/0x690 [ 248.245981] ? do_vfs_ioctl+0x1de/0x1720 [ 248.250047] ? ksys_ioctl+0xa9/0xd0 [ 248.253683] ? __x64_sys_ioctl+0x73/0xb0 [ 248.257758] ? do_syscall_64+0x1b9/0x820 [ 248.261830] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.267209] ? mark_held_locks+0x130/0x130 [ 248.271458] ? __lock_acquire+0x62f/0x4c20 [ 248.275714] ? __lock_acquire+0x62f/0x4c20 [ 248.279964] ? zap_class+0x640/0x640 [ 248.283696] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.289246] ? check_preemption_disabled+0x48/0x280 [ 248.294287] __should_failslab+0x124/0x180 [ 248.298544] should_failslab+0x9/0x14 [ 248.302371] kmem_cache_alloc_node_trace+0x5a/0x740 [ 248.307410] __kmalloc_node_track_caller+0x3c/0x70 [ 248.312358] __kmalloc_reserve.isra.40+0x41/0xe0 [ 248.317133] __alloc_skb+0x150/0x770 [ 248.320865] ? netdev_alloc_frag+0x1f0/0x1f0 [ 248.325284] ? lock_downgrade+0x900/0x900 [ 248.325301] ? check_preemption_disabled+0x48/0x280 [ 248.325324] ? rcu_read_unlock_special+0x1c0/0x1c0 13:27:25 executing program 4 (fault-call:3 fault-nth:2): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 248.325340] ? kasan_check_read+0x11/0x20 [ 248.325357] ? lwtunnel_get_encap_size+0xb4/0x3f0 [ 248.325372] ? lwtunnel_state_alloc+0x20/0x20 [ 248.325394] ? fib6_net_init+0x940/0x940 [ 248.334546] ? lock_release+0xa10/0xa10 [ 248.334561] ? do_raw_spin_trylock+0x270/0x270 [ 248.334606] inet6_rt_notify+0x101/0x2c0 [ 248.334629] fib6_del+0xf1c/0x12e0 [ 248.334643] ? zap_class+0x640/0x640 [ 248.334660] ? __lock_is_held+0xb5/0x140 [ 248.334684] ? fib6_locate+0x150/0x150 [ 248.334702] ? find_held_lock+0x36/0x1c0 [ 248.334724] ? lock_acquire+0x1ed/0x520 [ 248.334749] ? kasan_check_read+0x11/0x20 [ 248.334763] ? do_raw_spin_lock+0x14f/0x350 [ 248.334780] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 248.334796] ? rwlock_bug.part.2+0x90/0x90 [ 248.334812] ? rcu_softirq_qs+0x20/0x20 [ 248.334840] ip6_route_del+0x12b2/0x1790 [ 248.334865] ? ip6_route_dev_notify+0xc80/0xc80 [ 248.334879] ? find_held_lock+0x36/0x1c0 [ 248.334905] ? l3mdev_fib_table_by_index+0xf8/0x1b0 [ 248.334922] ? lock_downgrade+0x900/0x900 [ 248.334937] ? check_preemption_disabled+0x48/0x280 [ 248.334961] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 248.389183] ? kasan_check_read+0x11/0x20 [ 248.389204] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 248.389238] ipv6_route_ioctl+0x707/0xa80 [ 248.397340] ? zap_class+0x640/0x640 [ 248.397358] ? zap_class+0x640/0x640 [ 248.397384] ? rt6_purge_dflt_routers+0xb10/0xb10 [ 248.397411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 248.397429] ? _parse_integer+0x134/0x180 [ 248.397471] ? __sanitizer_cov_trace_switch+0x53/0x90 13:27:25 executing program 5 (fault-call:3 fault-nth:2): r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 248.397490] inet6_ioctl+0x100/0x1f0 [ 248.423729] sock_do_ioctl+0xeb/0x420 [ 248.423752] ? compat_ifr_data_ioctl+0x170/0x170 [ 248.423768] ? check_preemption_disabled+0x48/0x280 [ 248.423791] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 248.423807] ? kasan_check_read+0x11/0x20 [ 248.423828] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 248.423859] ? rcu_softirq_qs+0x20/0x20 [ 248.423899] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 248.423925] sock_ioctl+0x313/0x690 [ 248.423951] ? dlci_ioctl_set+0x40/0x40 [ 248.423974] ? ksys_dup3+0x680/0x680 [ 248.424007] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 248.424030] ? dlci_ioctl_set+0x40/0x40 [ 248.424047] do_vfs_ioctl+0x1de/0x1720 [ 248.424063] ? __lock_is_held+0xb5/0x140 [ 248.424082] ? ioctl_preallocate+0x300/0x300 [ 248.424098] ? __fget_light+0x2e9/0x430 [ 248.424114] ? fget_raw+0x20/0x20 [ 248.424130] ? __sb_end_write+0xd9/0x110 [ 248.424150] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 248.424166] ? fput+0x130/0x1a0 [ 248.424184] ? do_syscall_64+0x9a/0x820 [ 248.424199] ? do_syscall_64+0x9a/0x820 [ 248.424216] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 248.424236] ? security_file_ioctl+0x94/0xc0 [ 248.424255] ksys_ioctl+0xa9/0xd0 [ 248.424275] __x64_sys_ioctl+0x73/0xb0 [ 248.424293] do_syscall_64+0x1b9/0x820 [ 248.424309] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 248.424327] ? syscall_return_slowpath+0x5e0/0x5e0 [ 248.424343] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.424363] ? trace_hardirqs_on_caller+0x310/0x310 [ 248.424380] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 248.424398] ? prepare_exit_to_usermode+0x291/0x3b0 13:27:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8904, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 248.424420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 248.424444] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 248.424455] RIP: 0033:0x457569 [ 248.424472] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 248.424481] RSP: 002b:00007fb4faf53c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 248.424496] RAX: ffffffffffffffda RBX: 00007fb4faf53c90 RCX: 0000000000457569 13:27:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x89a0, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:25 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 248.424505] RDX: 0000000020000380 RSI: 000000000000890c RDI: 0000000000000003 [ 248.424515] RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000 [ 248.424525] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb4faf546d4 [ 248.424534] R13: 00000000004c2083 R14: 00000000004d3000 R15: 0000000000000004 [ 248.506512] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:25 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:25 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:25 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0xffffffff, 0x101000) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:25 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0xc020660b, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 248.920209] FAULT_INJECTION: forcing a failure. [ 248.920209] name failslab, interval 1, probability 0, space 0, times 0 [ 248.954416] CPU: 1 PID: 8426 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 248.962847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 248.962854] Call Trace: [ 248.962881] dump_stack+0x244/0x39d [ 248.962909] ? dump_stack_print_info.cold.1+0x20/0x20 [ 248.962941] should_fail.cold.4+0xa/0x17 [ 248.983963] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 248.983983] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 248.984001] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 248.984019] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 248.984047] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 248.984070] ? retint_kernel+0x2d/0x2d [ 249.016628] ? perf_trace_sched_process_exec+0x860/0x860 [ 249.022109] __should_failslab+0x124/0x180 [ 249.026363] should_failslab+0x9/0x14 [ 249.030177] kmem_cache_alloc+0x2be/0x730 [ 249.034337] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 249.038933] ? retint_kernel+0x2d/0x2d [ 249.042837] ? trace_hardirqs_on_caller+0xc0/0x310 [ 249.047760] __d_alloc+0xc8/0xb90 [ 249.051221] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 249.056249] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 249.060999] ? retint_kernel+0x2d/0x2d [ 249.064895] ? lockdep_annotate_inode_mutex_key+0x42/0x70 [ 249.070445] ? lockdep_annotate_inode_mutex_key+0x56/0x70 [ 249.075993] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 249.081545] d_alloc_pseudo+0x1d/0x30 [ 249.085358] alloc_file_pseudo+0x158/0x3f0 [ 249.089606] ? alloc_file+0x4d0/0x4d0 [ 249.093408] ? usercopy_warn+0x110/0x110 [ 249.097478] __shmem_file_setup.part.50+0x110/0x2a0 [ 249.102499] shmem_file_setup+0x65/0x90 [ 249.106477] __x64_sys_memfd_create+0x2af/0x4f0 [ 249.111146] ? memfd_fcntl+0x1910/0x1910 [ 249.115200] do_syscall_64+0x1b9/0x820 [ 249.119075] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 249.124442] ? syscall_return_slowpath+0x5e0/0x5e0 [ 249.129370] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.134199] ? trace_hardirqs_on_caller+0x310/0x310 [ 249.139212] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 249.144230] ? prepare_exit_to_usermode+0x291/0x3b0 [ 249.149253] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.154118] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.159305] RIP: 0033:0x457569 [ 249.162494] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.181377] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 249.189084] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 249.196351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 249.203604] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 249.210859] R10: 0000000020000100 R11: 0000000000000246 R12: 00007f5adf18c6d4 [ 249.218122] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000004 13:27:26 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8907, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 249.243836] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:26 executing program 4 (fault-call:3 fault-nth:3): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 249.309785] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:26 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:26 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8936, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 249.460629] FAULT_INJECTION: forcing a failure. [ 249.460629] name failslab, interval 1, probability 0, space 0, times 0 [ 249.519781] CPU: 1 PID: 8458 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 249.528225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.537589] Call Trace: [ 249.540197] dump_stack+0x244/0x39d [ 249.543850] ? dump_stack_print_info.cold.1+0x20/0x20 [ 249.543872] ? __save_stack_trace+0x8d/0xf0 [ 249.543900] should_fail.cold.4+0xa/0x17 [ 249.543928] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 249.557481] ? save_stack+0x43/0xd0 [ 249.557495] ? kasan_kmalloc+0xc7/0xe0 [ 249.557523] ? percpu_ref_put_many+0x11c/0x260 [ 249.557545] ? zap_class+0x640/0x640 [ 249.578441] ? find_held_lock+0x36/0x1c0 [ 249.582535] ? perf_trace_sched_process_exec+0x860/0x860 [ 249.582555] ? lock_downgrade+0x900/0x900 [ 249.582590] __should_failslab+0x124/0x180 [ 249.582611] should_failslab+0x9/0x14 [ 249.582627] kmem_cache_alloc+0x2be/0x730 [ 249.582649] ? d_set_d_op+0x31d/0x410 [ 249.592249] __alloc_file+0xa8/0x470 [ 249.592269] ? file_free_rcu+0xd0/0xd0 [ 249.592286] ? d_instantiate+0x79/0xa0 [ 249.592304] ? lock_downgrade+0x900/0x900 [ 249.592329] ? kasan_check_read+0x11/0x20 [ 249.628002] ? do_raw_spin_unlock+0xa7/0x330 [ 249.632427] ? do_raw_spin_trylock+0x270/0x270 [ 249.637029] alloc_empty_file+0x72/0x170 [ 249.641099] alloc_file+0x5e/0x4d0 [ 249.644626] ? _raw_spin_unlock+0x2c/0x50 [ 249.648763] alloc_file_pseudo+0x261/0x3f0 [ 249.652995] ? alloc_file+0x4d0/0x4d0 [ 249.656795] __shmem_file_setup.part.50+0x110/0x2a0 [ 249.661811] ? __sanitizer_cov_trace_pc+0x26/0x50 [ 249.666655] shmem_file_setup+0x65/0x90 [ 249.670629] __x64_sys_memfd_create+0x2af/0x4f0 [ 249.675307] ? memfd_fcntl+0x1910/0x1910 [ 249.679386] do_syscall_64+0x1b9/0x820 [ 249.683281] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 249.688662] ? syscall_return_slowpath+0x5e0/0x5e0 [ 249.693599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.698445] ? trace_hardirqs_on_caller+0x310/0x310 [ 249.703450] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 249.708457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 249.713992] ? prepare_exit_to_usermode+0x291/0x3b0 [ 249.719004] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 249.723836] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 249.729010] RIP: 0033:0x457569 [ 249.732191] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 249.751084] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 249.758782] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 13:27:26 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 249.766036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 249.773287] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 249.780540] R10: 0000000020000100 R11: 0000000000000246 R12: 00007f5adf18c6d4 [ 249.787795] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000004 13:27:26 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x89a1, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 249.818394] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:26 executing program 4 (fault-call:3 fault-nth:4): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:26 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:26 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:27 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8902, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 250.105369] FAULT_INJECTION: forcing a failure. [ 250.105369] name failslab, interval 1, probability 0, space 0, times 0 [ 250.175841] CPU: 1 PID: 8498 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 250.184291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.193648] Call Trace: [ 250.193678] dump_stack+0x244/0x39d [ 250.193705] ? dump_stack_print_info.cold.1+0x20/0x20 [ 250.193726] ? should_fail+0xed/0xd01 [ 250.208910] should_fail.cold.4+0xa/0x17 [ 250.212980] ? rcu_softirq_qs+0x20/0x20 [ 250.213000] ? fault_create_debugfs_attr+0x1f0/0x1f0 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x40049409, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x5452, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 250.213020] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 250.213040] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 250.213061] ? retint_kernel+0x2d/0x2d [ 250.235320] ? trace_hardirqs_on_caller+0xc0/0x310 [ 250.240272] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 250.245799] ? unwind_get_return_address+0x61/0xa0 [ 250.250749] ? __save_stack_trace+0x8d/0xf0 [ 250.255095] ? find_held_lock+0x36/0x1c0 [ 250.259197] ? perf_trace_sched_process_exec+0x860/0x860 [ 250.264676] __should_failslab+0x124/0x180 [ 250.268924] should_failslab+0x9/0x14 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8980, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 250.272738] kmem_cache_alloc_trace+0x2d7/0x750 [ 250.277420] ? __might_sleep+0x95/0x190 [ 250.281480] apparmor_file_alloc_security+0x17b/0xac0 [ 250.286684] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 250.292244] ? apparmor_path_rename+0xcd0/0xcd0 [ 250.296937] ? rcu_read_lock_sched_held+0x14f/0x180 [ 250.301966] ? kmem_cache_alloc+0x33a/0x730 [ 250.306304] security_file_alloc+0x4c/0xa0 [ 250.310545] __alloc_file+0x12a/0x470 [ 250.314358] ? file_free_rcu+0xd0/0xd0 [ 250.318263] ? d_instantiate+0x79/0xa0 [ 250.322167] ? lock_downgrade+0x900/0x900 [ 250.326337] ? kasan_check_read+0x11/0x20 [ 250.330503] ? do_raw_spin_unlock+0xa7/0x330 [ 250.334927] ? do_raw_spin_trylock+0x270/0x270 [ 250.339519] alloc_empty_file+0x72/0x170 [ 250.343603] alloc_file+0x5e/0x4d0 [ 250.347153] ? _raw_spin_unlock+0x2c/0x50 [ 250.351313] alloc_file_pseudo+0x261/0x3f0 [ 250.355561] ? alloc_file+0x4d0/0x4d0 [ 250.359386] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 250.364152] __shmem_file_setup.part.50+0x110/0x2a0 [ 250.369175] shmem_file_setup+0x65/0x90 [ 250.373160] __x64_sys_memfd_create+0x2af/0x4f0 [ 250.377863] ? memfd_fcntl+0x1910/0x1910 [ 250.381951] do_syscall_64+0x1b9/0x820 [ 250.385853] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 250.391231] ? syscall_return_slowpath+0x5e0/0x5e0 [ 250.396172] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.401032] ? trace_hardirqs_on_caller+0x310/0x310 [ 250.406061] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 250.411108] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.416661] ? prepare_exit_to_usermode+0x291/0x3b0 [ 250.421695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.426557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.431770] RIP: 0033:0x457569 [ 250.434973] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 250.453883] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 250.461605] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 250.468884] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 250.476153] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 250.483405] R10: 0000000020000100 R11: 0000000000000246 R12: 00007f5adf18c6d4 [ 250.490659] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000004 13:27:27 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x5451, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:27 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:27 executing program 4 (fault-call:3 fault-nth:5): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:27 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 250.745589] FAULT_INJECTION: forcing a failure. [ 250.745589] name failslab, interval 1, probability 0, space 0, times 0 [ 250.776266] CPU: 0 PID: 8541 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 250.784694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 13:27:27 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 250.794054] Call Trace: [ 250.796665] dump_stack+0x244/0x39d [ 250.800328] ? dump_stack_print_info.cold.1+0x20/0x20 [ 250.805540] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 250.810155] ? kasan_check_read+0x11/0x20 [ 250.814312] should_fail.cold.4+0xa/0x17 [ 250.814332] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 250.814350] ? _raw_spin_unlock_irq+0x60/0x80 [ 250.814368] ? __switch_to_asm+0x34/0x70 [ 250.814389] ? preempt_notifier_register+0x200/0x200 [ 250.814407] ? __switch_to_asm+0x34/0x70 [ 250.841759] ? __switch_to_asm+0x34/0x70 [ 250.845822] ? __switch_to_asm+0x40/0x70 [ 250.849879] ? __switch_to_asm+0x34/0x70 [ 250.853944] ? __switch_to_asm+0x40/0x70 [ 250.857992] ? __switch_to_asm+0x34/0x70 [ 250.862039] ? __switch_to_asm+0x40/0x70 [ 250.866087] ? __switch_to_asm+0x34/0x70 [ 250.870138] ? find_held_lock+0x36/0x1c0 [ 250.874199] ? perf_trace_sched_process_exec+0x860/0x860 [ 250.879647] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 250.885084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.890613] __should_failslab+0x124/0x180 [ 250.894839] should_failslab+0x9/0x14 [ 250.898627] kmem_cache_alloc+0x2be/0x730 [ 250.902763] ? retint_kernel+0x2d/0x2d [ 250.906655] getname_flags+0xd0/0x590 [ 250.910445] getname+0x19/0x20 [ 250.913637] do_sys_open+0x383/0x700 [ 250.917355] ? filp_open+0x80/0x80 [ 250.920883] ? trace_hardirqs_on+0x310/0x310 [ 250.925279] ? trace_hardirqs_off_caller+0x300/0x300 [ 250.930365] ? do_sys_ftruncate+0x449/0x550 [ 250.934678] __x64_sys_open+0x7e/0xc0 [ 250.938469] do_syscall_64+0x1b9/0x820 [ 250.942343] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 250.947706] ? syscall_return_slowpath+0x5e0/0x5e0 [ 250.952635] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.957464] ? trace_hardirqs_on_caller+0x310/0x310 [ 250.962485] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 250.968276] ? prepare_exit_to_usermode+0x291/0x3b0 [ 250.973285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 250.978125] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 250.983302] RIP: 0033:0x4111a1 13:27:27 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:27 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x2, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 250.986491] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 251.005401] RSP: 002b:00007f5adf18ba80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 251.013120] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 251.020395] RDX: 00007f5adf18bafa RSI: 0000000000000002 RDI: 00007f5adf18baf0 [ 251.020405] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 251.020414] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 251.020424] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 13:27:28 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8940, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:28 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:28 executing program 4 (fault-call:3 fault-nth:6): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:28 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0189436, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 251.279239] FAULT_INJECTION: forcing a failure. [ 251.279239] name failslab, interval 1, probability 0, space 0, times 0 [ 251.306139] CPU: 1 PID: 8583 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 251.314564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.323933] Call Trace: [ 251.323962] dump_stack+0x244/0x39d [ 251.323988] ? dump_stack_print_info.cold.1+0x20/0x20 [ 251.324011] ? should_fail+0x913/0xd01 [ 251.324036] should_fail.cold.4+0xa/0x17 [ 251.330242] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.330270] ? print_usage_bug+0xc0/0xc0 [ 251.330289] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.330316] ? find_held_lock+0x36/0x1c0 [ 251.362172] ? perf_trace_sched_process_exec+0x860/0x860 [ 251.367637] ? retint_kernel+0x2d/0x2d [ 251.371539] ? trace_hardirqs_on_caller+0xc0/0x310 [ 251.376496] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 251.381275] __should_failslab+0x124/0x180 [ 251.385530] should_failslab+0x9/0x14 [ 251.389345] kmem_cache_alloc+0x2be/0x730 [ 251.393496] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 251.398244] __alloc_file+0xa8/0x470 [ 251.401945] ? file_free_rcu+0xd0/0xd0 [ 251.405823] ? lock_release+0x4ea/0xa10 [ 251.409839] ? is_bpf_text_address+0xac/0x170 [ 251.414325] ? lock_downgrade+0x900/0x900 [ 251.418458] ? check_preemption_disabled+0x48/0x280 [ 251.423464] alloc_empty_file+0x72/0x170 [ 251.427513] path_openat+0x170/0x5150 [ 251.431303] ? rcu_softirq_qs+0x20/0x20 [ 251.435262] ? unwind_dump+0x190/0x190 [ 251.439139] ? zap_class+0x640/0x640 [ 251.442846] ? path_lookupat.isra.43+0xc00/0xc00 [ 251.447608] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 251.452612] ? expand_files.part.8+0x571/0x9a0 [ 251.457184] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 251.461756] ? find_held_lock+0x36/0x1c0 [ 251.465808] ? __alloc_fd+0x347/0x6e0 [ 251.469608] ? lock_downgrade+0x900/0x900 [ 251.473755] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 251.478500] ? kasan_check_read+0x11/0x20 [ 251.482702] ? do_raw_spin_unlock+0xa7/0x330 [ 251.487103] ? do_raw_spin_trylock+0x270/0x270 [ 251.491694] ? __alloc_fd+0x271/0x6e0 [ 251.495484] ? _raw_spin_unlock+0x2c/0x50 [ 251.499625] ? __alloc_fd+0x347/0x6e0 [ 251.503417] do_filp_open+0x255/0x380 [ 251.507207] ? may_open_dev+0x100/0x100 [ 251.511177] ? get_unused_fd_flags+0x122/0x1a0 [ 251.515759] ? __alloc_fd+0x6e0/0x6e0 [ 251.519585] do_sys_open+0x568/0x700 [ 251.523312] ? filp_open+0x80/0x80 [ 251.526859] ? __sanitizer_cov_trace_pc+0x32/0x50 [ 251.531712] ? trace_hardirqs_off_caller+0x300/0x300 [ 251.536822] ? do_sys_ftruncate+0x449/0x550 [ 251.541157] __x64_sys_open+0x7e/0xc0 [ 251.544971] do_syscall_64+0x1b9/0x820 [ 251.548877] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 251.554259] ? syscall_return_slowpath+0x5e0/0x5e0 [ 251.554276] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 251.554296] ? trace_hardirqs_on_caller+0x310/0x310 [ 251.554316] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 251.554335] ? prepare_exit_to_usermode+0x291/0x3b0 13:27:28 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:28 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:28 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:28 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8901, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 251.564107] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 251.564130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 251.564142] RIP: 0033:0x4111a1 [ 251.564160] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 251.589703] RSP: 002b:00007f5adf18ba80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 251.589719] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 251.589729] RDX: 00007f5adf18bafa RSI: 0000000000000002 RDI: 00007f5adf18baf0 [ 251.589738] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 251.589748] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 [ 251.589757] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 13:27:28 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 251.672140] EXT4-fs: 9 callbacks suppressed [ 251.672154] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:28 executing program 4 (fault-call:3 fault-nth:7): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 251.741223] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 251.859655] FAULT_INJECTION: forcing a failure. [ 251.859655] name failslab, interval 1, probability 0, space 0, times 0 [ 251.879381] CPU: 1 PID: 8611 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 251.887796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 251.897130] Call Trace: [ 251.899711] dump_stack+0x244/0x39d [ 251.903454] ? dump_stack_print_info.cold.1+0x20/0x20 [ 251.908636] ? lock_downgrade+0x900/0x900 [ 251.912771] ? check_preemption_disabled+0x48/0x280 [ 251.917777] should_fail.cold.4+0xa/0x17 [ 251.921825] ? rcu_softirq_qs+0x20/0x20 [ 251.925786] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 251.930881] ? is_bpf_text_address+0xd3/0x170 [ 251.935413] ? kernel_text_address+0x79/0xf0 [ 251.939812] ? __kernel_text_address+0xd/0x40 [ 251.944293] ? unwind_get_return_address+0x61/0xa0 [ 251.949215] ? __save_stack_trace+0x8d/0xf0 [ 251.953524] ? find_held_lock+0x36/0x1c0 [ 251.957595] ? do_syscall_64+0x1b9/0x820 [ 251.961646] ? perf_trace_sched_process_exec+0x860/0x860 [ 251.967096] __should_failslab+0x124/0x180 [ 251.971321] should_failslab+0x9/0x14 [ 251.975125] kmem_cache_alloc_trace+0x2d7/0x750 [ 251.979783] ? __might_sleep+0x95/0x190 [ 251.983762] apparmor_file_alloc_security+0x17b/0xac0 [ 251.988950] ? apparmor_path_rename+0xcd0/0xcd0 [ 251.993606] ? retint_kernel+0x2d/0x2d [ 251.997526] ? selinux_is_enabled+0xa/0x60 [ 252.001752] security_file_alloc+0x4c/0xa0 [ 252.005981] __alloc_file+0x12a/0x470 [ 252.009768] ? file_free_rcu+0xd0/0xd0 [ 252.013642] ? find_held_lock+0x36/0x1c0 [ 252.017698] ? is_bpf_text_address+0xac/0x170 [ 252.022182] ? lock_downgrade+0x900/0x900 [ 252.026314] ? check_preemption_disabled+0x48/0x280 [ 252.031319] alloc_empty_file+0x72/0x170 [ 252.035369] path_openat+0x170/0x5150 [ 252.039156] ? rcu_softirq_qs+0x20/0x20 [ 252.043136] ? unwind_dump+0x190/0x190 [ 252.047028] ? zap_class+0x640/0x640 [ 252.050733] ? path_lookupat.isra.43+0xc00/0xc00 [ 252.055473] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 252.060216] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 252.065220] ? expand_files.part.8+0x571/0x9a0 [ 252.069792] ? find_held_lock+0x36/0x1c0 [ 252.073841] ? __alloc_fd+0x347/0x6e0 [ 252.077649] ? lock_downgrade+0x900/0x900 [ 252.081788] ? kasan_check_read+0x11/0x20 [ 252.085919] ? do_raw_spin_unlock+0xa7/0x330 [ 252.090316] ? do_raw_spin_trylock+0x270/0x270 [ 252.094881] ? __lock_is_held+0xb5/0x140 [ 252.098928] ? __check_object_size+0xb1/0x782 [ 252.103415] ? _raw_spin_unlock+0x2c/0x50 [ 252.107545] ? __alloc_fd+0x347/0x6e0 [ 252.111356] do_filp_open+0x255/0x380 [ 252.115145] ? may_open_dev+0x100/0x100 [ 252.119122] ? get_unused_fd_flags+0x122/0x1a0 [ 252.123691] ? __alloc_fd+0x6e0/0x6e0 [ 252.127479] ? __lock_is_held+0xb5/0x140 [ 252.131528] do_sys_open+0x568/0x700 [ 252.135227] ? filp_open+0x80/0x80 [ 252.138757] ? trace_hardirqs_off_caller+0x300/0x300 [ 252.143844] ? do_sys_ftruncate+0x449/0x550 [ 252.148155] __x64_sys_open+0x7e/0xc0 [ 252.151945] do_syscall_64+0x1b9/0x820 [ 252.155820] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 252.161170] ? syscall_return_slowpath+0x5e0/0x5e0 [ 252.166098] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.170929] ? trace_hardirqs_on_caller+0x310/0x310 [ 252.175931] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 252.180935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 252.186463] ? prepare_exit_to_usermode+0x291/0x3b0 [ 252.191467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.196298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.201474] RIP: 0033:0x4111a1 [ 252.204654] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 252.223539] RSP: 002b:00007f5adf18ba80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 252.231235] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 252.238489] RDX: 00007f5adf18bafa RSI: 0000000000000002 RDI: 00007f5adf18baf0 [ 252.245741] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 252.252995] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000005 13:27:29 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:29 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8911, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:29 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 252.260250] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 13:27:29 executing program 4 (fault-call:3 fault-nth:8): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:29 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8925, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 252.310815] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 252.377584] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:29 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:29 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 252.476473] FAULT_INJECTION: forcing a failure. [ 252.476473] name failslab, interval 1, probability 0, space 0, times 0 [ 252.507715] CPU: 0 PID: 8638 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 252.516149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.516156] Call Trace: [ 252.516185] dump_stack+0x244/0x39d [ 252.516213] ? dump_stack_print_info.cold.1+0x20/0x20 [ 252.536959] should_fail.cold.4+0xa/0x17 [ 252.541041] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 252.546152] ? down_write_nested+0x130/0x130 [ 252.550565] ? down_read+0x120/0x120 [ 252.550605] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 252.550625] ? zap_class+0x640/0x640 [ 252.550645] ? lock_acquire+0x1ed/0x520 [ 252.567659] ? lo_ioctl+0x8e/0x1d60 [ 252.571313] ? find_held_lock+0x36/0x1c0 [ 252.575391] ? __lock_is_held+0xb5/0x140 [ 252.579493] ? mwifiex_sta_prepare_cmd+0xb678/0xdaa0 [ 252.584628] ? perf_trace_sched_process_exec+0x860/0x860 [ 252.590100] __should_failslab+0x124/0x180 [ 252.594354] should_failslab+0x9/0x14 [ 252.598166] kmem_cache_alloc_trace+0x2d7/0x750 [ 252.602851] ? check_preemption_disabled+0x48/0x280 [ 252.607888] __kthread_create_on_node+0x137/0x540 [ 252.612793] ? loop_get_status64+0x140/0x140 [ 252.617223] ? kthread_parkme+0xb0/0xb0 [ 252.621224] ? __lockdep_init_map+0x105/0x590 [ 252.621244] ? __lockdep_init_map+0x105/0x590 [ 252.621266] ? loop_get_status64+0x140/0x140 [ 252.621285] kthread_create_on_node+0xb1/0xe0 [ 252.621307] ? __kthread_create_on_node+0x540/0x540 [ 252.630290] ? kasan_check_read+0x11/0x20 [ 252.630316] lo_ioctl+0x7f6/0x1d60 [ 252.630340] ? lo_rw_aio+0x1ef0/0x1ef0 [ 252.630389] blkdev_ioctl+0x9ac/0x2010 [ 252.630406] ? blkpg_ioctl+0xc10/0xc10 [ 252.643840] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 252.644297] ? lock_downgrade+0x900/0x900 [ 252.644313] ? check_preemption_disabled+0x48/0x280 [ 252.644337] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 252.644362] ? kasan_check_read+0x11/0x20 [ 252.689905] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 252.695186] ? rcu_softirq_qs+0x20/0x20 [ 252.699156] ? __fget+0x4d1/0x740 [ 252.702609] ? ksys_dup3+0x680/0x680 [ 252.706396] block_ioctl+0xee/0x130 [ 252.710026] ? blkdev_fallocate+0x400/0x400 [ 252.714351] do_vfs_ioctl+0x1de/0x1720 [ 252.718242] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 252.723767] ? ioctl_preallocate+0x300/0x300 [ 252.728162] ? __fget_light+0x2e9/0x430 [ 252.732135] ? fget_raw+0x20/0x20 [ 252.735611] ? rcu_read_lock_sched_held+0x14f/0x180 [ 252.740629] ? kmem_cache_free+0x24f/0x290 [ 252.744851] ? putname+0xf7/0x130 [ 252.748298] ? do_syscall_64+0x9a/0x820 [ 252.752274] ? do_syscall_64+0x9a/0x820 [ 252.756250] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 252.760820] ? security_file_ioctl+0x94/0xc0 [ 252.765218] ksys_ioctl+0xa9/0xd0 [ 252.768660] __x64_sys_ioctl+0x73/0xb0 [ 252.772548] do_syscall_64+0x1b9/0x820 [ 252.776457] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 252.781809] ? syscall_return_slowpath+0x5e0/0x5e0 [ 252.786727] ? trace_hardirqs_on_caller+0x310/0x310 [ 252.791740] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 252.796848] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 252.803520] ? __switch_to_asm+0x40/0x70 [ 252.807576] ? __switch_to_asm+0x34/0x70 [ 252.811632] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 252.816463] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 252.821649] RIP: 0033:0x4573d7 [ 252.824838] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 252.843747] RSP: 002b:00007f5adf16aa88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.851465] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 252.858735] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 252.866004] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 13:27:29 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8918, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 252.873276] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 252.880537] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 13:27:29 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:29 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x894c, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 253.075679] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x4020940d, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:30 executing program 4 (fault-call:3 fault-nth:9): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:30 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 253.253523] FAULT_INJECTION: forcing a failure. [ 253.253523] name failslab, interval 1, probability 0, space 0, times 0 [ 253.270260] CPU: 1 PID: 8678 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 253.278693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 253.288059] Call Trace: [ 253.290671] dump_stack+0x244/0x39d [ 253.294321] ? dump_stack_print_info.cold.1+0x20/0x20 [ 253.299538] should_fail.cold.4+0xa/0x17 [ 253.303629] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 253.308743] ? mark_held_locks+0xc7/0x130 [ 253.312907] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 253.312928] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 253.312943] ? retint_kernel+0x2d/0x2d [ 253.312961] ? trace_hardirqs_on_caller+0xc0/0x310 [ 253.312978] ? zap_class+0x640/0x640 [ 253.312994] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 253.313007] ? retint_kernel+0x1b/0x2d [ 253.313027] ? trace_hardirqs_on+0x310/0x310 [ 253.322365] ? find_held_lock+0x36/0x1c0 [ 253.322387] ? __lock_is_held+0xb5/0x140 [ 253.322476] ? dbg_check_nondata_nodes_order+0xa8/0x5d0 [ 253.322509] ? perf_trace_sched_process_exec+0x860/0x860 [ 253.322526] ? __lockdep_init_map+0xe2/0x590 [ 253.322552] __should_failslab+0x124/0x180 [ 253.348791] should_failslab+0x9/0x14 [ 253.348809] kmem_cache_alloc_trace+0x2d7/0x750 [ 253.348827] ? check_preemption_disabled+0x48/0x280 [ 253.348853] __kthread_create_on_node+0x137/0x540 [ 253.356956] ? loop_get_status64+0x140/0x140 [ 253.356974] ? kthread_parkme+0xb0/0xb0 [ 253.357010] ? __lockdep_init_map+0x105/0x590 [ 253.357028] ? __lockdep_init_map+0x105/0x590 [ 253.367829] ? loop_get_status64+0x140/0x140 [ 253.367850] kthread_create_on_node+0xb1/0xe0 [ 253.367868] ? __kthread_create_on_node+0x540/0x540 [ 253.367889] ? kasan_check_read+0x11/0x20 [ 253.367912] lo_ioctl+0x7f6/0x1d60 [ 253.376537] ? lo_rw_aio+0x1ef0/0x1ef0 [ 253.376553] blkdev_ioctl+0x9ac/0x2010 [ 253.376581] ? blkpg_ioctl+0xc10/0xc10 [ 253.376597] ? lock_downgrade+0x900/0x900 [ 253.376613] ? check_preemption_disabled+0x48/0x280 [ 253.376635] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 253.376652] ? kasan_check_read+0x11/0x20 [ 253.376671] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 253.376691] ? rcu_softirq_qs+0x20/0x20 [ 253.459558] ? __fget+0x4d1/0x740 [ 253.459593] ? ksys_dup3+0x680/0x680 [ 253.459613] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 253.459638] block_ioctl+0xee/0x130 [ 253.469046] ? blkdev_fallocate+0x400/0x400 [ 253.469065] do_vfs_ioctl+0x1de/0x1720 [ 253.469093] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 13:27:30 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 253.469112] ? ioctl_preallocate+0x300/0x300 [ 253.507425] ? __fget_light+0x2e9/0x430 [ 253.511418] ? fget_raw+0x20/0x20 [ 253.514889] ? rcu_read_lock_sched_held+0x14f/0x180 [ 253.519922] ? kmem_cache_free+0x24f/0x290 [ 253.524161] ? putname+0xf7/0x130 [ 253.527607] ? do_syscall_64+0x9a/0x820 [ 253.531580] ? do_syscall_64+0x9a/0x820 [ 253.535557] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 253.540156] ? security_file_ioctl+0x94/0xc0 [ 253.544559] ksys_ioctl+0xa9/0xd0 [ 253.548016] __x64_sys_ioctl+0x73/0xb0 [ 253.551891] do_syscall_64+0x1b9/0x820 [ 253.555769] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 253.561130] ? syscall_return_slowpath+0x5e0/0x5e0 [ 253.566055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 253.570902] ? trace_hardirqs_on_caller+0x310/0x310 [ 253.575923] ? prepare_exit_to_usermode+0x291/0x3b0 [ 253.580931] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 253.585765] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 253.590939] RIP: 0033:0x4573d7 [ 253.594130] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 253.613032] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.620730] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 253.627998] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 253.635257] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 253.642526] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 13:27:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8982, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 253.649783] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 [ 253.672300] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:30 executing program 4 (fault-call:3 fault-nth:10): perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:30 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:30 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:30 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:30 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8906, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 253.953050] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 253.971057] FAULT_INJECTION: forcing a failure. [ 253.971057] name failslab, interval 1, probability 0, space 0, times 0 [ 254.065372] CPU: 1 PID: 8713 Comm: syz-executor4 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 254.073826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 254.083181] Call Trace: [ 254.083210] dump_stack+0x244/0x39d [ 254.083236] ? dump_stack_print_info.cold.1+0x20/0x20 [ 254.083256] ? cpuacct_charge+0x265/0x440 [ 254.083283] should_fail.cold.4+0xa/0x17 [ 254.083307] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 254.083333] ? mark_held_locks+0xc7/0x130 [ 254.083357] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.083380] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 254.108071] ? retint_kernel+0x2d/0x2d [ 254.108097] ? trace_hardirqs_on_caller+0xc0/0x310 [ 254.108115] ? __account_cfs_rq_runtime+0x790/0x790 [ 254.108132] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.108150] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 254.108169] ? find_held_lock+0x36/0x1c0 [ 254.108194] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.108220] ? retint_kernel+0x2d/0x2d [ 254.158331] ? __should_failslab+0x14/0x180 [ 254.162644] __should_failslab+0x124/0x180 [ 254.166881] should_failslab+0x9/0x14 [ 254.170683] kmem_cache_alloc+0x2be/0x730 [ 254.174832] ? print_usage_bug+0xc0/0xc0 [ 254.178896] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 254.183980] __kernfs_new_node+0x127/0x8d0 [ 254.188211] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 254.192964] ? retint_kernel+0x2d/0x2d [ 254.196852] ? trace_hardirqs_on_caller+0xc0/0x310 [ 254.201767] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.206530] ? mark_held_locks+0xc7/0x130 [ 254.210696] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.215463] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 254.220054] ? retint_kernel+0x2d/0x2d [ 254.223968] ? trace_hardirqs_on_caller+0xc0/0x310 [ 254.228884] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.233640] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 254.239100] ? retint_kernel+0x2d/0x2d [ 254.242981] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.247733] kernfs_new_node+0x95/0x120 [ 254.251710] kernfs_create_dir_ns+0x4d/0x160 [ 254.256184] internal_create_group+0x5fc/0xd80 [ 254.260795] ? remove_files.isra.1+0x190/0x190 [ 254.265379] ? up_write+0x7b/0x220 [ 254.268910] ? down_write_nested+0x130/0x130 [ 254.273307] ? down_read+0x120/0x120 [ 254.277015] sysfs_create_group+0x1f/0x30 [ 254.281152] lo_ioctl+0x1307/0x1d60 [ 254.284767] ? lo_rw_aio+0x1ef0/0x1ef0 [ 254.288641] blkdev_ioctl+0x9ac/0x2010 [ 254.292516] ? blkpg_ioctl+0xc10/0xc10 [ 254.296391] ? lock_downgrade+0x900/0x900 [ 254.300526] ? check_preemption_disabled+0x48/0x280 [ 254.305547] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 254.310481] ? kasan_check_read+0x11/0x20 [ 254.314616] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 254.319885] ? rcu_softirq_qs+0x20/0x20 [ 254.323855] ? __fget+0x4d1/0x740 [ 254.327302] ? ksys_dup3+0x680/0x680 [ 254.331005] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 254.336461] block_ioctl+0xee/0x130 [ 254.340077] ? blkdev_fallocate+0x400/0x400 [ 254.344402] do_vfs_ioctl+0x1de/0x1720 [ 254.348281] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.353027] ? ioctl_preallocate+0x300/0x300 [ 254.357423] ? __fget_light+0x2e9/0x430 [ 254.361388] ? fget_raw+0x20/0x20 [ 254.364833] ? rcu_read_lock_sched_held+0x14f/0x180 [ 254.369855] ? kmem_cache_free+0x24f/0x290 [ 254.374112] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 254.378865] ? security_file_ioctl+0x94/0xc0 [ 254.383267] ksys_ioctl+0xa9/0xd0 [ 254.386730] __x64_sys_ioctl+0x73/0xb0 [ 254.390607] ? do_syscall_64+0xca/0x820 [ 254.394574] do_syscall_64+0x1b9/0x820 [ 254.398463] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 254.403825] ? syscall_return_slowpath+0x5e0/0x5e0 [ 254.408752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.413606] ? trace_hardirqs_on_caller+0x310/0x310 [ 254.418616] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 254.423708] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 254.429246] ? prepare_exit_to_usermode+0x291/0x3b0 [ 254.434254] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 254.439094] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 254.444273] RIP: 0033:0x4573d7 [ 254.447456] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 13:27:31 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 254.466367] RSP: 002b:00007f5adf18ba88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 254.474069] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 254.481341] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006 [ 254.488635] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 254.495924] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000005 [ 254.503206] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000004 13:27:31 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:31 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:31 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 254.650420] EXT4-fs (sda1): re-mounted. Opts: 13:27:31 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:31 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8941, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:31 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 254.868129] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:32 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:32 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8981, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:32 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8916, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:32 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="00000d5080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:32 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0045878, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:32 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:32 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:33 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x5460, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:33 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="ffffff9780", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:33 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:33 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0045878, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:33 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0007000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:33 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x5421, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:33 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:33 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="00000d5080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:33 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x5450, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:33 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 256.895433] EXT4-fs: 12 callbacks suppressed [ 256.895482] EXT4-fs (sda1): re-mounted. Opts: 13:27:34 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0020000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8903, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:34 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="00000d5080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 257.193682] EXT4-fs (sda1): re-mounted. Opts: 13:27:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x300}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:34 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) [ 257.227918] EXT4-fs (sda1): re-mounted. Opts: 13:27:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="003f000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0020000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x2}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 257.339172] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, [ 257.562062] EXT4-fs (sda1): re-mounted. Opts: [ 257.584252] EXT4-fs (sda1): re-mounted. Opts: 13:27:34 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x11}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:34 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:34 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:34 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:34 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0006000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:34 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="003f000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 258.066752] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:35 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 258.129102] EXT4-fs (sda1): re-mounted. Opts: [ 258.141647] EXT4-fs (sda1): re-mounted. Opts: 13:27:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="8cffffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:35 executing program 3: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:35 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:35 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x300}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 258.364472] EXT4-fs (sda1): re-mounted. Opts: inode_readahead_blks=0x0000000000000000, 13:27:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:35 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:35 executing program 0: ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:35 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:35 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0400000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:35 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="8cffffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:35 executing program 0: ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:35 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fdffffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:36 executing program 0: ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0400000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:36 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 0: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:36 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000001080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:36 executing program 0: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fdffffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:36 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 0: r0 = socket(0x0, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:36 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:36 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:36 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:36 executing program 0: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:36 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000780", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 0: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 0: r0 = socket(0xa, 0x0, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="4c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:37 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 0: socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:37 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000780", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:37 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:37 executing program 0: socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:37 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:37 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fffffff680", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 3: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="4c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:38 executing program 0: socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="4800000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks'}}]}) 13:27:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:38 executing program 0 (fault-call:1 fault-nth:0): r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:38 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 3 (fault-call:3 fault-nth:0): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:38 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0600000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="4800000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:38 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x894c, &(0x7f0000000380)={@mcast1, @loopback}) [ 261.805728] FAULT_INJECTION: forcing a failure. [ 261.805728] name failslab, interval 1, probability 0, space 0, times 0 13:27:38 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 261.893461] CPU: 1 PID: 9366 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 261.901938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.911296] Call Trace: [ 261.911326] dump_stack+0x244/0x39d [ 261.911349] ? dump_stack_print_info.cold.1+0x20/0x20 [ 261.911372] ? lock_downgrade+0x900/0x900 [ 261.911402] should_fail.cold.4+0xa/0x17 [ 261.930999] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 261.936131] ? lock_downgrade+0x900/0x900 [ 261.940295] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 261.940348] ? proc_fail_nth_write+0x9e/0x210 [ 261.940367] ? proc_cwd_link+0x1d0/0x1d0 [ 261.954453] ? find_held_lock+0x36/0x1c0 [ 261.958550] ? perf_trace_sched_process_exec+0x860/0x860 [ 261.964032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 261.969601] __should_failslab+0x124/0x180 [ 261.973855] should_failslab+0x9/0x14 [ 261.977666] __kmalloc+0x2e0/0x760 [ 261.981236] ? strncpy_from_user+0x5a0/0x5a0 [ 261.981256] ? fput+0x130/0x1a0 [ 261.981273] ? do_syscall_64+0x9a/0x820 [ 261.981287] ? __x64_sys_memfd_create+0x142/0x4f0 [ 261.981302] ? do_syscall_64+0x9a/0x820 [ 261.981332] __x64_sys_memfd_create+0x142/0x4f0 [ 261.992976] ? memfd_fcntl+0x1910/0x1910 [ 261.993003] do_syscall_64+0x1b9/0x820 [ 262.014385] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 262.019770] ? syscall_return_slowpath+0x5e0/0x5e0 [ 262.024789] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.029654] ? trace_hardirqs_on_caller+0x310/0x310 [ 262.034682] ? prepare_exit_to_usermode+0x3b0/0x3b0 13:27:38 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x2, &(0x7f0000000380)={@mcast1, @loopback}) [ 262.039714] ? prepare_exit_to_usermode+0x291/0x3b0 [ 262.044752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.049623] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.054819] RIP: 0033:0x457569 [ 262.054837] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.054846] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 262.054862] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 13:27:39 executing program 3 (fault-call:3 fault-nth:1): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 262.054871] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 262.054880] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 262.054890] R10: 0000000020000100 R11: 0000000000000246 R12: 00007fa4ee7716d4 [ 262.054899] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000003 13:27:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000003f80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:39 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="4800000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0xc020660b, &(0x7f0000000380)={@mcast1, @loopback}) [ 262.259695] FAULT_INJECTION: forcing a failure. [ 262.259695] name failslab, interval 1, probability 0, space 0, times 0 13:27:39 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 262.328367] CPU: 0 PID: 9401 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 262.336821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.346182] Call Trace: [ 262.348788] dump_stack+0x244/0x39d [ 262.352434] ? dump_stack_print_info.cold.1+0x20/0x20 [ 262.357653] should_fail.cold.4+0xa/0x17 [ 262.361729] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 262.366856] ? zap_class+0x640/0x640 [ 262.370599] ? __lock_acquire+0x62f/0x4c20 [ 262.370617] ? lock_downgrade+0x900/0x900 [ 262.370634] ? check_preemption_disabled+0x48/0x280 [ 262.370658] ? find_held_lock+0x36/0x1c0 [ 262.379055] ? expand_files.part.8+0x571/0x9a0 [ 262.379073] ? perf_trace_sched_process_exec+0x860/0x860 [ 262.379099] ? find_held_lock+0x36/0x1c0 [ 262.402239] __should_failslab+0x124/0x180 [ 262.406491] should_failslab+0x9/0x14 [ 262.410307] kmem_cache_alloc+0x2be/0x730 [ 262.414474] ? shmem_destroy_callback+0xc0/0xc0 [ 262.419157] shmem_alloc_inode+0x1b/0x40 [ 262.423225] alloc_inode+0x63/0x190 13:27:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x5421, &(0x7f0000000380)={@mcast1, @loopback}) [ 262.426866] new_inode_pseudo+0x71/0x1a0 [ 262.430932] ? prune_icache_sb+0x1c0/0x1c0 [ 262.435180] ? _raw_spin_unlock+0x2c/0x50 [ 262.439342] new_inode+0x1c/0x40 [ 262.442720] shmem_get_inode+0xf1/0x920 [ 262.446710] ? shmem_encode_fh+0x340/0x340 [ 262.450954] ? lock_downgrade+0x900/0x900 [ 262.450975] ? lock_release+0xa10/0xa10 [ 262.450991] ? perf_trace_sched_process_exec+0x860/0x860 [ 262.451008] ? usercopy_warn+0x110/0x110 [ 262.451037] __shmem_file_setup.part.50+0x83/0x2a0 [ 262.451058] shmem_file_setup+0x65/0x90 [ 262.459174] __x64_sys_memfd_create+0x2af/0x4f0 [ 262.482368] ? memfd_fcntl+0x1910/0x1910 [ 262.482399] do_syscall_64+0x1b9/0x820 [ 262.482416] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 262.482436] ? syscall_return_slowpath+0x5e0/0x5e0 [ 262.482451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.482470] ? trace_hardirqs_on_caller+0x310/0x310 [ 262.482492] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 262.490437] ? prepare_exit_to_usermode+0x291/0x3b0 [ 262.490460] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 262.490486] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 262.490499] RIP: 0033:0x457569 [ 262.490517] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 262.490525] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 262.500813] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 262.500824] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0189436, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 262.500833] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 262.500843] R10: 0000000020000100 R11: 0000000000000246 R12: 00007fa4ee7716d4 [ 262.500852] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000003 [ 262.596324] EXT4-fs: 22 callbacks suppressed [ 262.596369] EXT4-fs (sda1): re-mounted. Opts: [ 262.646814] EXT4-fs (sda1): re-mounted. Opts: 13:27:39 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 262.699461] EXT4-fs (sda1): re-mounted. Opts: 13:27:39 executing program 3 (fault-call:3 fault-nth:2): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8980, &(0x7f0000000380)={@mcast1, @loopback}) [ 262.836926] EXT4-fs (sda1): re-mounted. Opts: 13:27:39 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000380", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:39 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 262.888276] FAULT_INJECTION: forcing a failure. [ 262.888276] name failslab, interval 1, probability 0, space 0, times 0 [ 262.900004] CPU: 1 PID: 9448 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 262.908419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 262.908426] Call Trace: [ 262.908454] dump_stack+0x244/0x39d [ 262.908480] ? dump_stack_print_info.cold.1+0x20/0x20 [ 262.929226] should_fail.cold.4+0xa/0x17 [ 262.933301] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 262.933319] ? __kernel_text_address+0xd/0x40 [ 262.933335] ? unwind_get_return_address+0x61/0xa0 [ 262.933389] ? find_held_lock+0x36/0x1c0 [ 262.951982] ? perf_trace_sched_process_exec+0x860/0x860 [ 262.957463] __should_failslab+0x124/0x180 [ 262.961723] should_failslab+0x9/0x14 [ 262.966054] kmem_cache_alloc+0x2be/0x730 [ 262.970219] ? mpol_shared_policy_init+0x235/0x650 [ 262.970235] ? current_time+0x72/0x1b0 [ 262.970258] __d_alloc+0xc8/0xb90 [ 262.970279] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 262.979090] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 262.992641] ? ktime_get_coarse_real_ts64+0x22e/0x370 [ 262.997851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 262.997866] ? timespec64_trunc+0xea/0x180 [ 262.997884] ? inode_init_owner+0x340/0x340 [ 263.011960] ? _raw_spin_unlock+0x2c/0x50 [ 263.016124] ? current_time+0x10b/0x1b0 [ 263.016144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 263.016162] ? __lockdep_init_map+0x105/0x590 [ 263.016182] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 13:27:39 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x5460, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:39 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x5450, &(0x7f0000000380)={@mcast1, @loopback}) [ 263.035706] ? lockdep_annotate_inode_mutex_key+0x5b/0x70 [ 263.041264] d_alloc_pseudo+0x1d/0x30 [ 263.045090] alloc_file_pseudo+0x158/0x3f0 [ 263.049347] ? alloc_file+0x4d0/0x4d0 [ 263.053165] ? usercopy_warn+0x110/0x110 [ 263.057247] __shmem_file_setup.part.50+0x110/0x2a0 [ 263.062282] shmem_file_setup+0x65/0x90 [ 263.066270] __x64_sys_memfd_create+0x2af/0x4f0 [ 263.070952] ? memfd_fcntl+0x1910/0x1910 [ 263.075037] do_syscall_64+0x1b9/0x820 [ 263.078951] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 263.084332] ? syscall_return_slowpath+0x5e0/0x5e0 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x5452, &(0x7f0000000380)={@mcast1, @loopback}) [ 263.089273] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.094131] ? trace_hardirqs_on_caller+0x310/0x310 [ 263.099162] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 263.104188] ? prepare_exit_to_usermode+0x291/0x3b0 [ 263.109227] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.114097] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.119293] RIP: 0033:0x457569 13:27:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 263.122498] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 263.141405] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 263.149126] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 263.156399] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 263.163678] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 263.170955] R10: 0000000020000100 R11: 0000000000000246 R12: 00007fa4ee7716d4 [ 263.170969] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000003 13:27:40 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0045878, &(0x7f0000000380)={@mcast1, @loopback}) [ 263.335991] EXT4-fs (sda1): re-mounted. Opts: [ 263.367871] EXT4-fs (sda1): re-mounted. Opts: 13:27:40 executing program 3 (fault-call:3 fault-nth:3): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="ffffff8c80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000003f80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8903, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 263.541011] FAULT_INJECTION: forcing a failure. [ 263.541011] name failslab, interval 1, probability 0, space 0, times 0 [ 263.565007] CPU: 0 PID: 9496 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 263.573452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 263.582811] Call Trace: [ 263.582840] dump_stack+0x244/0x39d [ 263.582868] ? dump_stack_print_info.cold.1+0x20/0x20 [ 263.582889] ? __save_stack_trace+0x8d/0xf0 [ 263.582918] should_fail.cold.4+0xa/0x17 [ 263.582941] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 263.589146] ? save_stack+0x43/0xd0 [ 263.589159] ? kasan_kmalloc+0xc7/0xe0 [ 263.589187] ? percpu_ref_put_many+0x11c/0x260 [ 263.589207] ? zap_class+0x640/0x640 [ 263.613249] EXT4-fs (sda1): re-mounted. Opts: [ 263.615361] ? find_held_lock+0x36/0x1c0 [ 263.615402] ? perf_trace_sched_process_exec+0x860/0x860 [ 263.615422] ? lock_downgrade+0x900/0x900 [ 263.641926] __should_failslab+0x124/0x180 [ 263.646179] should_failslab+0x9/0x14 [ 263.650080] kmem_cache_alloc+0x2be/0x730 [ 263.654239] ? d_set_d_op+0x31d/0x410 [ 263.658060] __alloc_file+0xa8/0x470 [ 263.658079] ? file_free_rcu+0xd0/0xd0 [ 263.665674] ? d_instantiate+0x79/0xa0 [ 263.665694] ? lock_downgrade+0x900/0x900 [ 263.665720] ? kasan_check_read+0x11/0x20 [ 263.665736] ? do_raw_spin_unlock+0xa7/0x330 [ 263.665749] ? do_raw_spin_trylock+0x270/0x270 [ 263.665772] alloc_empty_file+0x72/0x170 [ 263.665793] alloc_file+0x5e/0x4d0 [ 263.665808] ? _raw_spin_unlock+0x2c/0x50 [ 263.665829] alloc_file_pseudo+0x261/0x3f0 [ 263.682392] ? alloc_file+0x4d0/0x4d0 [ 263.682412] ? usercopy_warn+0x110/0x110 [ 263.682441] __shmem_file_setup.part.50+0x110/0x2a0 [ 263.682462] shmem_file_setup+0x65/0x90 [ 263.682480] __x64_sys_memfd_create+0x2af/0x4f0 [ 263.682496] ? memfd_fcntl+0x1910/0x1910 [ 263.682525] do_syscall_64+0x1b9/0x820 [ 263.682540] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 13:27:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x4020940d, &(0x7f0000000380)={@mcast1, @loopback}) [ 263.682558] ? syscall_return_slowpath+0x5e0/0x5e0 [ 263.682596] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.691223] ? trace_hardirqs_on_caller+0x310/0x310 [ 263.691242] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 263.691261] ? prepare_exit_to_usermode+0x291/0x3b0 [ 263.691285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 263.726908] EXT4-fs (sda1): re-mounted. Opts: [ 263.728755] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 263.728769] RIP: 0033:0x457569 [ 263.728797] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 263.728806] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 263.728822] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 [ 263.728832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 263.728850] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 263.747837] R10: 0000000020000100 R11: 0000000000000246 R12: 00007fa4ee7716d4 13:27:40 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:40 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x5451, &(0x7f0000000380)={@mcast1, @loopback}) [ 263.747847] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000003 [ 263.889083] EXT4-fs (sda1): re-mounted. Opts: 13:27:40 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000001f80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:40 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 3 (fault-call:3 fault-nth:4): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0xc0045878, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:41 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="ffffff8c80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 264.076261] EXT4-fs (sda1): re-mounted. Opts: 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8901, &(0x7f0000000380)={@mcast1, @loopback}) [ 264.182274] FAULT_INJECTION: forcing a failure. [ 264.182274] name failslab, interval 1, probability 0, space 0, times 0 13:27:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8941, &(0x7f0000000380)={@mcast1, @loopback}) [ 264.283719] CPU: 1 PID: 9547 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 264.292176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.301539] Call Trace: [ 264.304156] dump_stack+0x244/0x39d [ 264.307804] ? dump_stack_print_info.cold.1+0x20/0x20 [ 264.313012] ? lock_downgrade+0x900/0x900 [ 264.317172] ? check_preemption_disabled+0x48/0x280 [ 264.322209] should_fail.cold.4+0xa/0x17 [ 264.326289] ? rcu_softirq_qs+0x20/0x20 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x89a1, &(0x7f0000000380)={@mcast1, @loopback}) [ 264.330287] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 264.335414] ? is_bpf_text_address+0xd3/0x170 [ 264.339927] ? kernel_text_address+0x79/0xf0 [ 264.344351] ? __kernel_text_address+0xd/0x40 [ 264.348862] ? unwind_get_return_address+0x61/0xa0 [ 264.353805] ? __save_stack_trace+0x8d/0xf0 [ 264.358143] ? find_held_lock+0x36/0x1c0 [ 264.362304] ? fq_codel_enqueue+0x6d8/0x14f0 [ 264.366737] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 264.371601] ? perf_trace_sched_process_exec+0x860/0x860 [ 264.377073] __should_failslab+0x124/0x180 [ 264.381334] should_failslab+0x9/0x14 [ 264.385147] kmem_cache_alloc_trace+0x2d7/0x750 [ 264.389837] ? __might_sleep+0x95/0x190 [ 264.393831] apparmor_file_alloc_security+0x17b/0xac0 [ 264.399033] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 264.404599] ? apparmor_path_rename+0xcd0/0xcd0 [ 264.409289] ? rcu_read_lock_sched_held+0x14f/0x180 [ 264.414323] ? kmem_cache_alloc+0x33a/0x730 [ 264.418654] ? d_set_d_op+0x31d/0x410 [ 264.422474] security_file_alloc+0x4c/0xa0 [ 264.426807] __alloc_file+0x12a/0x470 [ 264.430620] ? file_free_rcu+0xd0/0xd0 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 264.434519] ? d_instantiate+0x79/0xa0 [ 264.438455] ? lock_downgrade+0x900/0x900 [ 264.442623] ? kasan_check_read+0x11/0x20 [ 264.446782] ? do_raw_spin_unlock+0xa7/0x330 [ 264.451200] ? do_raw_spin_trylock+0x270/0x270 [ 264.455799] alloc_empty_file+0x72/0x170 [ 264.459880] alloc_file+0x5e/0x4d0 [ 264.463427] ? _raw_spin_unlock+0x2c/0x50 [ 264.467601] alloc_file_pseudo+0x261/0x3f0 [ 264.471861] ? alloc_file+0x4d0/0x4d0 [ 264.475681] ? usercopy_warn+0x110/0x110 [ 264.479766] __shmem_file_setup.part.50+0x110/0x2a0 [ 264.484798] shmem_file_setup+0x65/0x90 [ 264.489043] __x64_sys_memfd_create+0x2af/0x4f0 [ 264.493723] ? memfd_fcntl+0x1910/0x1910 [ 264.497812] do_syscall_64+0x1b9/0x820 [ 264.501718] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 264.507098] ? syscall_return_slowpath+0x5e0/0x5e0 [ 264.512046] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 264.516909] ? trace_hardirqs_on_caller+0x310/0x310 [ 264.516928] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 264.516947] ? prepare_exit_to_usermode+0x291/0x3b0 [ 264.516970] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 264.516995] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 264.542030] RIP: 0033:0x457569 [ 264.545238] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 264.564147] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 264.564163] RAX: ffffffffffffffda RBX: 0000000020000100 RCX: 0000000000457569 13:27:41 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000007a80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8981, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:41 executing program 3 (fault-call:3 fault-nth:5): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 264.564173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004bc78a [ 264.564183] RBP: 000000000072bf00 R08: 0000000000100020 R09: 00000000fbad8001 [ 264.564193] R10: 0000000020000100 R11: 0000000000000246 R12: 00007fa4ee7716d4 [ 264.564202] R13: 00000000004c4a1e R14: 00000000004d7d88 R15: 0000000000000003 13:27:41 executing program 1: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:41 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x40049409, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 264.747329] FAULT_INJECTION: forcing a failure. [ 264.747329] name failslab, interval 1, probability 0, space 0, times 0 13:27:41 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 264.823114] CPU: 0 PID: 9592 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 264.831602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.841421] Call Trace: [ 264.844033] dump_stack+0x244/0x39d [ 264.847694] ? dump_stack_print_info.cold.1+0x20/0x20 [ 264.852903] ? find_held_lock+0x36/0x1c0 [ 264.856997] should_fail.cold.4+0xa/0x17 [ 264.861169] ? find_held_lock+0x36/0x1c0 [ 264.865255] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 264.870382] ? lock_downgrade+0x900/0x900 [ 264.874541] ? current_time+0x72/0x1b0 [ 264.878470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 264.884021] ? timespec64_trunc+0xea/0x180 [ 264.888265] ? inode_init_owner+0x340/0x340 [ 264.892621] ? find_held_lock+0x36/0x1c0 [ 264.892719] ? raid10_takeover.cold.41+0x8a/0xbe [ 264.892750] ? perf_trace_sched_process_exec+0x860/0x860 [ 264.892773] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 264.901605] __should_failslab+0x124/0x180 [ 264.901626] should_failslab+0x9/0x14 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 264.901643] kmem_cache_alloc+0x2be/0x730 [ 264.901664] ? do_sys_ftruncate+0x428/0x550 [ 264.929102] ? lock_downgrade+0x900/0x900 [ 264.933270] getname_flags+0xd0/0x590 [ 264.937081] ? __lock_is_held+0xb5/0x140 [ 264.941155] getname+0x19/0x20 [ 264.944362] do_sys_open+0x383/0x700 [ 264.948090] ? filp_open+0x80/0x80 [ 264.951645] ? trace_hardirqs_off_caller+0x300/0x300 [ 264.951661] ? do_sys_ftruncate+0x449/0x550 [ 264.951682] __x64_sys_open+0x7e/0xc0 [ 264.951705] do_syscall_64+0x1b9/0x820 [ 264.965192] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 264.965215] ? syscall_return_slowpath+0x5e0/0x5e0 [ 264.965232] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 264.965251] ? trace_hardirqs_on_caller+0x310/0x310 [ 264.965269] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 264.965289] ? prepare_exit_to_usermode+0x291/0x3b0 [ 264.999315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.004187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.009385] RIP: 0033:0x4111a1 13:27:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.012604] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 265.031616] RSP: 002b:00007fa4ee770a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 265.039422] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 265.039433] RDX: 00007fa4ee770afa RSI: 0000000000000002 RDI: 00007fa4ee770af0 [ 265.039443] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 265.039452] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:42 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8902, &(0x7f0000000380)={@mcast1, @loopback}) [ 265.039462] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:42 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0300000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:42 executing program 1 (fault-call:6 fault-nth:0): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:42 executing program 3 (fault-call:3 fault-nth:6): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:42 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8982, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:42 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.323040] FAULT_INJECTION: forcing a failure. [ 265.323040] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 265.325619] FAULT_INJECTION: forcing a failure. [ 265.325619] name failslab, interval 1, probability 0, space 0, times 0 [ 265.334901] CPU: 1 PID: 9637 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 265.334913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.334918] Call Trace: [ 265.334945] dump_stack+0x244/0x39d [ 265.334972] ? dump_stack_print_info.cold.1+0x20/0x20 [ 265.335004] should_fail.cold.4+0xa/0x17 [ 265.335024] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 265.335044] ? print_usage_bug+0xc0/0xc0 [ 265.335075] ? mark_held_locks+0x130/0x130 [ 265.335100] ? zap_class+0x640/0x640 [ 265.335129] ? print_usage_bug+0xc0/0xc0 [ 265.400707] ? zap_class+0x640/0x640 [ 265.404435] ? lock_downgrade+0x900/0x900 [ 265.408600] ? check_preemption_disabled+0x48/0x280 [ 265.413650] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.419281] ? should_fail+0x22d/0xd01 [ 265.423177] ? find_held_lock+0x36/0x1c0 [ 265.427251] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 265.432441] __alloc_pages_nodemask+0x34b/0xdd0 [ 265.437125] ? current_time+0x72/0x1b0 [ 265.441027] ? __alloc_pages_slowpath+0x2dd0/0x2dd0 [ 265.446046] ? inode_init_owner+0x340/0x340 [ 265.450376] ? find_held_lock+0x36/0x1c0 [ 265.454507] ? mwifiex_cmd_802_11_ad_hoc_start+0x15c8/0x1af0 [ 265.460338] ? trace_hardirqs_off+0xb8/0x310 [ 265.464760] cache_grow_begin+0xa5/0x8c0 [ 265.468833] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 265.474384] ? check_preemption_disabled+0x48/0x280 [ 265.479416] kmem_cache_alloc+0x66b/0x730 [ 265.483582] ? do_sys_ftruncate+0x428/0x550 [ 265.487924] getname_flags+0xd0/0x590 [ 265.491737] ? __lock_is_held+0xb5/0x140 [ 265.495807] getname+0x19/0x20 [ 265.499008] do_sys_open+0x383/0x700 [ 265.502732] ? filp_open+0x80/0x80 [ 265.506286] ? trace_hardirqs_off_caller+0x300/0x300 [ 265.511391] ? do_sys_ftruncate+0x449/0x550 [ 265.515723] __x64_sys_open+0x7e/0xc0 [ 265.519543] do_syscall_64+0x1b9/0x820 [ 265.523449] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 265.528825] ? syscall_return_slowpath+0x5e0/0x5e0 [ 265.533762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.538621] ? trace_hardirqs_on_caller+0x310/0x310 [ 265.543645] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 265.548675] ? prepare_exit_to_usermode+0x291/0x3b0 [ 265.553708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.558568] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.563770] RIP: 0033:0x4111a1 [ 265.566971] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 265.585879] RSP: 002b:00007fa4ee770a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 265.593598] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 265.600871] RDX: 00007fa4ee770afa RSI: 0000000000000002 RDI: 00007fa4ee770af0 [ 265.608141] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 265.615411] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 265.622682] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 265.630006] CPU: 0 PID: 9642 Comm: syz-executor1 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 265.638431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 265.647787] Call Trace: [ 265.650387] dump_stack+0x244/0x39d [ 265.654036] ? dump_stack_print_info.cold.1+0x20/0x20 [ 265.659247] should_fail.cold.4+0xa/0x17 [ 265.663318] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 265.668444] ? zap_class+0x640/0x640 [ 265.668460] ? __lock_acquire+0x62f/0x4c20 [ 265.668480] ? print_usage_bug+0xc0/0xc0 [ 265.668500] ? find_held_lock+0x36/0x1c0 [ 265.684549] ? __lock_is_held+0xb5/0x140 [ 265.688651] ? perf_trace_sched_process_exec+0x860/0x860 [ 265.694119] ? print_usage_bug+0xc0/0xc0 [ 265.698204] __should_failslab+0x124/0x180 [ 265.698227] should_failslab+0x9/0x14 [ 265.698243] __kmalloc+0x2e0/0x760 [ 265.698264] ? sock_kmalloc+0x15a/0x1f0 [ 265.713782] sock_kmalloc+0x15a/0x1f0 [ 265.713803] ? __sk_mem_schedule+0xe0/0xe0 [ 265.713820] ? trace_hardirqs_on+0xbd/0x310 [ 265.713836] ? lock_release+0xa10/0xa10 [ 265.713849] ? lock_sock_nested+0xe2/0x120 [ 265.713866] ? trace_hardirqs_off_caller+0x300/0x300 [ 265.713983] af_alg_alloc_areq+0x83/0x280 [ 265.714001] ? alg_accept+0x60/0x60 [ 265.714027] ? __local_bh_enable_ip+0x160/0x260 [ 265.752103] skcipher_recvmsg+0x350/0x11e0 [ 265.756357] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 265.756380] ? _copy_from_user+0xdf/0x150 [ 265.756405] ? skcipher_bind+0x30/0x30 [ 265.756427] ? apparmor_socket_recvmsg+0x29/0x30 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.766118] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 265.766135] ? security_socket_recvmsg+0x9c/0xc0 [ 265.766155] ? skcipher_bind+0x30/0x30 [ 265.766176] sock_recvmsg+0xd0/0x110 [ 265.766193] ? __sock_recv_ts_and_drops+0x420/0x420 [ 265.766214] ___sys_recvmsg+0x2b6/0x680 [ 265.801673] ? ___sys_sendmsg+0x930/0x930 [ 265.801695] ? lock_downgrade+0x900/0x900 [ 265.801716] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 265.801731] ? proc_fail_nth_write+0x9e/0x210 [ 265.801752] ? __fget_light+0x2e9/0x430 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.815589] ? fget_raw+0x20/0x20 [ 265.815607] ? find_held_lock+0x36/0x1c0 [ 265.815633] ? kasan_check_write+0x14/0x20 [ 265.815651] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 265.815670] ? wait_for_completion+0x8a0/0x8a0 [ 265.815696] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 265.815713] ? sockfd_lookup_light+0xc5/0x160 [ 265.815729] __sys_recvmsg+0x11a/0x280 [ 265.815746] ? __ia32_sys_sendmmsg+0x100/0x100 [ 265.815764] ? __sb_end_write+0xd9/0x110 [ 265.868412] ? fput+0x130/0x1a0 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.871709] ? do_syscall_64+0x9a/0x820 [ 265.875699] ? do_syscall_64+0x9a/0x820 [ 265.879706] ? trace_hardirqs_off_caller+0x300/0x300 [ 265.884835] __x64_sys_recvmsg+0x78/0xb0 [ 265.888921] do_syscall_64+0x1b9/0x820 [ 265.892824] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 265.898211] ? syscall_return_slowpath+0x5e0/0x5e0 [ 265.903166] ? trace_hardirqs_on_caller+0x310/0x310 [ 265.908209] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 265.913248] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 265.919942] ? __switch_to_asm+0x40/0x70 13:27:42 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 265.924019] ? __switch_to_asm+0x34/0x70 [ 265.928103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 265.932969] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 265.938174] RIP: 0033:0x457569 [ 265.941380] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 265.960293] RSP: 002b:00007f95d46bac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 265.968013] RAX: ffffffffffffffda RBX: 00007f95d46bac90 RCX: 0000000000457569 13:27:42 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x89a0, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:42 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8904, &(0x7f0000000380)={@mcast1, @loopback}) [ 265.975288] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 265.975298] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 265.975308] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95d46bb6d4 [ 265.975318] R13: 00000000004c324d R14: 00000000004d4e00 R15: 0000000000000005 13:27:43 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000180", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:43 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:43 executing program 3 (fault-call:3 fault-nth:7): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:43 executing program 1 (fault-call:6 fault-nth:1): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:43 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8940, &(0x7f0000000380)={@mcast1, @loopback}) [ 266.238545] FAULT_INJECTION: forcing a failure. [ 266.238545] name failslab, interval 1, probability 0, space 0, times 0 13:27:43 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 266.321125] FAULT_INJECTION: forcing a failure. [ 266.321125] name failslab, interval 1, probability 0, space 0, times 0 [ 266.328919] CPU: 1 PID: 9680 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 266.340777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.340788] Call Trace: [ 266.352725] dump_stack+0x244/0x39d [ 266.356375] ? dump_stack_print_info.cold.1+0x20/0x20 [ 266.361593] ? print_usage_bug+0xc0/0xc0 [ 266.365680] should_fail.cold.4+0xa/0x17 [ 266.369754] ? find_held_lock+0x36/0x1c0 [ 266.373829] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 266.378953] ? lock_downgrade+0x900/0x900 [ 266.383119] ? check_preemption_disabled+0x48/0x280 [ 266.388148] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 266.388167] ? kasan_check_read+0x11/0x20 [ 266.388190] ? find_held_lock+0x36/0x1c0 [ 266.401336] ? perf_trace_sched_process_exec+0x860/0x860 [ 266.406807] __should_failslab+0x124/0x180 [ 266.411056] should_failslab+0x9/0x14 [ 266.414872] kmem_cache_alloc+0x2be/0x730 [ 266.419036] ? zap_class+0x640/0x640 [ 266.422762] ? print_usage_bug+0xc0/0xc0 [ 266.426838] ? mark_held_locks+0x130/0x130 [ 266.431098] __alloc_file+0xa8/0x470 [ 266.434826] ? file_free_rcu+0xd0/0xd0 [ 266.438725] ? find_held_lock+0x36/0x1c0 [ 266.442804] ? is_bpf_text_address+0xac/0x170 [ 266.447309] ? lock_downgrade+0x900/0x900 [ 266.451466] ? check_preemption_disabled+0x48/0x280 [ 266.456500] alloc_empty_file+0x72/0x170 [ 266.460589] path_openat+0x170/0x5150 [ 266.464410] ? rcu_softirq_qs+0x20/0x20 [ 266.468394] ? unwind_dump+0x190/0x190 [ 266.472303] ? zap_class+0x640/0x640 [ 266.476033] ? path_lookupat.isra.43+0xc00/0xc00 [ 266.480801] ? unwind_get_return_address+0x61/0xa0 [ 266.485746] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 266.490770] ? expand_files.part.8+0x571/0x9a0 [ 266.495364] ? find_held_lock+0x36/0x1c0 [ 266.499442] ? __alloc_fd+0x347/0x6e0 [ 266.503251] ? lock_downgrade+0x900/0x900 [ 266.507406] ? getname+0x19/0x20 [ 266.510791] ? kasan_check_read+0x11/0x20 [ 266.514942] ? do_raw_spin_unlock+0xa7/0x330 [ 266.519359] ? do_raw_spin_trylock+0x270/0x270 [ 266.523949] ? __lock_is_held+0xb5/0x140 [ 266.528013] ? __check_object_size+0xb1/0x782 [ 266.532522] ? _raw_spin_unlock+0x2c/0x50 [ 266.536681] ? __alloc_fd+0x347/0x6e0 [ 266.540502] do_filp_open+0x255/0x380 [ 266.544310] ? may_open_dev+0x100/0x100 [ 266.548310] ? get_unused_fd_flags+0x122/0x1a0 [ 266.552898] ? __alloc_fd+0x6e0/0x6e0 [ 266.556708] ? __lock_is_held+0xb5/0x140 [ 266.560782] do_sys_open+0x568/0x700 [ 266.564505] ? filp_open+0x80/0x80 [ 266.568060] ? trace_hardirqs_off_caller+0x300/0x300 [ 266.573171] ? do_sys_ftruncate+0x449/0x550 [ 266.577501] __x64_sys_open+0x7e/0xc0 [ 266.581312] do_syscall_64+0x1b9/0x820 [ 266.585204] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 266.590583] ? syscall_return_slowpath+0x5e0/0x5e0 [ 266.595522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 266.600375] ? trace_hardirqs_on_caller+0x310/0x310 [ 266.605400] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 266.610427] ? prepare_exit_to_usermode+0x291/0x3b0 [ 266.615458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 266.620316] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 266.625510] RIP: 0033:0x4111a1 [ 266.628709] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 266.647623] RSP: 002b:00007fa4ee770a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 266.655340] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 266.662618] RDX: 00007fa4ee770afa RSI: 0000000000000002 RDI: 00007fa4ee770af0 13:27:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1={0xff, 0x300}, @loopback}) 13:27:43 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 266.669897] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 266.677221] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 266.684496] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 266.691880] CPU: 0 PID: 9697 Comm: syz-executor1 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 266.700303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 266.709660] Call Trace: [ 266.712266] dump_stack+0x244/0x39d [ 266.715909] ? dump_stack_print_info.cold.1+0x20/0x20 13:27:43 executing program 3 (fault-call:3 fault-nth:8): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1={0xff, 0x1, [], 0x300}, @loopback}) [ 266.721116] ? trace_hardirqs_on+0xbd/0x310 [ 266.725455] ? kasan_check_read+0x11/0x20 [ 266.729625] ? iov_iter_get_pages+0x2c9/0x11e0 [ 266.734220] should_fail.cold.4+0xa/0x17 [ 266.738292] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 266.743406] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 266.748503] ? get_user_pages_fast+0x2a9/0x450 [ 266.753107] ? __get_user_pages_fast+0x3f0/0x3f0 [ 266.757878] ? __kernel_text_address+0xd/0x40 [ 266.762444] ? unwind_get_return_address+0x61/0xa0 [ 266.767390] ? zap_class+0x640/0x640 13:27:43 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback={0x0, 0x300}}) [ 266.771116] ? __save_stack_trace+0x8d/0xf0 [ 266.775456] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 266.780487] ? find_held_lock+0x36/0x1c0 [ 266.784561] ? __lock_is_held+0xb5/0x140 [ 266.788667] ? perf_trace_sched_process_exec+0x860/0x860 [ 266.794128] ? find_held_lock+0x36/0x1c0 [ 266.798216] __should_failslab+0x124/0x180 [ 266.802465] should_failslab+0x9/0x14 [ 266.806280] __kmalloc+0x2e0/0x760 [ 266.809827] ? memset+0x31/0x40 [ 266.813120] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 266.818148] ? iov_iter_advance+0x315/0x1370 [ 266.822561] ? sg_init_table+0x28/0x60 [ 266.826478] ? sock_kmalloc+0x15a/0x1f0 [ 266.826499] sock_kmalloc+0x15a/0x1f0 [ 266.826519] ? __sk_mem_schedule+0xe0/0xe0 [ 266.834723] ? rcu_read_lock_sched_held+0x14f/0x180 [ 266.834748] af_alg_get_rsgl+0x1d7/0x920 [ 266.834778] ? af_alg_make_sg+0x550/0x550 [ 266.834792] ? lock_sock_nested+0xe2/0x120 [ 266.834811] ? trace_hardirqs_off_caller+0x300/0x300 [ 266.834833] ? af_alg_alloc_areq+0x1ec/0x280 [ 266.834849] ? alg_accept+0x60/0x60 [ 266.834866] ? __local_bh_enable_ip+0x160/0x260 [ 266.834891] skcipher_recvmsg+0x39e/0x11e0 [ 266.834912] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 266.834928] ? _copy_from_user+0xdf/0x150 [ 266.834951] ? skcipher_bind+0x30/0x30 [ 266.834971] ? apparmor_socket_recvmsg+0x29/0x30 [ 266.834987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 266.835003] ? security_socket_recvmsg+0x9c/0xc0 [ 266.835028] ? skcipher_bind+0x30/0x30 [ 266.874453] sock_recvmsg+0xd0/0x110 [ 266.884201] ? __sock_recv_ts_and_drops+0x420/0x420 [ 266.884220] ___sys_recvmsg+0x2b6/0x680 [ 266.884248] ? ___sys_sendmsg+0x930/0x930 [ 266.884271] ? lock_downgrade+0x900/0x900 [ 266.932406] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 266.937955] ? proc_fail_nth_write+0x9e/0x210 [ 266.942463] ? __fget_light+0x2e9/0x430 [ 266.942480] ? fget_raw+0x20/0x20 [ 266.942496] ? find_held_lock+0x36/0x1c0 [ 266.942519] ? kasan_check_write+0x14/0x20 [ 266.942541] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 266.949963] ? wait_for_completion+0x8a0/0x8a0 [ 266.967944] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 266.973498] ? sockfd_lookup_light+0xc5/0x160 [ 266.978006] __sys_recvmsg+0x11a/0x280 [ 266.981910] ? __ia32_sys_sendmmsg+0x100/0x100 [ 266.986512] ? __sb_end_write+0xd9/0x110 [ 266.990562] ? fput+0x130/0x1a0 [ 266.993839] ? do_syscall_64+0x9a/0x820 [ 266.997796] ? do_syscall_64+0x9a/0x820 [ 267.001758] ? trace_hardirqs_off_caller+0x300/0x300 [ 267.006848] __x64_sys_recvmsg+0x78/0xb0 [ 267.010896] do_syscall_64+0x1b9/0x820 [ 267.014769] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 267.020119] ? syscall_return_slowpath+0x5e0/0x5e0 [ 267.025050] ? trace_hardirqs_on_caller+0x310/0x310 [ 267.030053] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 267.035055] ? post_copy_siginfo_from_user.isra.25.part.26+0x250/0x250 [ 267.041703] ? __switch_to_asm+0x40/0x70 [ 267.045746] ? __switch_to_asm+0x34/0x70 [ 267.049805] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.054642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.059815] RIP: 0033:0x457569 [ 267.062993] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 267.081879] RSP: 002b:00007f95d46bac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002f [ 267.089568] RAX: ffffffffffffffda RBX: 00007f95d46bac90 RCX: 0000000000457569 [ 267.096829] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004 [ 267.104090] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 267.111341] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f95d46bb6d4 [ 267.118599] R13: 00000000004c324d R14: 00000000004d4e00 R15: 0000000000000005 13:27:44 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000580", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:44 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:44 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x8000, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000000)={0x410c}, 0x1) 13:27:44 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 267.224002] FAULT_INJECTION: forcing a failure. [ 267.224002] name failslab, interval 1, probability 0, space 0, times 0 [ 267.237058] CPU: 0 PID: 9723 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 267.245478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.245486] Call Trace: [ 267.245514] dump_stack+0x244/0x39d [ 267.245542] ? dump_stack_print_info.cold.1+0x20/0x20 [ 267.257464] ? lock_downgrade+0x900/0x900 [ 267.257482] ? check_preemption_disabled+0x48/0x280 [ 267.257506] should_fail.cold.4+0xa/0x17 [ 267.257524] ? rcu_softirq_qs+0x20/0x20 [ 267.257542] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 267.288602] ? is_bpf_text_address+0xd3/0x170 [ 267.293109] ? kernel_text_address+0x79/0xf0 [ 267.297532] ? __kernel_text_address+0xd/0x40 [ 267.302038] ? unwind_get_return_address+0x61/0xa0 [ 267.307003] ? __save_stack_trace+0x8d/0xf0 [ 267.307025] ? find_held_lock+0x36/0x1c0 [ 267.307060] ? do_syscall_64+0x1b9/0x820 [ 267.315417] ? perf_trace_sched_process_exec+0x860/0x860 [ 267.315445] __should_failslab+0x124/0x180 [ 267.315465] should_failslab+0x9/0x14 [ 267.315481] kmem_cache_alloc_trace+0x2d7/0x750 [ 267.315496] ? __might_sleep+0x95/0x190 [ 267.315517] apparmor_file_alloc_security+0x17b/0xac0 [ 267.315535] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 267.315561] ? apparmor_path_rename+0xcd0/0xcd0 [ 267.357061] ? rcu_read_lock_sched_held+0x14f/0x180 [ 267.362094] ? kmem_cache_alloc+0x33a/0x730 [ 267.366429] ? zap_class+0x640/0x640 [ 267.366454] security_file_alloc+0x4c/0xa0 [ 267.366475] __alloc_file+0x12a/0x470 [ 267.378206] ? file_free_rcu+0xd0/0xd0 [ 267.382110] ? find_held_lock+0x36/0x1c0 [ 267.386196] ? is_bpf_text_address+0xac/0x170 [ 267.390719] ? lock_downgrade+0x900/0x900 [ 267.394886] ? check_preemption_disabled+0x48/0x280 [ 267.399920] alloc_empty_file+0x72/0x170 [ 267.403995] path_openat+0x170/0x5150 [ 267.407807] ? rcu_softirq_qs+0x20/0x20 [ 267.411788] ? unwind_dump+0x190/0x190 [ 267.415700] ? zap_class+0x640/0x640 [ 267.419433] ? path_lookupat.isra.43+0xc00/0xc00 13:27:44 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:44 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101100, 0x0) ioctl$RTC_UIE_OFF(r1, 0x7004) 13:27:44 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:44 executing program 0: r0 = gettid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000040)=0xc) sched_setaffinity(r1, 0x167, &(0x7f00000001c0)=0x6) getpgrp(r0) getresgid(&(0x7f0000000080)=0x0, &(0x7f00000000c0), &(0x7f0000000100)) setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140)={r0, r2, r3}, 0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000180)={0x0, 0x2}, &(0x7f0000000440)=0x8) timerfd_create(0x2, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000200)={r4, @in6={{0xa, 0x4e21, 0x1f, @loopback, 0x3}}, 0x8000, 0x2, 0xa3, 0xfffffffffffeffff, 0x80}, &(0x7f00000002c0)=0x98) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r5 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000340), 0x80000) signalfd4(r5, &(0x7f0000000400)={0x50e}, 0x8, 0x80000) [ 267.424202] ? unwind_get_return_address+0x61/0xa0 [ 267.429144] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 267.434170] ? expand_files.part.8+0x571/0x9a0 [ 267.438768] ? find_held_lock+0x36/0x1c0 [ 267.442846] ? __alloc_fd+0x347/0x6e0 [ 267.446665] ? lock_downgrade+0x900/0x900 [ 267.450825] ? getname+0x19/0x20 [ 267.454217] ? kasan_check_read+0x11/0x20 [ 267.458378] ? do_raw_spin_unlock+0xa7/0x330 [ 267.462796] ? do_raw_spin_trylock+0x270/0x270 [ 267.467390] ? __lock_is_held+0xb5/0x140 13:27:44 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 267.471472] ? __check_object_size+0xb1/0x782 [ 267.475988] ? _raw_spin_unlock+0x2c/0x50 [ 267.480155] ? __alloc_fd+0x347/0x6e0 [ 267.483988] do_filp_open+0x255/0x380 [ 267.487800] ? may_open_dev+0x100/0x100 [ 267.491805] ? get_unused_fd_flags+0x122/0x1a0 [ 267.496399] ? __alloc_fd+0x6e0/0x6e0 [ 267.500218] ? __lock_is_held+0xb5/0x140 [ 267.504299] do_sys_open+0x568/0x700 [ 267.508035] ? filp_open+0x80/0x80 [ 267.511612] ? trace_hardirqs_off_caller+0x300/0x300 [ 267.516724] ? do_sys_ftruncate+0x449/0x550 [ 267.521061] __x64_sys_open+0x7e/0xc0 [ 267.524877] do_syscall_64+0x1b9/0x820 [ 267.528773] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 267.534152] ? syscall_return_slowpath+0x5e0/0x5e0 [ 267.539096] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.543954] ? trace_hardirqs_on_caller+0x310/0x310 [ 267.548986] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 267.554019] ? prepare_exit_to_usermode+0x291/0x3b0 [ 267.559051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 267.563906] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 267.563918] RIP: 0033:0x4111a1 [ 267.563935] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 267.563944] RSP: 002b:00007fa4ee770a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 267.563958] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004111a1 [ 267.563967] RDX: 00007fa4ee770afa RSI: 0000000000000002 RDI: 00007fa4ee770af0 [ 267.563976] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 13:27:44 executing program 3 (fault-call:3 fault-nth:9): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:44 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) tee(r0, r0, 0x2, 0x1) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x1, 0x4) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000080)={@mcast1, @loopback}) 13:27:44 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 267.563990] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000004 [ 267.628174] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 267.768713] FAULT_INJECTION: forcing a failure. [ 267.768713] name failslab, interval 1, probability 0, space 0, times 0 [ 267.790240] CPU: 0 PID: 9765 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 267.798674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.808028] Call Trace: [ 267.810631] dump_stack+0x244/0x39d [ 267.814280] ? dump_stack_print_info.cold.1+0x20/0x20 [ 267.819492] should_fail.cold.4+0xa/0x17 [ 267.823569] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 267.828696] ? down_write_nested+0x130/0x130 [ 267.833430] ? down_read+0x120/0x120 [ 267.837136] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 267.842665] ? zap_class+0x640/0x640 [ 267.846379] ? lock_acquire+0x1ed/0x520 [ 267.850339] ? lo_ioctl+0x8e/0x1d60 [ 267.853972] ? find_held_lock+0x36/0x1c0 [ 267.858025] ? __lock_is_held+0xb5/0x140 [ 267.862148] ? perf_trace_sched_process_exec+0x860/0x860 [ 267.867631] __should_failslab+0x124/0x180 [ 267.871890] should_failslab+0x9/0x14 [ 267.875682] kmem_cache_alloc_trace+0x2d7/0x750 [ 267.880355] ? check_preemption_disabled+0x48/0x280 [ 267.885363] __kthread_create_on_node+0x137/0x540 [ 267.890196] ? loop_get_status64+0x140/0x140 [ 267.894604] ? kthread_parkme+0xb0/0xb0 [ 267.898593] ? __lockdep_init_map+0x105/0x590 [ 267.903080] ? __lockdep_init_map+0x105/0x590 [ 267.907566] ? loop_get_status64+0x140/0x140 [ 267.911994] kthread_create_on_node+0xb1/0xe0 [ 267.916502] ? __kthread_create_on_node+0x540/0x540 [ 267.921522] ? kasan_check_read+0x11/0x20 [ 267.925680] lo_ioctl+0x7f6/0x1d60 [ 267.929213] ? lo_rw_aio+0x1ef0/0x1ef0 [ 267.933096] blkdev_ioctl+0x9ac/0x2010 [ 267.936992] ? blkpg_ioctl+0xc10/0xc10 [ 267.940870] ? lock_downgrade+0x900/0x900 [ 267.945003] ? check_preemption_disabled+0x48/0x280 [ 267.950025] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 267.954956] ? kasan_check_read+0x11/0x20 [ 267.959107] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 267.964390] ? rcu_softirq_qs+0x20/0x20 [ 267.968357] ? __fget+0x4d1/0x740 [ 267.971814] ? ksys_dup3+0x680/0x680 [ 267.975544] block_ioctl+0xee/0x130 [ 267.979185] ? blkdev_fallocate+0x400/0x400 [ 267.983502] do_vfs_ioctl+0x1de/0x1720 [ 267.987378] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 267.992920] ? ioctl_preallocate+0x300/0x300 [ 267.997324] ? __fget_light+0x2e9/0x430 [ 268.001285] ? fget_raw+0x20/0x20 [ 268.004733] ? rcu_read_lock_sched_held+0x14f/0x180 [ 268.009757] ? kmem_cache_free+0x24f/0x290 [ 268.013996] ? putname+0xf7/0x130 [ 268.017437] ? do_syscall_64+0x9a/0x820 [ 268.021413] ? do_syscall_64+0x9a/0x820 [ 268.025409] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 268.029992] ? security_file_ioctl+0x94/0xc0 [ 268.034403] ksys_ioctl+0xa9/0xd0 [ 268.037883] __x64_sys_ioctl+0x73/0xb0 [ 268.041771] do_syscall_64+0x1b9/0x820 [ 268.045651] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 268.051005] ? syscall_return_slowpath+0x5e0/0x5e0 [ 268.055920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.060754] ? trace_hardirqs_on_caller+0x310/0x310 [ 268.065772] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 268.070788] ? prepare_exit_to_usermode+0x291/0x3b0 [ 268.075806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.080645] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.085832] RIP: 0033:0x4573d7 [ 268.089040] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 268.107946] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 268.115676] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 268.122945] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 268.130205] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 268.137473] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 268.144728] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fffffdfd80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:45 executing program 0: r0 = socket$can_bcm(0x1d, 0x2, 0x2) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000001440)={@loopback, @multicast1, 0x0}, &(0x7f0000001480)=0xc) clock_gettime(0x0, &(0x7f0000001500)={0x0, 0x0}) sendmsg$can_bcm(r0, &(0x7f0000001600)={&(0x7f00000014c0)={0x1d, r1}, 0x10, &(0x7f00000015c0)={&(0x7f0000001540)={0x7, 0x400, 0x1ff, {r2, r3/1000+30000}, {}, {0x1, 0x100000000, 0x7, 0x1}, 0x1, @can={{0x0, 0x0, 0x6, 0x10001}, 0x5, 0x1, 0x0, 0x0, "7c3094245cb8e396"}}, 0x48}, 0x1, 0x0, 0x0, 0x4800}, 0x40800) r4 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r4, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'irlan0\x00', r5}) 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:45 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x0, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:45 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xf000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:45 executing program 3 (fault-call:3 fault-nth:10): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 268.306904] FAULT_INJECTION: forcing a failure. [ 268.306904] name failslab, interval 1, probability 0, space 0, times 0 [ 268.336705] CPU: 1 PID: 9786 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 268.345175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 268.354537] Call Trace: [ 268.357157] dump_stack+0x244/0x39d [ 268.360811] ? dump_stack_print_info.cold.1+0x20/0x20 [ 268.366030] should_fail.cold.4+0xa/0x17 [ 268.370115] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 268.375232] ? pick_next_task_fair+0xa35/0x1c90 [ 268.379912] ? rcu_read_lock_sched_held+0x14f/0x180 [ 268.384942] ? enqueue_entity+0x34b/0x20d0 [ 268.389196] ? zap_class+0x640/0x640 [ 268.392923] ? print_usage_bug+0xc0/0xc0 [ 268.396992] ? __account_cfs_rq_runtime+0x790/0x790 [ 268.402029] ? find_held_lock+0x36/0x1c0 [ 268.406117] ? __lock_is_held+0xb5/0x140 [ 268.410206] ? perf_trace_sched_process_exec+0x860/0x860 [ 268.415671] __should_failslab+0x124/0x180 [ 268.419913] should_failslab+0x9/0x14 [ 268.423719] kmem_cache_alloc+0x2be/0x730 [ 268.427873] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 268.432898] __kernfs_new_node+0x127/0x8d0 [ 268.437137] ? trace_hardirqs_off_caller+0x300/0x300 [ 268.442245] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 268.447009] ? _raw_spin_unlock_irq+0x60/0x80 [ 268.451518] ? __schedule+0x168b/0x21d0 [ 268.455502] ? zap_class+0x640/0x640 [ 268.459222] ? zap_class+0x640/0x640 [ 268.462943] ? trace_hardirqs_on+0xbd/0x310 [ 268.467268] ? kasan_check_read+0x11/0x20 [ 268.471423] ? find_held_lock+0x36/0x1c0 [ 268.475494] kernfs_new_node+0x95/0x120 [ 268.479483] kernfs_create_dir_ns+0x4d/0x160 [ 268.483921] internal_create_group+0x5fc/0xd80 [ 268.488518] ? remove_files.isra.1+0x190/0x190 [ 268.493104] ? up_write+0x7b/0x220 [ 268.496644] ? down_write_nested+0x130/0x130 [ 268.501053] ? down_read+0x120/0x120 [ 268.504788] sysfs_create_group+0x1f/0x30 [ 268.508939] lo_ioctl+0x1307/0x1d60 [ 268.512583] ? lo_rw_aio+0x1ef0/0x1ef0 [ 268.516479] blkdev_ioctl+0x9ac/0x2010 [ 268.520369] ? blkpg_ioctl+0xc10/0xc10 [ 268.524261] ? lock_downgrade+0x900/0x900 [ 268.528411] ? check_preemption_disabled+0x48/0x280 [ 268.533440] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 268.538373] ? kasan_check_read+0x11/0x20 [ 268.542522] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 268.547803] ? rcu_softirq_qs+0x20/0x20 [ 268.551792] ? __fget+0x4d1/0x740 [ 268.555253] ? ksys_dup3+0x680/0x680 [ 268.558981] block_ioctl+0xee/0x130 [ 268.562617] ? blkdev_fallocate+0x400/0x400 [ 268.566954] do_vfs_ioctl+0x1de/0x1720 [ 268.570848] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 268.576389] ? ioctl_preallocate+0x300/0x300 [ 268.580805] ? __fget_light+0x2e9/0x430 [ 268.584784] ? fget_raw+0x20/0x20 [ 268.588244] ? rcu_read_lock_sched_held+0x14f/0x180 [ 268.593267] ? kmem_cache_free+0x24f/0x290 [ 268.597507] ? putname+0xf7/0x130 [ 268.600963] ? do_syscall_64+0x9a/0x820 [ 268.604941] ? do_syscall_64+0x9a/0x820 [ 268.609007] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 268.613603] ? security_file_ioctl+0x94/0xc0 [ 268.618024] ksys_ioctl+0xa9/0xd0 [ 268.621483] __x64_sys_ioctl+0x73/0xb0 [ 268.625377] do_syscall_64+0x1b9/0x820 [ 268.629271] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 268.634642] ? syscall_return_slowpath+0x5e0/0x5e0 [ 268.639578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.644431] ? trace_hardirqs_on_caller+0x310/0x310 [ 268.649454] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 268.654475] ? prepare_exit_to_usermode+0x291/0x3b0 [ 268.659500] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 268.664366] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 268.669553] RIP: 0033:0x4573d7 [ 268.672759] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 268.691662] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 268.699370] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 268.706636] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 268.713903] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 268.721169] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 268.728438] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:45 executing program 2: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="6c00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000100)) [ 268.812328] EXT4-fs: 9 callbacks suppressed [ 268.812341] EXT4-fs (sda1): re-mounted. Opts: 13:27:45 executing program 0: r0 = socket(0xa, 0x3, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x1f}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={r1, 0xff}, &(0x7f00000000c0)=0x8) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 268.858129] EXT4-fs (sda1): re-mounted. Opts: 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:45 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000007480", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:45 executing program 3 (fault-call:3 fault-nth:11): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:45 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:46 executing program 0: r0 = socket(0xa, 0x1, 0x0) fcntl$setstatus(r0, 0x4, 0x4000) r1 = msgget$private(0x0, 0x0) msgsnd(r1, &(0x7f00000000c0)={0x0, "dc13660c3da88a5fab0c45a0b770515d0f58a3028dbd00f3b7c0bdabc5f519695f1046e2e9228b174eba61436233ed9ca29aa90ac4343c1f13c5fffc4d6f948f34fbe87404249673fae683dedd97ef6583db1e50725c75ec0bd8546220ca60e6ee7a86"}, 0x6b, 0x800) getsockopt$inet6_opts(r0, 0x29, 0x36, &(0x7f0000000040)=""/23, &(0x7f0000000080)=0x17) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000000)={0x4}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 269.143415] FAULT_INJECTION: forcing a failure. [ 269.143415] name failslab, interval 1, probability 0, space 0, times 0 [ 269.155153] CPU: 1 PID: 9849 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 269.163565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.172929] Call Trace: [ 269.175536] dump_stack+0x244/0x39d [ 269.179193] ? dump_stack_print_info.cold.1+0x20/0x20 [ 269.184406] ? mark_held_locks+0x130/0x130 [ 269.188662] should_fail.cold.4+0xa/0x17 [ 269.192745] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 269.197867] ? print_usage_bug+0xc0/0xc0 [ 269.201941] ? zap_class+0x640/0x640 [ 269.205668] ? lock_unpin_lock+0x4a0/0x4a0 [ 269.209918] ? pick_next_task_fair+0xa35/0x1c90 [ 269.214611] ? rcu_read_lock_sched_held+0x14f/0x180 [ 269.219646] ? __update_load_avg_blocked_se+0x690/0x690 [ 269.225025] ? zap_class+0x640/0x640 [ 269.228752] ? find_held_lock+0x36/0x1c0 [ 269.232833] ? zap_class+0x640/0x640 [ 269.236555] ? find_held_lock+0x36/0x1c0 [ 269.240643] ? print_usage_bug+0xc0/0xc0 [ 269.244726] __should_failslab+0x124/0x180 [ 269.248974] should_failslab+0x9/0x14 [ 269.252780] kmem_cache_alloc+0x47/0x730 [ 269.256900] ? lock_downgrade+0x900/0x900 [ 269.261074] radix_tree_node_alloc.constprop.19+0x1f7/0x370 [ 269.266820] idr_get_free+0x7a4/0xf70 [ 269.270675] ? radix_tree_iter_tag_clear+0x90/0x90 [ 269.275621] ? __save_stack_trace+0x8d/0xf0 [ 269.279971] ? save_stack+0xa9/0xd0 [ 269.283617] ? save_stack+0x43/0xd0 [ 269.287252] ? kasan_kmalloc+0xc7/0xe0 13:27:46 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x40000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:46 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000180", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:46 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000000)={@mcast1, @loopback, @empty, 0x8000000000000000, 0x0, 0x0, 0xfffffffffffffffe}) [ 269.291152] ? kasan_slab_alloc+0x12/0x20 [ 269.295314] ? kmem_cache_alloc+0x12e/0x730 [ 269.299643] ? __kernfs_new_node+0x127/0x8d0 [ 269.304064] ? kernfs_new_node+0x95/0x120 [ 269.308236] ? internal_create_group+0x5fc/0xd80 [ 269.313007] ? sysfs_create_group+0x1f/0x30 [ 269.317340] ? lo_ioctl+0x1307/0x1d60 [ 269.321146] ? blkdev_ioctl+0x9ac/0x2010 [ 269.321162] ? block_ioctl+0xee/0x130 [ 269.321177] ? do_vfs_ioctl+0x1de/0x1720 [ 269.321194] ? ksys_ioctl+0xa9/0xd0 [ 269.336725] ? __x64_sys_ioctl+0x73/0xb0 [ 269.336742] ? do_syscall_64+0x1b9/0x820 [ 269.336763] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.350230] ? find_held_lock+0x36/0x1c0 [ 269.354315] idr_alloc_u32+0x1d4/0x3a0 [ 269.358227] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 269.363091] ? lock_acquire+0x1ed/0x520 [ 269.367079] ? __kernfs_new_node+0x14e/0x8d0 [ 269.371495] ? __lock_is_held+0xb5/0x140 [ 269.375552] idr_alloc_cyclic+0x166/0x350 [ 269.379731] ? idr_alloc+0x1b0/0x1b0 [ 269.383456] ? __radix_tree_preload+0x1f7/0x280 [ 269.388121] __kernfs_new_node+0x1ee/0x8d0 [ 269.392346] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 269.397100] ? _raw_spin_unlock_irq+0x60/0x80 [ 269.401595] ? __schedule+0x168b/0x21d0 [ 269.405588] ? zap_class+0x640/0x640 [ 269.409319] ? zap_class+0x640/0x640 [ 269.413031] ? trace_hardirqs_on+0xbd/0x310 [ 269.417358] ? kasan_check_read+0x11/0x20 [ 269.421500] ? find_held_lock+0x36/0x1c0 [ 269.425580] kernfs_new_node+0x95/0x120 [ 269.429568] kernfs_create_dir_ns+0x4d/0x160 [ 269.433998] internal_create_group+0x5fc/0xd80 [ 269.438599] ? remove_files.isra.1+0x190/0x190 [ 269.443168] ? up_write+0x7b/0x220 [ 269.446698] ? down_write_nested+0x130/0x130 [ 269.451097] ? down_read+0x120/0x120 [ 269.454824] sysfs_create_group+0x1f/0x30 [ 269.458965] lo_ioctl+0x1307/0x1d60 [ 269.462601] ? lo_rw_aio+0x1ef0/0x1ef0 [ 269.466491] blkdev_ioctl+0x9ac/0x2010 [ 269.470363] ? blkpg_ioctl+0xc10/0xc10 [ 269.474237] ? lock_downgrade+0x900/0x900 [ 269.478383] ? check_preemption_disabled+0x48/0x280 [ 269.483403] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 269.488318] ? kasan_check_read+0x11/0x20 [ 269.492463] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 269.497741] ? rcu_softirq_qs+0x20/0x20 [ 269.501705] ? __fget+0x4d1/0x740 [ 269.505147] ? ksys_dup3+0x680/0x680 [ 269.508856] block_ioctl+0xee/0x130 [ 269.512469] ? blkdev_fallocate+0x400/0x400 [ 269.516794] do_vfs_ioctl+0x1de/0x1720 [ 269.520682] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 269.526230] ? ioctl_preallocate+0x300/0x300 [ 269.530637] ? __fget_light+0x2e9/0x430 [ 269.534618] ? fget_raw+0x20/0x20 [ 269.538075] ? rcu_read_lock_sched_held+0x14f/0x180 [ 269.543106] ? kmem_cache_free+0x24f/0x290 [ 269.547339] ? putname+0xf7/0x130 [ 269.550778] ? do_syscall_64+0x9a/0x820 [ 269.554741] ? do_syscall_64+0x9a/0x820 [ 269.558717] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 269.563291] ? security_file_ioctl+0x94/0xc0 [ 269.567689] ksys_ioctl+0xa9/0xd0 [ 269.571130] __x64_sys_ioctl+0x73/0xb0 [ 269.575009] do_syscall_64+0x1b9/0x820 [ 269.578885] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 269.584250] ? syscall_return_slowpath+0x5e0/0x5e0 [ 269.589167] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 269.593999] ? trace_hardirqs_on_caller+0x310/0x310 [ 269.599003] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 269.604006] ? prepare_exit_to_usermode+0x291/0x3b0 [ 269.609012] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 269.613846] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 269.619031] RIP: 0033:0x4573d7 [ 269.622222] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 13:27:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 269.641108] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.648797] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 269.656059] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 269.663332] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 269.670594] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 269.677850] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 269.708230] EXT4-fs (sda1): re-mounted. Opts: 13:27:46 executing program 3 (fault-call:3 fault-nth:12): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:46 executing program 0: r0 = socket(0x1b, 0x1, 0x0) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000000)) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:46 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0040000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:46 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 269.911524] FAULT_INJECTION: forcing a failure. [ 269.911524] name failslab, interval 1, probability 0, space 0, times 0 [ 269.924425] CPU: 0 PID: 9885 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 269.932850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 269.942212] Call Trace: [ 269.944814] dump_stack+0x244/0x39d [ 269.948455] ? dump_stack_print_info.cold.1+0x20/0x20 [ 269.953652] ? radix_tree_tag_set+0x3d0/0x3d0 [ 269.958163] should_fail.cold.4+0xa/0x17 [ 269.962232] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 269.967348] ? kernfs_activate+0x8e/0x2c0 [ 269.971504] ? zap_class+0x640/0x640 [ 269.975220] ? lock_release+0xa10/0xa10 [ 269.979194] ? perf_trace_sched_process_exec+0x860/0x860 [ 269.984665] ? find_held_lock+0x36/0x1c0 [ 269.988735] ? __lock_is_held+0xb5/0x140 [ 269.992889] ? update_changeattr_locked+0x1d8/0x6d0 [ 269.997926] ? perf_trace_sched_process_exec+0x860/0x860 [ 270.003384] ? find_held_lock+0x36/0x1c0 [ 270.007458] __should_failslab+0x124/0x180 [ 270.011703] should_failslab+0x9/0x14 [ 270.015508] kmem_cache_alloc+0x2be/0x730 [ 270.019659] ? find_held_lock+0x36/0x1c0 [ 270.023733] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 270.028757] __kernfs_new_node+0x127/0x8d0 [ 270.033005] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 270.037765] ? kasan_check_write+0x14/0x20 [ 270.042003] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 270.046933] ? __kernfs_new_node+0x697/0x8d0 [ 270.051349] ? wait_for_completion+0x8a0/0x8a0 [ 270.055937] ? zap_class+0x640/0x640 [ 270.059660] ? kasan_check_write+0x14/0x20 [ 270.063904] ? __lock_is_held+0xb5/0x140 [ 270.067975] ? wait_for_completion+0x8a0/0x8a0 [ 270.072606] ? mutex_unlock+0xd/0x10 [ 270.076328] ? kernfs_activate+0x21a/0x2c0 [ 270.080568] kernfs_new_node+0x95/0x120 [ 270.084569] __kernfs_create_file+0x5a/0x340 [ 270.089008] sysfs_add_file_mode_ns+0x222/0x530 [ 270.093690] internal_create_group+0x3df/0xd80 [ 270.098286] ? remove_files.isra.1+0x190/0x190 [ 270.102872] ? up_write+0x7b/0x220 [ 270.106417] ? down_write_nested+0x130/0x130 [ 270.110842] ? down_read+0x120/0x120 [ 270.114588] sysfs_create_group+0x1f/0x30 [ 270.118743] lo_ioctl+0x1307/0x1d60 [ 270.122382] ? lo_rw_aio+0x1ef0/0x1ef0 [ 270.126276] blkdev_ioctl+0x9ac/0x2010 [ 270.130167] ? blkpg_ioctl+0xc10/0xc10 [ 270.134058] ? lock_downgrade+0x900/0x900 [ 270.138238] ? check_preemption_disabled+0x48/0x280 [ 270.143268] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 270.148198] ? kasan_check_read+0x11/0x20 [ 270.152349] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 270.157635] ? rcu_softirq_qs+0x20/0x20 [ 270.161631] ? __fget+0x4d1/0x740 [ 270.165094] ? ksys_dup3+0x680/0x680 [ 270.168828] block_ioctl+0xee/0x130 [ 270.172457] ? blkdev_fallocate+0x400/0x400 [ 270.176786] do_vfs_ioctl+0x1de/0x1720 [ 270.180682] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 270.186229] ? ioctl_preallocate+0x300/0x300 [ 270.190643] ? __fget_light+0x2e9/0x430 [ 270.194625] ? fget_raw+0x20/0x20 [ 270.198083] ? rcu_read_lock_sched_held+0x14f/0x180 [ 270.203106] ? kmem_cache_free+0x24f/0x290 [ 270.207346] ? putname+0xf7/0x130 [ 270.210812] ? do_syscall_64+0x9a/0x820 [ 270.214793] ? do_syscall_64+0x9a/0x820 [ 270.218771] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 270.223365] ? security_file_ioctl+0x94/0xc0 [ 270.227783] ksys_ioctl+0xa9/0xd0 [ 270.231245] __x64_sys_ioctl+0x73/0xb0 [ 270.235147] do_syscall_64+0x1b9/0x820 [ 270.239039] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 270.244412] ? syscall_return_slowpath+0x5e0/0x5e0 [ 270.249377] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.254224] ? trace_hardirqs_on_caller+0x310/0x310 [ 270.259256] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 270.264284] ? prepare_exit_to_usermode+0x291/0x3b0 [ 270.269346] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 270.274198] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 270.279390] RIP: 0033:0x4573d7 [ 270.282600] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 270.301513] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:27:47 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xf000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) [ 270.309226] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 270.316501] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 270.323770] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 270.331039] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 270.338310] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:47 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xeffdffff, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:47 executing program 0: r0 = socket(0xa, 0x1, 0x0) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x40000) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000000)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x4, 0x100}) 13:27:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 270.445836] EXT4-fs (sda1): re-mounted. Opts: 13:27:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 270.531220] EXT4-fs (sda1): re-mounted. Opts: 13:27:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fdfdffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:47 executing program 3 (fault-call:3 fault-nth:13): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:47 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000300)=0x0) r2 = fcntl$dupfd(r0, 0x406, r0) r3 = perf_event_open(&(0x7f0000000280)={0x7, 0x70, 0x9, 0x7fff, 0x435d, 0x80000001, 0x0, 0x16, 0x1, 0xf, 0x0, 0x3f, 0x80000000, 0xf935, 0x6, 0x8001, 0x6, 0x8, 0x20, 0x80000000, 0x7, 0x0, 0x3, 0x9, 0x10000, 0x5, 0x8, 0x3, 0x8fe6, 0xc8e2, 0x3, 0x9, 0x80, 0x5, 0x100000001, 0x8, 0x2e, 0x1800000, 0x0, 0x9, 0x3, @perf_bp={&(0x7f0000000240), 0x1}, 0x1000, 0x80, 0x5, 0x0, 0x4, 0x8, 0x100000001}, r1, 0x0, r2, 0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e23, 0xda3, @remote, 0x8}}, 0xed, 0xdef2, 0xff, 0x0, 0x8e}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000100), &(0x7f0000000140)=0xb) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000400)=ANY=[@ANYRES32=r4, @ANYBLOB="f30000005086ebd40233e2c445ddacccfd715c5b7d7675b288af532811b1538f0721eb58f23e9b9840fee77390ac601e7d796f6410138c990dbeec66246ddda306d84a1434c21e79796cbe356f993a56772be0a3fd240a62638540596c49397dab533d30d798d62dcc3321da6268641ade1de1037cfd726b52133338732296b6c9a6eece4ca3684c20f2114c50dab1e562e1b94a4e6a767d59853156f46779beb77a65cd2efbfe5d8783eb6dd9290b9e0f2323f5d087038eef52464ab038d590a6b1dbba5c7ca407b9841e5774e9d457d036feb4f8b0eaf351bf26d169cc4b7a9275325f143c265797b4cc0a0db6f27018e004a6c10514d3d349cef820703156b883816a4dca43f1f8977219d756807f7189a0339c769f162aef"], &(0x7f0000000200)=0xfb) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$IP_VS_SO_GET_INFO(r5, 0x0, 0x481, &(0x7f0000000180), &(0x7f00000001c0)=0xc) 13:27:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 270.772451] FAULT_INJECTION: forcing a failure. [ 270.772451] name failslab, interval 1, probability 0, space 0, times 0 [ 270.817993] CPU: 0 PID: 9940 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 270.826442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.835799] Call Trace: [ 270.837349] EXT4-fs (sda1): re-mounted. Opts: [ 270.838407] dump_stack+0x244/0x39d [ 270.838435] ? dump_stack_print_info.cold.1+0x20/0x20 [ 270.838454] ? radix_tree_tag_set+0x3d0/0x3d0 [ 270.838482] should_fail.cold.4+0xa/0x17 [ 270.838504] ? fault_create_debugfs_attr+0x1f0/0x1f0 13:27:47 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000000)={'veth0_to_bridge\x00', 0x4}) [ 270.838531] ? kernfs_activate+0x8e/0x2c0 [ 270.869641] ? zap_class+0x640/0x640 [ 270.873374] ? lock_release+0xa10/0xa10 [ 270.877363] ? perf_trace_sched_process_exec+0x860/0x860 [ 270.882833] ? find_held_lock+0x36/0x1c0 [ 270.886913] ? __lock_is_held+0xb5/0x140 [ 270.890981] ? cap_capget+0x2f8/0x4f0 [ 270.891011] ? perf_trace_sched_process_exec+0x860/0x860 [ 270.900247] ? find_held_lock+0x36/0x1c0 [ 270.904333] __should_failslab+0x124/0x180 [ 270.908627] should_failslab+0x9/0x14 [ 270.912447] kmem_cache_alloc+0x2be/0x730 [ 270.916621] ? find_held_lock+0x36/0x1c0 [ 270.920698] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 270.925730] __kernfs_new_node+0x127/0x8d0 [ 270.929986] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 270.934764] ? kasan_check_write+0x14/0x20 [ 270.939023] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 270.943967] ? __kernfs_new_node+0x697/0x8d0 [ 270.948393] ? wait_for_completion+0x8a0/0x8a0 [ 270.953001] ? zap_class+0x640/0x640 [ 270.956740] ? kasan_check_write+0x14/0x20 [ 270.960996] ? __lock_is_held+0xb5/0x140 13:27:47 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 270.965363] ? wait_for_completion+0x8a0/0x8a0 [ 270.969967] ? mutex_unlock+0xd/0x10 [ 270.973683] ? kernfs_activate+0x21a/0x2c0 [ 270.977920] kernfs_new_node+0x95/0x120 [ 270.981901] __kernfs_create_file+0x5a/0x340 [ 270.986315] sysfs_add_file_mode_ns+0x222/0x530 [ 270.991013] internal_create_group+0x3df/0xd80 [ 270.995631] ? remove_files.isra.1+0x190/0x190 [ 271.000227] ? up_write+0x7b/0x220 [ 271.003780] ? down_write_nested+0x130/0x130 [ 271.008201] ? down_read+0x120/0x120 [ 271.008237] sysfs_create_group+0x1f/0x30 [ 271.008255] lo_ioctl+0x1307/0x1d60 [ 271.016114] ? lo_rw_aio+0x1ef0/0x1ef0 [ 271.016129] blkdev_ioctl+0x9ac/0x2010 [ 271.016144] ? blkpg_ioctl+0xc10/0xc10 [ 271.016160] ? lock_downgrade+0x900/0x900 [ 271.016174] ? check_preemption_disabled+0x48/0x280 [ 271.016196] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 271.016213] ? kasan_check_read+0x11/0x20 [ 271.016233] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 271.054992] ? rcu_softirq_qs+0x20/0x20 [ 271.058994] ? __fget+0x4d1/0x740 [ 271.062470] ? ksys_dup3+0x680/0x680 [ 271.066208] block_ioctl+0xee/0x130 [ 271.069854] ? blkdev_fallocate+0x400/0x400 [ 271.074193] do_vfs_ioctl+0x1de/0x1720 [ 271.078100] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 271.083658] ? ioctl_preallocate+0x300/0x300 [ 271.088081] ? __fget_light+0x2e9/0x430 [ 271.092067] ? fget_raw+0x20/0x20 [ 271.095524] ? rcu_read_lock_sched_held+0x14f/0x180 [ 271.100540] ? kmem_cache_free+0x24f/0x290 [ 271.104802] ? putname+0xf7/0x130 [ 271.108262] ? do_syscall_64+0x9a/0x820 [ 271.112234] ? do_syscall_64+0x9a/0x820 [ 271.116212] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 271.120788] ? security_file_ioctl+0x94/0xc0 [ 271.125214] ksys_ioctl+0xa9/0xd0 [ 271.128682] __x64_sys_ioctl+0x73/0xb0 [ 271.132607] do_syscall_64+0x1b9/0x820 [ 271.136514] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 271.141893] ? syscall_return_slowpath+0x5e0/0x5e0 [ 271.146840] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.151708] ? trace_hardirqs_on_caller+0x310/0x310 [ 271.156769] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 271.161800] ? prepare_exit_to_usermode+0x291/0x3b0 [ 271.166838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.171698] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.176894] RIP: 0033:0x4573d7 [ 271.180099] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 271.199016] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 271.206747] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 13:27:48 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0040000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 271.214026] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 271.221304] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 271.228592] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 271.235874] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 271.245918] EXT4-fs (sda1): re-mounted. Opts: 13:27:48 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x4000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:48 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000400), 0x10) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0xa}}, 0x20) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000340)=0x1) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000280)=""/181) write$RDMA_USER_CM_CMD_CONNECT(r1, &(0x7f00000000c0)={0x6, 0x118, 0xfa00, {{0x1, 0x40, "8062cf00145a7baff0596d644655da3bbe21eda33dfdef76ebc26a44a0e596a5701b56015c79d9c5d990ac93ad187657adc2842971d45dd5f8bee9fcdf48d4cf58b9843bfbb8d99e43d679d8554d94a5eff443cf67ca94c473284223acf1c73f42865c8033b26ff34ed672dbe3ef2a089a976c7b7383d7d6035bc832bfeba15860b154620c3391271ddb95bab17c020e3529e4d2d75dcc8f8a32407cba0147bd1e26c8576fe54e686d75bc0df1145bc5e2ecab4d88df94aeaff7cb5043aa24e0e2f7a45edfc1d96c57c1c7be699c1ab53e5fa3e6c6000b2037a30367ab48b8f1e0c4cca8cd02eb7a4b095c68d53c0331ef03b74881a3cf0f90201dbbbaf4eb8b", 0xa8, 0x7, 0x4, 0x1, 0x20, 0x100000000, 0x1}, r2}}, 0x120) setsockopt$inet_tcp_buf(r0, 0x6, 0x1d, &(0x7f0000000440)="7fcb0abfad04fc4de2feabdc34d540885fa2e019f867a8b2bbcde5f41f91e9b6bea03178f7bea780c32655439235347ae3fa61f663e492ef5ecb491872ff372621e0e31e7edb2611bf2bf9103efcb3f35f5c4556d9e636a62f40ad3a7f9287e90035fefe85866de599d49f59cdd3754bc75937c8f22c6f422c97bdd1e4e47117d2d268d4bde342fc7a7ec8774f0dc554d794947adb8dbe52cb97d4f13b252ace57448487b2a3ba8db7c67ce81a23c85a50a73a5f2daec0c8057f4c56d09165e40dbdaa1a33ad4cfdd09035c9b2f0ea7bf1df73d423460cf26b4d75bc675eed33795e242a799283a01f8faad7e25e97a775195fab35995a2ce8f0f04a5b48", 0xfe) getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000200), 0x10) 13:27:48 executing program 3 (fault-call:3 fault-nth:14): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:48 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="97ffffff80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 271.437032] FAULT_INJECTION: forcing a failure. [ 271.437032] name failslab, interval 1, probability 0, space 0, times 0 [ 271.439671] EXT4-fs (sda1): re-mounted. Opts: 13:27:48 executing program 0: r0 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x1) getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000140), &(0x7f0000000180)=0x40) r1 = epoll_create(0x1) epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}, {}, {}], 0x5, 0x9, &(0x7f00000000c0)={0x9}, 0x8) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xcc, r2, 0x0, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x58, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x89}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3f}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8}]}, @IPVS_CMD_ATTR_DAEMON={0x60, 0x3, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x1}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x7}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x7ff}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) r3 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r3, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0xc97}) ioctl$FS_IOC_GETFLAGS(r3, 0x80086601, &(0x7f0000000040)) ioctl$sock_inet_SIOCGIFBRDADDR(r3, 0x8919, &(0x7f0000000000)={'bcsh0\x00', {0x2, 0x4e23}}) [ 271.501024] CPU: 0 PID: 9977 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 271.509475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.518828] Call Trace: [ 271.521433] dump_stack+0x244/0x39d [ 271.525089] ? dump_stack_print_info.cold.1+0x20/0x20 [ 271.530306] should_fail.cold.4+0xa/0x17 [ 271.534411] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 271.539533] ? lock_release+0xa10/0xa10 [ 271.543516] ? perf_trace_sched_process_exec+0x860/0x860 [ 271.548989] ? zap_class+0x640/0x640 [ 271.552727] ? find_held_lock+0x36/0x1c0 [ 271.556813] ? __lock_is_held+0xb5/0x140 [ 271.560944] ? hash_ipmark6_del+0x978/0x1140 [ 271.560975] ? perf_trace_sched_process_exec+0x860/0x860 [ 271.570825] ? kernfs_activate+0x21a/0x2c0 [ 271.575076] __should_failslab+0x124/0x180 [ 271.575097] should_failslab+0x9/0x14 [ 271.575114] kmem_cache_alloc+0x2be/0x730 [ 271.575134] ? lock_downgrade+0x900/0x900 [ 271.591443] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 271.596478] __kernfs_new_node+0x127/0x8d0 13:27:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x31, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0x80dc5521, &(0x7f0000000040)) 13:27:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 271.600730] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 271.605501] ? zap_class+0x640/0x640 [ 271.609238] ? __lock_is_held+0xb5/0x140 [ 271.613312] ? wait_for_completion+0x8a0/0x8a0 [ 271.617921] ? mutex_unlock+0xd/0x10 [ 271.621649] ? kernfs_activate+0x21a/0x2c0 [ 271.625905] ? kernfs_walk_and_get_ns+0x340/0x340 [ 271.630763] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 271.636312] ? kernfs_link_sibling+0x1d2/0x3b0 [ 271.640911] kernfs_new_node+0x95/0x120 [ 271.645082] __kernfs_create_file+0x5a/0x340 [ 271.649512] sysfs_add_file_mode_ns+0x222/0x530 [ 271.654212] internal_create_group+0x3df/0xd80 [ 271.658815] ? remove_files.isra.1+0x190/0x190 [ 271.658831] ? up_write+0x7b/0x220 [ 271.658847] ? down_write_nested+0x130/0x130 [ 271.658870] ? down_read+0x120/0x120 [ 271.671393] sysfs_create_group+0x1f/0x30 [ 271.671411] lo_ioctl+0x1307/0x1d60 [ 271.671435] ? lo_rw_aio+0x1ef0/0x1ef0 [ 271.686771] blkdev_ioctl+0x9ac/0x2010 [ 271.690677] ? blkpg_ioctl+0xc10/0xc10 [ 271.694595] ? lock_downgrade+0x900/0x900 13:27:48 executing program 0: r0 = socket(0xa, 0x1, 0x0) sendto$inet6(r0, &(0x7f00000000c0)="2b33fe487eec72459ba864842669c02485fbaadd7d3f97f55f1e8a372cb409ef35b114fbc9e0b58543991cacf3db005156104c52d5917fb84c2c0acb1b2d36cca11b406bf36e4ee3d19ca2f56eb709f7e959eae90d9a5c580b44fbef91383257954c672debe8489f4f3005d43bfa2ebd49266044f9ab823d15347cbca2f5a1036dc3ae3215072499fe970de11288988978698c6197d92e9a9ed22e5953b2ea7870754eb4dff3dad1d04a66953fdf41fa7d76fc52d81d68b7c194744bdbdf884b4f3740204f2c92df021f57ce763f2dbdacebc8c5268475", 0xd7, 0x8000, &(0x7f00000001c0)={0xa, 0x4e20, 0x6824, @dev={0xfe, 0x80, [], 0x18}, 0x100000000}, 0x1c) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x59673d35, 0x4000) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) write$cgroup_pid(r1, &(0x7f0000000080)=r2, 0x12) [ 271.698757] ? check_preemption_disabled+0x48/0x280 [ 271.703793] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 271.708732] ? kasan_check_read+0x11/0x20 [ 271.712893] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 271.718209] ? rcu_softirq_qs+0x20/0x20 [ 271.722208] ? __fget+0x4d1/0x740 [ 271.725685] ? ksys_dup3+0x680/0x680 [ 271.729425] block_ioctl+0xee/0x130 [ 271.733071] ? blkdev_fallocate+0x400/0x400 [ 271.737408] do_vfs_ioctl+0x1de/0x1720 [ 271.741313] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 271.746868] ? ioctl_preallocate+0x300/0x300 13:27:48 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 271.751308] ? __fget_light+0x2e9/0x430 [ 271.755292] ? fget_raw+0x20/0x20 [ 271.758756] ? rcu_read_lock_sched_held+0x14f/0x180 [ 271.763785] ? kmem_cache_free+0x24f/0x290 [ 271.768035] ? putname+0xf7/0x130 [ 271.771508] ? do_syscall_64+0x9a/0x820 [ 271.775492] ? do_syscall_64+0x9a/0x820 [ 271.779481] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 271.784076] ? security_file_ioctl+0x94/0xc0 [ 271.788506] ksys_ioctl+0xa9/0xd0 [ 271.791974] __x64_sys_ioctl+0x73/0xb0 [ 271.795880] do_syscall_64+0x1b9/0x820 [ 271.799779] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 271.805150] ? syscall_return_slowpath+0x5e0/0x5e0 [ 271.805165] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.805185] ? trace_hardirqs_on_caller+0x310/0x310 [ 271.805201] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 271.805219] ? prepare_exit_to_usermode+0x291/0x3b0 [ 271.805240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 271.805260] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 271.805271] RIP: 0033:0x4573d7 [ 271.805287] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 271.805295] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 271.805315] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 271.820073] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 271.820083] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 271.820093] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 13:27:48 executing program 0: r0 = socket(0xe, 0xfffffffffffffffd, 0x66) accept4$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14, 0x800) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x80000000, r1}) [ 271.820102] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 271.942217] EXT4-fs (sda1): re-mounted. Opts: [ 271.987676] EXT4-fs (sda1): re-mounted. Opts: 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:49 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40a00, 0x0) read$FUSE(r0, &(0x7f0000000400), 0x1000) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:49 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xffffff8d, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:49 executing program 3 (fault-call:3 fault-nth:15): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:49 executing program 2: lsetxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x0) semget$private(0x0, 0x6, 0x80) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000540)="66660f3882811344bd85b87f7800000f23c80f21f8350000f0000f23f866ba2100b0faee0f01f70f20c035040000000f22c0360f00d6660f3801a7627a33460f234cb83e0000000f23d00f21f835100000020f23f866baa10066ed", 0x5b}], 0x1, 0x51, &(0x7f00000001c0), 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f00000000c0)="2e2e640fc7a80900fdb8e8038ee0f2e053baf80c66b820bbcb8866efbafc0c66b80000000066ef0f95610166b8150000000f23c80f21f86635000040000f23f8b800008ee8640f9a8803003d0000", 0x4e}], 0x1, 0x0, &(0x7f0000000000), 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000680)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) write$P9_RSYMLINK(0xffffffffffffffff, &(0x7f0000000840)={0x14, 0x11, 0x1, {0x0, 0x4}}, 0x14) socket$packet(0x11, 0x6, 0x300) sendto$packet(0xffffffffffffffff, &(0x7f0000000300)="91", 0x1, 0x0, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x14) lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setfsuid(r3) clock_gettime(0x0, &(0x7f00000004c0)) 13:27:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0068000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 272.345075] FAULT_INJECTION: forcing a failure. [ 272.345075] name failslab, interval 1, probability 0, space 0, times 0 13:27:49 executing program 0: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={@mcast1, @loopback, @mcast1, 0x2, 0x1, 0x7, 0x100, 0x9, 0x4000000, r1}) socket(0xa, 0x4, 0x0) [ 272.385836] CPU: 0 PID: 10033 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 272.394375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 272.403738] Call Trace: [ 272.406353] dump_stack+0x244/0x39d [ 272.410003] ? dump_stack_print_info.cold.1+0x20/0x20 [ 272.415223] should_fail.cold.4+0xa/0x17 [ 272.419301] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 272.424420] ? lock_release+0xa10/0xa10 [ 272.428406] ? perf_trace_sched_process_exec+0x860/0x860 [ 272.433882] ? zap_class+0x640/0x640 [ 272.437640] ? find_held_lock+0x36/0x1c0 [ 272.441717] ? __lock_is_held+0xb5/0x140 [ 272.445805] ? perf_trace_sched_process_exec+0x860/0x860 [ 272.451262] ? kernfs_activate+0x21a/0x2c0 [ 272.455517] __should_failslab+0x124/0x180 [ 272.459773] should_failslab+0x9/0x14 [ 272.463604] kmem_cache_alloc+0x2be/0x730 [ 272.467776] ? lock_downgrade+0x900/0x900 [ 272.471971] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 272.477002] __kernfs_new_node+0x127/0x8d0 [ 272.481255] ? kernfs_dop_revalidate+0x3c0/0x3c0 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 272.486022] ? zap_class+0x640/0x640 [ 272.489768] ? __lock_is_held+0xb5/0x140 [ 272.493849] ? wait_for_completion+0x8a0/0x8a0 [ 272.498461] ? mutex_unlock+0xd/0x10 [ 272.502187] ? kernfs_activate+0x21a/0x2c0 [ 272.506439] ? kernfs_walk_and_get_ns+0x340/0x340 [ 272.511296] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 272.516845] ? kernfs_link_sibling+0x1d2/0x3b0 [ 272.521454] kernfs_new_node+0x95/0x120 [ 272.525451] __kernfs_create_file+0x5a/0x340 [ 272.529884] sysfs_add_file_mode_ns+0x222/0x530 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 272.534591] internal_create_group+0x3df/0xd80 [ 272.539197] ? remove_files.isra.1+0x190/0x190 [ 272.543788] ? up_write+0x7b/0x220 [ 272.547342] ? down_write_nested+0x130/0x130 [ 272.551772] ? down_read+0x120/0x120 [ 272.555517] sysfs_create_group+0x1f/0x30 [ 272.559685] lo_ioctl+0x1307/0x1d60 [ 272.563331] ? lo_rw_aio+0x1ef0/0x1ef0 [ 272.567407] blkdev_ioctl+0x9ac/0x2010 [ 272.571308] ? blkpg_ioctl+0xc10/0xc10 [ 272.575207] ? lock_downgrade+0x900/0x900 [ 272.579362] ? check_preemption_disabled+0x48/0x280 [ 272.584395] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 272.589339] ? kasan_check_read+0x11/0x20 [ 272.593501] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 272.598797] ? rcu_softirq_qs+0x20/0x20 [ 272.602797] ? __fget+0x4d1/0x740 [ 272.606269] ? ksys_dup3+0x680/0x680 [ 272.610010] block_ioctl+0xee/0x130 [ 272.613643] ? blkdev_fallocate+0x400/0x400 [ 272.613663] do_vfs_ioctl+0x1de/0x1720 [ 272.613682] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 272.613701] ? ioctl_preallocate+0x300/0x300 [ 272.613717] ? __fget_light+0x2e9/0x430 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 272.613736] ? fget_raw+0x20/0x20 [ 272.627465] ? rcu_read_lock_sched_held+0x14f/0x180 [ 272.627484] ? kmem_cache_free+0x24f/0x290 [ 272.627501] ? putname+0xf7/0x130 [ 272.627521] ? do_syscall_64+0x9a/0x820 [ 272.655968] ? do_syscall_64+0x9a/0x820 [ 272.659955] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 272.664553] ? security_file_ioctl+0x94/0xc0 [ 272.668994] ksys_ioctl+0xa9/0xd0 [ 272.672470] __x64_sys_ioctl+0x73/0xb0 [ 272.676381] do_syscall_64+0x1b9/0x820 [ 272.680281] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 272.685662] ? syscall_return_slowpath+0x5e0/0x5e0 [ 272.690617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.695469] ? trace_hardirqs_on_caller+0x310/0x310 [ 272.695489] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 272.695508] ? prepare_exit_to_usermode+0x291/0x3b0 [ 272.695532] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 272.710607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 272.710622] RIP: 0033:0x4573d7 [ 272.710639] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 272.710653] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.750454] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 272.757730] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 272.764997] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 272.772291] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 272.779560] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:49 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) 13:27:49 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="006c000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:49 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:50 executing program 3 (fault-call:3 fault-nth:16): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:50 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:50 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f00000002c0), 0x10) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000001680), 0x4) 13:27:50 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xfffffdef, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:50 executing program 0: socket(0x40000000002, 0x3, 0x2) syz_emit_ethernet(0x2a, &(0x7f0000000040)=ANY=[@ANYBLOB="67c7387daaaa0916fd40722508004500001c000000000002907800000000ffffff9078e0000001000000"], &(0x7f0000000000)) r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="7a00000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:50 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:50 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @ipv4={[], [], @remote}}) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000040)='team\x00') accept$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000000c0)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000018c0)={{{@in6=@mcast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f00000019c0)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000001b00)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000008}, 0xc, &(0x7f0000001ac0)={&(0x7f0000001a00)={0x94, r1, 0x0, 0x3ff, 0x25dfdbff, {}, [{{0x8, 0x1, r2}, {0x78, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x8001}}}]}}]}, 0x94}, 0x1, 0x0, 0x0, 0x1}, 0xc040) r4 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0xe800) write$USERIO_CMD_SEND_INTERRUPT(r4, &(0x7f0000000140)={0x2, 0x6}, 0x2) [ 273.356876] FAULT_INJECTION: forcing a failure. [ 273.356876] name failslab, interval 1, probability 0, space 0, times 0 [ 273.400605] CPU: 1 PID: 10104 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 273.409155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.418519] Call Trace: [ 273.421129] dump_stack+0x244/0x39d [ 273.424787] ? dump_stack_print_info.cold.1+0x20/0x20 [ 273.430001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 273.430030] should_fail.cold.4+0xa/0x17 [ 273.430049] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 273.444745] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 13:27:50 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000000140)) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000000380), 0xc, &(0x7f00000003c0)={&(0x7f00000000c0)={0x14, 0x3, 0x1, 0x800000001, 0x0, 0x0, {0xd}}, 0x14}}, 0x0) 13:27:50 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000004880", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 273.444761] ? wake_up_klogd+0x11a/0x180 [ 273.444776] ? console_device+0xc0/0xc0 [ 273.444796] ? __down_trylock_console_sem+0x151/0x1f0 [ 273.444817] ? zap_class+0x640/0x640 [ 273.444834] ? vprintk_emit+0x293/0x990 [ 273.471259] ? find_held_lock+0x36/0x1c0 [ 273.475342] ? __lock_is_held+0xb5/0x140 [ 273.479503] ? kvm_mmu_change_mmu_pages+0x418/0x450 [ 273.484540] ? perf_trace_sched_process_exec+0x860/0x860 [ 273.490004] ? vprintk_default+0x28/0x30 [ 273.494093] __should_failslab+0x124/0x180 13:27:50 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.memory_migrate\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000140), 0x200001) [ 273.498348] should_failslab+0x9/0x14 [ 273.502164] kmem_cache_alloc_trace+0x2d7/0x750 [ 273.506858] kobject_uevent_env+0x2f3/0x101e [ 273.511285] kobject_uevent+0x1f/0x24 [ 273.515099] lo_ioctl+0x1385/0x1d60 [ 273.518752] ? lo_rw_aio+0x1ef0/0x1ef0 [ 273.522652] blkdev_ioctl+0x9ac/0x2010 [ 273.526548] ? blkpg_ioctl+0xc10/0xc10 [ 273.530446] ? lock_downgrade+0x900/0x900 [ 273.530461] ? check_preemption_disabled+0x48/0x280 [ 273.530485] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 273.544558] ? kasan_check_read+0x11/0x20 13:27:50 executing program 2: r0 = socket$inet6(0xa, 0x803, 0x8) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") clone(0xfffc, 0x0, 0xfffffffffffffffe, &(0x7f0000000080), 0xffffffffffffffff) r1 = getpid() prctl$setptracer(0x59616d61, r1) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) write(r2, &(0x7f00000001c0), 0xfffffef3) ptrace(0x4206, r1) [ 273.548734] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 273.554025] ? rcu_softirq_qs+0x20/0x20 [ 273.558028] ? __fget+0x4d1/0x740 [ 273.561507] ? ksys_dup3+0x680/0x680 [ 273.565280] block_ioctl+0xee/0x130 [ 273.568943] ? blkdev_fallocate+0x400/0x400 [ 273.573278] do_vfs_ioctl+0x1de/0x1720 [ 273.577183] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 273.582752] ? ioctl_preallocate+0x300/0x300 [ 273.587182] ? __fget_light+0x2e9/0x430 [ 273.591166] ? fget_raw+0x20/0x20 [ 273.594632] ? rcu_read_lock_sched_held+0x14f/0x180 [ 273.594650] ? kmem_cache_free+0x24f/0x290 [ 273.594668] ? putname+0xf7/0x130 [ 273.603923] ? do_syscall_64+0x9a/0x820 [ 273.611325] ? do_syscall_64+0x9a/0x820 [ 273.615311] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 273.619912] ? security_file_ioctl+0x94/0xc0 [ 273.624338] ksys_ioctl+0xa9/0xd0 [ 273.627811] __x64_sys_ioctl+0x73/0xb0 [ 273.631718] do_syscall_64+0x1b9/0x820 [ 273.635621] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 273.641002] ? syscall_return_slowpath+0x5e0/0x5e0 [ 273.645937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.650770] ? trace_hardirqs_on_caller+0x310/0x310 [ 273.655776] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 273.660779] ? prepare_exit_to_usermode+0x291/0x3b0 [ 273.665787] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 273.670621] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 273.675814] RIP: 0033:0x4573d7 [ 273.678994] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 273.697881] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.705590] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 273.712874] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 273.720139] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 273.727410] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 273.734673] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:50 executing program 3 (fault-call:3 fault-nth:17): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:50 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:50 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 273.921070] EXT4-fs: 4 callbacks suppressed [ 273.921114] EXT4-fs (sda1): re-mounted. Opts: [ 273.956037] FAULT_INJECTION: forcing a failure. [ 273.956037] name failslab, interval 1, probability 0, space 0, times 0 [ 273.968535] CPU: 1 PID: 10149 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 273.977066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.986434] Call Trace: [ 273.989022] dump_stack+0x244/0x39d [ 273.992658] ? dump_stack_print_info.cold.1+0x20/0x20 [ 273.997859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.003400] should_fail.cold.4+0xa/0x17 [ 274.007459] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 274.012572] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.018119] ? wake_up_klogd+0x11a/0x180 [ 274.022169] ? console_device+0xc0/0xc0 [ 274.026138] ? __down_trylock_console_sem+0x151/0x1f0 [ 274.031319] ? zap_class+0x640/0x640 [ 274.035021] ? vprintk_emit+0x293/0x990 [ 274.038997] ? find_held_lock+0x36/0x1c0 [ 274.043055] ? __lock_is_held+0xb5/0x140 [ 274.047119] ? perf_trace_sched_process_exec+0x860/0x860 [ 274.052565] ? vprintk_default+0x28/0x30 [ 274.056637] __should_failslab+0x124/0x180 [ 274.060861] should_failslab+0x9/0x14 [ 274.064650] kmem_cache_alloc_trace+0x2d7/0x750 [ 274.069337] kobject_uevent_env+0x2f3/0x101e [ 274.073771] kobject_uevent+0x1f/0x24 [ 274.077591] lo_ioctl+0x1385/0x1d60 [ 274.081211] ? lo_rw_aio+0x1ef0/0x1ef0 [ 274.085107] blkdev_ioctl+0x9ac/0x2010 [ 274.088991] ? blkpg_ioctl+0xc10/0xc10 [ 274.092875] ? lock_downgrade+0x900/0x900 [ 274.097022] ? check_preemption_disabled+0x48/0x280 [ 274.102030] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 274.106947] ? kasan_check_read+0x11/0x20 [ 274.111122] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 274.116393] ? rcu_softirq_qs+0x20/0x20 [ 274.120359] ? __fget+0x4d1/0x740 [ 274.123802] ? ksys_dup3+0x680/0x680 [ 274.127510] block_ioctl+0xee/0x130 [ 274.131150] ? blkdev_fallocate+0x400/0x400 [ 274.135482] do_vfs_ioctl+0x1de/0x1720 [ 274.139364] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 274.144893] ? ioctl_preallocate+0x300/0x300 [ 274.149289] ? __fget_light+0x2e9/0x430 [ 274.153252] ? fget_raw+0x20/0x20 [ 274.156709] ? rcu_read_lock_sched_held+0x14f/0x180 [ 274.161718] ? kmem_cache_free+0x24f/0x290 [ 274.165941] ? putname+0xf7/0x130 [ 274.169387] ? do_syscall_64+0x9a/0x820 [ 274.173379] ? do_syscall_64+0x9a/0x820 [ 274.177354] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 274.181942] ? security_file_ioctl+0x94/0xc0 [ 274.186354] ksys_ioctl+0xa9/0xd0 [ 274.189828] __x64_sys_ioctl+0x73/0xb0 [ 274.193733] do_syscall_64+0x1b9/0x820 [ 274.197628] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 274.202999] ? syscall_return_slowpath+0x5e0/0x5e0 [ 274.207917] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.212754] ? trace_hardirqs_on_caller+0x310/0x310 [ 274.217764] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 274.222862] ? prepare_exit_to_usermode+0x291/0x3b0 [ 274.227874] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.232731] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.237914] RIP: 0033:0x4573d7 [ 274.241102] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.259995] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 274.267694] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 274.274954] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 274.282211] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 274.289477] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 274.296740] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 274.313147] EXT4-fs (sda1): re-mounted. Opts: 13:27:51 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x3f000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:51 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x0, 0xf, 0x0, 0x0, 0x80}) 13:27:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:51 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fffffffd80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:51 executing program 3 (fault-call:3 fault-nth:18): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:51 executing program 0: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x680002, 0x0) sendto$inet(r0, &(0x7f0000000080)="560e20e7cdc5df0c18c6c878a44215ea7afcb6e8f900efd5518e7742235a97e1ccad6e4ff9f1dd5620d9835ed890ac24da18c05ff199452c078546c31b9d2699e6e9daedefcfa51edb1ae52ed2eae572d875d0ee66111898e59a22ef695ae6b1a3ce4da2b38a3eb4f308ce50f5df03c0eb92c805ee3ecb3cf1692c9993abab8907a83334beb6bd92", 0x88, 0x4000, &(0x7f0000000140)={0x2, 0x4e20, @multicast2}, 0x10) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x639a, {0x1, 0x1, 0x7, 0x40, 0xfffffffffffffd5a, 0x4}, 0x36099f65, 0x3}, 0xe) 13:27:51 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000000040)) [ 274.522971] FAULT_INJECTION: forcing a failure. [ 274.522971] name failslab, interval 1, probability 0, space 0, times 0 13:27:51 executing program 0: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vsock\x00', 0x8000, 0x0) setxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.redirect\x00', &(0x7f00000001c0)='./file0\x00', 0x8, 0x2) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x1f) lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000100)=@v2={0x2000000, [{0x1ff, 0x6d}, {0x5, 0xef}]}, 0x14, 0x1) socket(0xa, 0x1, 0x0) 13:27:51 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200), &(0x7f0000000240)}}, &(0x7f00000002c0)) r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/7, 0x7}], 0x1) r1 = gettid() ioctl$int_in(r0, 0x800000c0045005, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000016c0)={{}, {0x0, 0x989680}}, &(0x7f0000001680)) tkill(r1, 0x15) [ 274.587863] CPU: 1 PID: 10179 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 274.596405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 274.605764] Call Trace: [ 274.608375] dump_stack+0x244/0x39d [ 274.612030] ? dump_stack_print_info.cold.1+0x20/0x20 [ 274.617241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.622801] should_fail.cold.4+0xa/0x17 [ 274.626880] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 274.632001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 274.637557] ? wake_up_klogd+0x11a/0x180 [ 274.641638] ? console_device+0xc0/0xc0 [ 274.645629] ? __down_trylock_console_sem+0x151/0x1f0 [ 274.645650] ? zap_class+0x640/0x640 [ 274.645664] ? vprintk_emit+0x293/0x990 [ 274.645686] ? find_held_lock+0x36/0x1c0 [ 274.662642] ? __lock_is_held+0xb5/0x140 [ 274.666735] ? perf_trace_sched_process_exec+0x860/0x860 [ 274.672204] ? vprintk_default+0x28/0x30 [ 274.676281] __should_failslab+0x124/0x180 [ 274.680534] should_failslab+0x9/0x14 [ 274.684359] kmem_cache_alloc_trace+0x2d7/0x750 [ 274.689058] kobject_uevent_env+0x2f3/0x101e [ 274.693494] kobject_uevent+0x1f/0x24 [ 274.697306] lo_ioctl+0x1385/0x1d60 [ 274.700949] ? lo_rw_aio+0x1ef0/0x1ef0 [ 274.704851] blkdev_ioctl+0x9ac/0x2010 [ 274.708754] ? blkpg_ioctl+0xc10/0xc10 [ 274.712654] ? lock_downgrade+0x900/0x900 [ 274.716815] ? check_preemption_disabled+0x48/0x280 [ 274.721855] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 274.726817] ? kasan_check_read+0x11/0x20 [ 274.730998] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 274.736288] ? rcu_softirq_qs+0x20/0x20 [ 274.740287] ? __fget+0x4d1/0x740 [ 274.743766] ? ksys_dup3+0x680/0x680 [ 274.747506] block_ioctl+0xee/0x130 [ 274.751146] ? blkdev_fallocate+0x400/0x400 [ 274.755481] do_vfs_ioctl+0x1de/0x1720 [ 274.759389] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 274.765289] ? ioctl_preallocate+0x300/0x300 [ 274.769716] ? __fget_light+0x2e9/0x430 [ 274.773705] ? fget_raw+0x20/0x20 [ 274.777172] ? rcu_read_lock_sched_held+0x14f/0x180 [ 274.782203] ? kmem_cache_free+0x24f/0x290 [ 274.786450] ? putname+0xf7/0x130 [ 274.789921] ? do_syscall_64+0x9a/0x820 [ 274.793906] ? do_syscall_64+0x9a/0x820 [ 274.797894] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 274.802490] ? security_file_ioctl+0x94/0xc0 [ 274.806915] ksys_ioctl+0xa9/0xd0 [ 274.810383] __x64_sys_ioctl+0x73/0xb0 [ 274.814286] do_syscall_64+0x1b9/0x820 [ 274.818184] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 274.823565] ? syscall_return_slowpath+0x5e0/0x5e0 [ 274.828519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.833377] ? trace_hardirqs_on_caller+0x310/0x310 [ 274.838411] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 274.843442] ? prepare_exit_to_usermode+0x291/0x3b0 [ 274.848482] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 274.853348] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 274.858544] RIP: 0033:0x4573d7 [ 274.861760] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 274.880674] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:27:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 274.888389] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 274.895664] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 274.902940] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 274.910217] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 274.917490] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 274.949876] EXT4-fs (sda1): re-mounted. Opts: 13:27:51 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 274.979732] Unknown ioctl 1074025778 [ 274.990286] Unknown ioctl 1074025778 [ 275.003072] EXT4-fs (sda1): re-mounted. Opts: 13:27:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x40000000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:52 executing program 0: ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) socketpair$inet6(0xa, 0x3, 0xffffffffffffff86, &(0x7f00000002c0)={0xffffffffffffffff}) getsockopt$IP6T_SO_GET_REVISION_MATCH(r0, 0x29, 0x44, &(0x7f0000000300)={'TPROXY\x00'}, &(0x7f0000000340)=0x1e) r1 = dup(0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000140)={0x0, 0xcf, "aa4172e976ac3ca8455fd95525ed60789e7dfe59c72ae255791d92123614facc34ba1c749dd731ba76bfaea489139fc1a6214502376bba9e83807960dd18891ca56a988a8e8469b1ea29aa247ac003c135cfbea16f24bd42c82a484ea83996a2f57f4fa3c2fab255819a36ce521b052d9aed467c0cbf3ca05dc27a0071f1bc00dc49ac814f7e4a6d7038ac6dbd551c616cf1105d4e1b3c49b0279c5e6fe735d35431142a33e76437d66a0034f17cdd1bc6cfe2f5e3d37d6f3090647dafc9353bb027b8294ee196d3e78bd785e200f3"}, &(0x7f0000000240)=0xd7) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000280)={r2, 0x8, 0x20}, 0xc) ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f0000000040)=""/225) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000400)={{0x5}, 'port1\x00', 0x40, 0x800, 0x80, 0x1, 0x5, 0x3, 0x3f, 0x0, 0x5, 0xc34}) mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x80000000, @remote, 0x100000001}, 0x1c) 13:27:52 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0003000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:52 executing program 3 (fault-call:3 fault-nth:19): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:52 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:52 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200), &(0x7f0000000240)}}, &(0x7f00000002c0)) r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/7, 0x7}], 0x1) r1 = gettid() ioctl$int_in(r0, 0x800000c0045005, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000016c0)={{}, {0x0, 0x989680}}, &(0x7f0000001680)) tkill(r1, 0x15) 13:27:52 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:52 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=0x0, &(0x7f0000000040)=0x4) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080)=r1, 0x4) [ 275.295291] EXT4-fs (sda1): re-mounted. Opts: [ 275.359419] FAULT_INJECTION: forcing a failure. [ 275.359419] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 275.371264] CPU: 1 PID: 10236 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 275.379761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 275.389118] Call Trace: [ 275.391727] dump_stack+0x244/0x39d [ 275.395386] ? dump_stack_print_info.cold.1+0x20/0x20 [ 275.400605] ? up+0xea/0x1c0 [ 275.403649] should_fail.cold.4+0xa/0x17 [ 275.407726] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 275.412846] ? mark_held_locks+0xc7/0x130 [ 275.416998] ? lock_downgrade+0x900/0x900 [ 275.421168] ? mark_held_locks+0x130/0x130 [ 275.425410] ? vprintk_emit+0x391/0x990 [ 275.429394] ? trace_hardirqs_off_caller+0x300/0x300 [ 275.434523] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 275.434541] ? llist_add_batch+0x106/0x170 [ 275.434562] ? check_preemption_disabled+0x48/0x280 [ 275.434603] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.444358] ? should_fail+0x22d/0xd01 [ 275.444376] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.444394] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 275.444409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 275.444423] ? wake_up_klogd+0x11a/0x180 [ 275.444445] __alloc_pages_nodemask+0x34b/0xdd0 [ 275.444467] ? __down_trylock_console_sem+0x151/0x1f0 [ 275.469505] ? __alloc_pages_slowpath+0x2dd0/0x2dd0 [ 275.483753] ? vprintk_emit+0x293/0x990 [ 275.497924] ? find_held_lock+0x36/0x1c0 [ 275.502022] ? trace_hardirqs_off+0xb8/0x310 [ 275.506451] cache_grow_begin+0xa5/0x8c0 [ 275.510529] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 275.516080] ? check_preemption_disabled+0x48/0x280 [ 275.521132] kmem_cache_alloc_trace+0x684/0x750 [ 275.525824] kobject_uevent_env+0x2f3/0x101e [ 275.530260] kobject_uevent+0x1f/0x24 [ 275.534076] lo_ioctl+0x1385/0x1d60 [ 275.537728] ? lo_rw_aio+0x1ef0/0x1ef0 [ 275.541621] blkdev_ioctl+0x9ac/0x2010 [ 275.545518] ? blkpg_ioctl+0xc10/0xc10 [ 275.549419] ? lock_downgrade+0x900/0x900 [ 275.553596] ? check_preemption_disabled+0x48/0x280 [ 275.558638] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 275.563587] ? kasan_check_read+0x11/0x20 [ 275.567750] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 275.573043] ? rcu_softirq_qs+0x20/0x20 [ 275.577047] ? __fget+0x4d1/0x740 [ 275.580526] ? ksys_dup3+0x680/0x680 [ 275.584268] block_ioctl+0xee/0x130 [ 275.587908] ? blkdev_fallocate+0x400/0x400 [ 275.592242] do_vfs_ioctl+0x1de/0x1720 [ 275.596148] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 275.601697] ? ioctl_preallocate+0x300/0x300 [ 275.606119] ? __fget_light+0x2e9/0x430 [ 275.610113] ? fget_raw+0x20/0x20 [ 275.613592] ? rcu_read_lock_sched_held+0x14f/0x180 [ 275.613611] ? kmem_cache_free+0x24f/0x290 [ 275.613628] ? putname+0xf7/0x130 [ 275.613653] ? do_syscall_64+0x9a/0x820 [ 275.622886] ? do_syscall_64+0x9a/0x820 [ 275.622905] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 275.622927] ? security_file_ioctl+0x94/0xc0 [ 275.622946] ksys_ioctl+0xa9/0xd0 [ 275.622966] __x64_sys_ioctl+0x73/0xb0 [ 275.622985] do_syscall_64+0x1b9/0x820 [ 275.654522] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe 13:27:52 executing program 0: r0 = socket(0xa, 0x1, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4b, 0x1}, 0x7) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e23, @remote}], 0xffffffffffffff95) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000400)='/dev/dsp\x00'}, 0x30) fstat(r0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = syz_open_dev$dspn(&(0x7f00000004c0)='/dev/dsp#\x00', 0x5, 0x30000) ioctl$NBD_SET_SIZE(r6, 0xab02, 0x3) r7 = getpid() fsetxattr(r4, &(0x7f0000000080)=@known='user.syz\x00', &(0x7f0000000480)='keyring\x00', 0x8, 0x1) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000600)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6}}, &(0x7f0000000700)=0xe8) getgroups(0x5, &(0x7f0000000740)=[0xee01, 0xffffffffffffffff, 0xee01, 0xee01, 0xffffffffffffffff]) r10 = getpgid(0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000780)={{{@in6=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000fc0)=0xe8) fstat(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000ec0)={{{@in6=@mcast2, @in=@rand_addr=0x1f, 0x4e20, 0x0, 0x4e24, 0xfffffffffffffffd, 0xa, 0x80, 0xa0, 0x32, 0x0, r12}, {0x1, 0x2, 0x9, 0x5, 0x5a3, 0x3f, 0x6, 0x5}, {0x5, 0x7fffffff, 0x4, 0x7}, 0xcc73, 0x6e6bb9, 0x0, 0x0, 0x1, 0x2}, {{@in=@local, 0x4d6, 0x2b}, 0xa, @in=@rand_addr=0x3, 0x3500, 0x0, 0x0, 0x72a0, 0x6, 0x78359461, 0x6}}, 0xe8) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000940)=0x0) r15 = geteuid() getgroups(0x4, &(0x7f0000000980)=[0xee01, 0xee01, 0xffffffffffffffff, 0xee00]) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000a40)={{{@in6=@mcast1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@local}}, &(0x7f0000000b40)=0xe8) lstat(&(0x7f0000000b80)='./file0\x00', &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r19 = getpid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000c40)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f0000000d40)=0xe8) getgroups(0x8, &(0x7f0000000d80)=[0xee01, 0x0, 0x0, 0x0, 0xee01, 0xee00, 0xee00, 0xee01]) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000dc0)=0x0) write$P9_RLERROR(r4, &(0x7f0000001100)=ANY=[@ANYBLOB="1200647384000000000000e5000000000000c970feecec1f587242c2366eeac0f82366172a6b3c16ffa914b1bffcb5fd804d065d571fdab9541da4d923e0ae30a80776098879181e56f9bb031036ada1218f4664a72e919f103984380bc1557df9d8c82647dc7cea5c933dd51832a75e7013de19668997aca8aefcb1d4fc7768fbd4c65f9caea98c80a71cea89c49b1a29eca140ecdcf28b5c2b87cb7611f53cdae15b1e5927fc44fa1fd2cad82608e1d2edd0a78919d9089f35acb063b96e23819280bd53283360879aafd5d054c5e9a7e4e5fdab3aebfdf13d0ca1ca4c62a9a310970b29f577eaf8bb10f275978d8cab09264ec17f30e511bac5c51ebd87464471d6b3963a0a112bc281a157a0634c4f3b1e82b13760b6ec9462439ead6c066f48c44e97c65faf94a806f2"], 0x12) lstat(&(0x7f0000000e00)='./file0\x00', &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0}) r24 = getgid() sendmmsg$unix(0xffffffffffffffff, &(0x7f0000001000)=[{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000340)=[{&(0x7f0000000140)="1b5dae6a3bcf80dd4228364f7bcbcf51a61e5b50440a9ccca99e0b9bba07e52150ae8913e22e5167b09602c6a8877a01d69e5eec332d1fc892edfd21c7364b86d04fa7bc23afc906f3cf10a8871bf0b1998c161c45629fac1c4d3e5c9b5da5caf0fc8fce34ab1dd9c33f68e8419038f394c80a6042494580f523d2c218fb2bc8685a2d010cfdc3bc70ba1887b0ba5e34ff21e01cf89c7525c170fac34de7d0a82fce1fe78d442fc111ff17c3100449a8d21add4ac067e32ae43500dbc716b16761a39fd7dc50c569289931c1cbe4", 0xce}, {&(0x7f0000000240)="e06a907fd5822b96407dcef203a1e19a183e4c71a912565f37f5a942c9a33471e37ce8eb91d33b9c7309004170838367f83f98256c1657ea2cef22dd3fc1521e9aa81bdb747bee9b984597bc6cdc2da0c25aa4006ba7fb3b90d3deefeb1c0f543813c0ea4c2e86582d731d", 0x6b}, {&(0x7f00000002c0)="70e4a91bce1dc4919d775c2239d2efee75d4b1e67ba4ae864fe8f3c2dad875f90479710184cf6655242858e0bf5bd582189fb16bf521f38a321baaeb5a14676b73c2607fbc117ed2318bea508607054ab1cf06666ec083ada2dee7fab51c3908e9e53e46c10753e6c9", 0x69}], 0x3, &(0x7f0000001280)=ANY=[@ANYBLOB="1800000000000000010000000100000031060000006cfa204f878eae28740e263be777477c1cdd31e9edf6dc83805f80accdddd2e7d5b3", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="20000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r13, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r14, @ANYRES32=r15, @ANYRES32=r16, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32, @ANYRES32=r17, @ANYRES32=r18, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r19, @ANYRES32=r20, @ANYRES32=r21, @ANYBLOB="00000000200000000000000001000000020000007b9ef795c6142761bdb6ffaa82d567627d79c2b036676e8e9612e386e3504a0cdaeaaf9a52f9b3683c3bfd0b4bff4dec2def6a777bcfbec140c3dd07abc85fcce7f26738a4d9719434c967f7cb12641377802af179ca295bf77554b733fa45dc87145d625be793b1b945b30b072ed909cdbe6512030bf02cdf40f8c6d7134ad3be8ba161217921c1da8184886df330ab2b6a04df2a6aeccfbd14e018099279074e62aa58eea7624d60969b4759a516c353a4e2d2d96d82ffd42fc80f781bfedc307e8cb5cace4abfd0dcfe35bbed64679066bafd9a7ad4072bce1888e761fb5d1653e0fc08", @ANYRES32=r22, @ANYRES32=r23, @ANYRES32=r24, @ANYBLOB='\x00\x00\x00\x00'], 0x130, 0x1}], 0x1, 0x20000000) 13:27:52 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:52 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="7400000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:52 executing program 0: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000)) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 275.659903] ? syscall_return_slowpath+0x5e0/0x5e0 [ 275.665191] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 275.670053] ? trace_hardirqs_on_caller+0x310/0x310 [ 275.675100] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 275.680137] ? prepare_exit_to_usermode+0x291/0x3b0 [ 275.685170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 275.690030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 275.695220] RIP: 0033:0x4573d7 [ 275.695238] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 275.695247] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 275.695263] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 275.695273] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 275.695282] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 275.695292] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 275.695301] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 275.724414] EXT4-fs (sda1): re-mounted. Opts: [ 275.886914] EXT4-fs (sda1): re-mounted. Opts: 13:27:53 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x100000000000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_ifreq(r0, 0x8919, &(0x7f0000000000)={'veth0_to_bond\x00', @ifru_addrs=@can={0x1d, 0x0}}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={@mcast1, @mcast1, @mcast2, 0x301f, 0x1, 0x80, 0x0, 0x10001, 0x1, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:53 executing program 2: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000200), &(0x7f0000000240)}}, &(0x7f00000002c0)) r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x1, 0x0) readv(r0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/7, 0x7}], 0x1) r1 = gettid() ioctl$int_in(r0, 0x800000c0045005, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f00000016c0)={{}, {0x0, 0x989680}}, &(0x7f0000001680)) tkill(r1, 0x15) 13:27:53 executing program 3 (fault-call:3 fault-nth:20): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0200000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 276.124770] FAULT_INJECTION: forcing a failure. [ 276.124770] name failslab, interval 1, probability 0, space 0, times 0 [ 276.148368] CPU: 0 PID: 10280 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 276.156905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.166265] Call Trace: [ 276.168872] dump_stack+0x244/0x39d 13:27:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockname$inet6(r0, &(0x7f0000000000), &(0x7f0000000040)=0x1c) [ 276.172519] ? dump_stack_print_info.cold.1+0x20/0x20 [ 276.177734] ? is_bpf_text_address+0xd3/0x170 [ 276.182243] should_fail.cold.4+0xa/0x17 [ 276.186321] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 276.191451] ? zap_class+0x640/0x640 [ 276.195178] ? save_stack+0x43/0xd0 [ 276.198817] ? kasan_kmalloc+0xc7/0xe0 [ 276.202718] ? kmem_cache_alloc_trace+0x152/0x750 [ 276.207566] ? kobject_uevent_env+0x2f3/0x101e [ 276.212166] ? kobject_uevent+0x1f/0x24 [ 276.216151] ? lo_ioctl+0x1385/0x1d60 [ 276.219964] ? find_held_lock+0x36/0x1c0 13:27:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = getpid() r2 = getpgid(0xffffffffffffffff) rt_tgsigqueueinfo(r1, r2, 0x0, &(0x7f0000000000)={0x21, 0x4, 0xf2d8, 0x208}) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 276.219987] ? __lock_is_held+0xb5/0x140 [ 276.220002] ? efi_alloc_page_tables+0xed/0x352 [ 276.220029] ? perf_trace_sched_process_exec+0x860/0x860 [ 276.238245] __should_failslab+0x124/0x180 [ 276.238267] should_failslab+0x9/0x14 [ 276.238284] __kmalloc+0x2e0/0x760 [ 276.238301] ? kobject_uevent_env+0x2f3/0x101e [ 276.238319] ? rcu_read_lock_sched_held+0x14f/0x180 [ 276.238333] ? kobject_get_path+0xc2/0x1b0 [ 276.238354] ? kmem_cache_alloc_trace+0x353/0x750 [ 276.249924] kobject_get_path+0xc2/0x1b0 [ 276.259508] kobject_uevent_env+0x314/0x101e [ 276.259537] kobject_uevent+0x1f/0x24 [ 276.259553] lo_ioctl+0x1385/0x1d60 [ 276.259590] ? lo_rw_aio+0x1ef0/0x1ef0 [ 276.288389] blkdev_ioctl+0x9ac/0x2010 [ 276.290053] EXT4-fs (sda1): re-mounted. Opts: [ 276.292288] ? blkpg_ioctl+0xc10/0xc10 [ 276.292305] ? lock_downgrade+0x900/0x900 [ 276.292321] ? check_preemption_disabled+0x48/0x280 [ 276.292345] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 276.292362] ? kasan_check_read+0x11/0x20 [ 276.292380] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 13:27:53 executing program 0: socket(0x5, 0x1, 0xa) [ 276.292397] ? rcu_softirq_qs+0x20/0x20 [ 276.292426] ? __fget+0x4d1/0x740 [ 276.292448] ? ksys_dup3+0x680/0x680 [ 276.292479] block_ioctl+0xee/0x130 [ 276.292496] ? blkdev_fallocate+0x400/0x400 [ 276.292513] do_vfs_ioctl+0x1de/0x1720 [ 276.292533] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 276.292552] ? ioctl_preallocate+0x300/0x300 [ 276.292570] ? __fget_light+0x2e9/0x430 [ 276.292603] ? fget_raw+0x20/0x20 [ 276.292621] ? rcu_read_lock_sched_held+0x14f/0x180 [ 276.292638] ? kmem_cache_free+0x24f/0x290 13:27:53 executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x200, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e20, @multicast1}}, 0x40, 0x1}, &(0x7f0000000100)=0x90) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000140)={r1, 0x1}, &(0x7f00000001c0)=0x8) r2 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r2, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 276.292655] ? putname+0xf7/0x130 [ 276.292684] ? do_syscall_64+0x9a/0x820 [ 276.381519] ? do_syscall_64+0x9a/0x820 [ 276.385514] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 276.390113] ? security_file_ioctl+0x94/0xc0 [ 276.394543] ksys_ioctl+0xa9/0xd0 [ 276.398024] __x64_sys_ioctl+0x73/0xb0 [ 276.401926] do_syscall_64+0x1b9/0x820 [ 276.405823] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 276.411201] ? syscall_return_slowpath+0x5e0/0x5e0 [ 276.416149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 276.421013] ? trace_hardirqs_on_caller+0x310/0x310 13:27:53 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) [ 276.426043] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 276.431071] ? prepare_exit_to_usermode+0x291/0x3b0 [ 276.436107] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 276.440974] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 276.446173] RIP: 0033:0x4573d7 [ 276.449370] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 276.468276] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 13:27:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 276.468292] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 276.468302] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 276.468311] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 276.468321] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 276.468331] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 [ 276.518382] EXT4-fs (sda1): re-mounted. Opts: 13:27:53 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000680", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:53 executing program 3 (fault-call:3 fault-nth:21): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:53 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x8dffffff, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:53 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x1) ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000040)=0x8001) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:53 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x11, "e44c73447167624765b26a8652eff375fd"}, &(0x7f0000000100)=0x35) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) 13:27:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:53 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 277.002692] FAULT_INJECTION: forcing a failure. [ 277.002692] name failslab, interval 1, probability 0, space 0, times 0 [ 277.048390] CPU: 1 PID: 10332 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 277.056918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.066279] Call Trace: [ 277.068891] dump_stack+0x244/0x39d [ 277.072540] ? dump_stack_print_info.cold.1+0x20/0x20 [ 277.077767] should_fail.cold.4+0xa/0x17 [ 277.081848] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 277.086961] ? __save_stack_trace+0x8d/0xf0 [ 277.091309] ? zap_class+0x640/0x640 [ 277.095041] ? save_stack+0xa9/0xd0 13:27:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x8}) io_setup(0x100, &(0x7f0000000040)=0x0) io_getevents(r1, 0x0, 0x3, &(0x7f0000000080)=[{}, {}, {}], &(0x7f0000000100)={0x0, 0x1c9c380}) accept4$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000001c0)=0x14, 0x80000) bind$can_raw(r0, &(0x7f0000000200)={0x1d, r2}, 0x10) clock_gettime(0x1, &(0x7f0000000000)) creat(&(0x7f0000000240)='./file0\x00', 0x20) get_thread_area(&(0x7f0000000140)={0x2, 0x20000000, 0x2000, 0x2, 0x4, 0x80000000, 0x8001, 0xfb7e, 0x3, 0x81}) [ 277.098699] ? save_stack+0x43/0xd0 [ 277.102354] ? find_held_lock+0x36/0x1c0 [ 277.106431] ? __lock_is_held+0xb5/0x140 [ 277.110515] ? zap_class+0x640/0x640 [ 277.114244] ? perf_trace_sched_process_exec+0x860/0x860 [ 277.119712] ? check_preemption_disabled+0x48/0x280 [ 277.124757] __should_failslab+0x124/0x180 [ 277.129005] should_failslab+0x9/0x14 [ 277.132821] kmem_cache_alloc_node_trace+0x270/0x740 [ 277.137949] __kmalloc_node_track_caller+0x3c/0x70 [ 277.142893] __kmalloc_reserve.isra.40+0x41/0xe0 [ 277.147664] __alloc_skb+0x150/0x770 [ 277.151390] ? netdev_alloc_frag+0x1f0/0x1f0 [ 277.155812] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 277.160745] ? kasan_check_read+0x11/0x20 [ 277.164903] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 277.170188] ? rcu_softirq_qs+0x20/0x20 [ 277.174253] ? netlink_has_listeners+0x2cb/0x4a0 [ 277.179025] ? netlink_tap_init_net+0x3d0/0x3d0 [ 277.183703] alloc_uevent_skb+0x84/0x1da [ 277.187776] kobject_uevent_env+0xa52/0x101e [ 277.192201] kobject_uevent+0x1f/0x24 [ 277.196013] lo_ioctl+0x1385/0x1d60 [ 277.199656] ? lo_rw_aio+0x1ef0/0x1ef0 [ 277.203549] blkdev_ioctl+0x9ac/0x2010 [ 277.207452] ? blkpg_ioctl+0xc10/0xc10 [ 277.211346] ? lock_downgrade+0x900/0x900 [ 277.215503] ? check_preemption_disabled+0x48/0x280 [ 277.220532] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 277.225472] ? kasan_check_read+0x11/0x20 [ 277.229630] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 277.234914] ? rcu_softirq_qs+0x20/0x20 [ 277.238908] ? __fget+0x4d1/0x740 [ 277.242374] ? ksys_dup3+0x680/0x680 [ 277.246115] block_ioctl+0xee/0x130 [ 277.249746] ? blkdev_fallocate+0x400/0x400 [ 277.254073] do_vfs_ioctl+0x1de/0x1720 [ 277.257974] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 277.263520] ? ioctl_preallocate+0x300/0x300 [ 277.267936] ? __fget_light+0x2e9/0x430 [ 277.271917] ? fget_raw+0x20/0x20 [ 277.275379] ? rcu_read_lock_sched_held+0x14f/0x180 [ 277.280399] ? kmem_cache_free+0x24f/0x290 [ 277.284644] ? putname+0xf7/0x130 [ 277.288111] ? do_syscall_64+0x9a/0x820 [ 277.292097] ? do_syscall_64+0x9a/0x820 [ 277.296080] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 277.300682] ? security_file_ioctl+0x94/0xc0 [ 277.305107] ksys_ioctl+0xa9/0xd0 [ 277.308583] __x64_sys_ioctl+0x73/0xb0 [ 277.312486] do_syscall_64+0x1b9/0x820 [ 277.316382] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 277.321755] ? syscall_return_slowpath+0x5e0/0x5e0 [ 277.326694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.331547] ? trace_hardirqs_on_caller+0x310/0x310 [ 277.336592] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 277.341621] ? prepare_exit_to_usermode+0x291/0x3b0 [ 277.346665] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 277.351521] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 277.356710] RIP: 0033:0x4573d7 [ 277.359909] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 277.378813] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 277.386529] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 13:27:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 277.393799] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 277.401072] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 277.408346] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 277.415616] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 277.548217] EXT4-fs (sda1): re-mounted. Opts: 13:27:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000100)) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f0000000240)="6e65742ff9ff7800") ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000040)={0x80000001, 0x8000, 0xdb, 0x1, 0x63, 0x4b7}) timer_create(0x6, &(0x7f0000000000)={0x0, 0x4, 0x0, @tid=r1}, &(0x7f00000000c0)=0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) timer_settime(r3, 0x1, &(0x7f0000000180)={{}, {r4, r5+10000000}}, 0x0) 13:27:54 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="001f000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:54 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xf0ffffff00000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:54 executing program 3 (fault-call:3 fault-nth:22): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:54 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x11, "e44c73447167624765b26a8652eff375fd"}, &(0x7f0000000100)=0x35) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) 13:27:54 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='$vboxnet0\x00', r1}, 0x10) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) [ 277.882548] FAULT_INJECTION: forcing a failure. [ 277.882548] name failslab, interval 1, probability 0, space 0, times 0 [ 277.898023] CPU: 1 PID: 10385 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 277.906552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 277.915926] Call Trace: [ 277.918536] dump_stack+0x244/0x39d [ 277.922182] ? dump_stack_print_info.cold.1+0x20/0x20 [ 277.927418] should_fail.cold.4+0xa/0x17 [ 277.931502] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 277.936621] ? __save_stack_trace+0x8d/0xf0 [ 277.940971] ? zap_class+0x640/0x640 [ 277.944698] ? save_stack+0xa9/0xd0 [ 277.948336] ? save_stack+0x43/0xd0 [ 277.951983] ? find_held_lock+0x36/0x1c0 [ 277.956057] ? __lock_is_held+0xb5/0x140 [ 277.960159] ? zap_class+0x640/0x640 [ 277.964329] ? perf_trace_sched_process_exec+0x860/0x860 [ 277.969792] ? check_preemption_disabled+0x48/0x280 [ 277.974829] __should_failslab+0x124/0x180 [ 277.979082] should_failslab+0x9/0x14 13:27:54 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@ipv4, @loopback, @empty, 0x0, 0x4}) [ 277.979108] kmem_cache_alloc_node_trace+0x270/0x740 [ 277.979138] __kmalloc_node_track_caller+0x3c/0x70 [ 277.979160] __kmalloc_reserve.isra.40+0x41/0xe0 [ 277.979181] __alloc_skb+0x150/0x770 [ 278.001442] ? netdev_alloc_frag+0x1f0/0x1f0 [ 278.005867] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 278.010810] ? kasan_check_read+0x11/0x20 [ 278.014975] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 278.020266] ? rcu_softirq_qs+0x20/0x20 [ 278.024265] ? netlink_has_listeners+0x2cb/0x4a0 [ 278.029037] ? netlink_tap_init_net+0x3d0/0x3d0 [ 278.033717] alloc_uevent_skb+0x84/0x1da [ 278.037783] kobject_uevent_env+0xa52/0x101e [ 278.042207] kobject_uevent+0x1f/0x24 [ 278.046007] lo_ioctl+0x1385/0x1d60 [ 278.049659] ? lo_rw_aio+0x1ef0/0x1ef0 [ 278.053567] blkdev_ioctl+0x9ac/0x2010 [ 278.057467] ? blkpg_ioctl+0xc10/0xc10 [ 278.061358] ? lock_downgrade+0x900/0x900 [ 278.065507] ? check_preemption_disabled+0x48/0x280 [ 278.070533] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 278.075466] ? kasan_check_read+0x11/0x20 [ 278.079617] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 278.084896] ? rcu_softirq_qs+0x20/0x20 [ 278.088881] ? __fget+0x4d1/0x740 [ 278.092342] ? ksys_dup3+0x680/0x680 [ 278.096070] block_ioctl+0xee/0x130 [ 278.099701] ? blkdev_fallocate+0x400/0x400 [ 278.104028] do_vfs_ioctl+0x1de/0x1720 [ 278.107921] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 278.113466] ? ioctl_preallocate+0x300/0x300 [ 278.117874] ? __fget_light+0x2e9/0x430 [ 278.121849] ? fget_raw+0x20/0x20 [ 278.125310] ? rcu_read_lock_sched_held+0x14f/0x180 [ 278.130333] ? kmem_cache_free+0x24f/0x290 [ 278.134568] ? putname+0xf7/0x130 [ 278.138037] ? do_syscall_64+0x9a/0x820 [ 278.142013] ? do_syscall_64+0x9a/0x820 [ 278.145994] ? lockdep_hardirqs_on+0x3bb/0x5b0 [ 278.150591] ? security_file_ioctl+0x94/0xc0 [ 278.155012] ksys_ioctl+0xa9/0xd0 [ 278.158471] __x64_sys_ioctl+0x73/0xb0 [ 278.162366] do_syscall_64+0x1b9/0x820 [ 278.166259] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 278.171629] ? syscall_return_slowpath+0x5e0/0x5e0 [ 278.176560] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.181414] ? trace_hardirqs_on_caller+0x310/0x310 [ 278.186434] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 278.191453] ? prepare_exit_to_usermode+0x291/0x3b0 [ 278.196474] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.201330] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.206517] RIP: 0033:0x4573d7 [ 278.209721] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5d b5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 13:27:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 278.228635] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 278.236362] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 00000000004573d7 [ 278.243629] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 278.250896] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 278.258162] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 278.265444] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:55 executing program 3 (fault-call:3 fault-nth:23): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:55 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e21}}}, &(0x7f00000000c0)=0x84) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000100)={0x2e, 0x1, 0xb3, 0x9, r1}, 0x10) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) 13:27:55 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xf00000000000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="fffffdfc80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 278.510287] FAULT_INJECTION: forcing a failure. [ 278.510287] name failslab, interval 1, probability 0, space 0, times 0 [ 278.558452] CPU: 0 PID: 10425 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 278.566980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 278.566991] Call Trace: [ 278.578942] dump_stack+0x244/0x39d [ 278.582608] ? dump_stack_print_info.cold.1+0x20/0x20 [ 278.587811] ? lo_ioctl+0xe6/0x1d60 [ 278.591451] should_fail.cold.4+0xa/0x17 [ 278.595525] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 278.600643] ? blkpg_ioctl+0xc10/0xc10 [ 278.604540] ? lock_downgrade+0x900/0x900 [ 278.608718] ? check_preemption_disabled+0x48/0x280 [ 278.613751] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 278.613769] ? kasan_check_read+0x11/0x20 [ 278.613787] ? rcu_dynticks_curr_cpu_in_eqs+0xa2/0x170 [ 278.613815] ? find_held_lock+0x36/0x1c0 [ 278.632226] ? perf_trace_sched_process_exec+0x860/0x860 [ 278.637688] ? block_ioctl+0xee/0x130 [ 278.641505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 278.647060] __should_failslab+0x124/0x180 [ 278.651310] should_failslab+0x9/0x14 [ 278.655122] kmem_cache_alloc+0x2be/0x730 [ 278.659282] ? fget_raw+0x20/0x20 [ 278.662748] ? retint_kernel+0x1b/0x2d [ 278.666650] getname_flags+0xd0/0x590 [ 278.670467] do_mkdirat+0xc5/0x310 [ 278.674029] ? __ia32_sys_mknod+0xb0/0xb0 [ 278.678189] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.683569] ? trace_hardirqs_off_caller+0x300/0x300 [ 278.688701] ? ksys_ioctl+0x81/0xd0 [ 278.692344] __x64_sys_mkdir+0x5c/0x80 [ 278.696243] do_syscall_64+0x1b9/0x820 [ 278.700152] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 278.705533] ? syscall_return_slowpath+0x5e0/0x5e0 [ 278.710476] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.715333] ? trace_hardirqs_on_caller+0x310/0x310 [ 278.720361] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 278.725390] ? prepare_exit_to_usermode+0x291/0x3b0 [ 278.730430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 278.735293] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 278.740491] RIP: 0033:0x456987 13:27:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0x81785501, &(0x7f0000000040)) 13:27:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:55 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) write$binfmt_elf64(r0, &(0x7f0000000000)=ANY=[], 0xffffff94) ioctl$SG_GET_NUM_WAITING(r0, 0x2286, &(0x7f0000000200)) 13:27:55 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) 13:27:55 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:55 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7ff, 0x42) socket(0x11, 0x4, 0x5) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)=0x3ea6) [ 278.743695] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad bf fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 278.762619] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 278.770335] RAX: ffffffffffffffda RBX: 0000000020000110 RCX: 0000000000456987 [ 278.777622] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000080 [ 278.784897] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 278.792174] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 278.792184] R13: 0000000000000000 R14: 00000000004d7d88 R15: 0000000000000003 13:27:55 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="007a000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 278.935745] EXT4-fs: 2 callbacks suppressed [ 278.935756] EXT4-fs (sda1): re-mounted. Opts: 13:27:55 executing program 3 (fault-call:3 fault-nth:24): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:55 executing program 0: fstat(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffff9c, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_xen(&(0x7f0000000080)='-eth1\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x80000, &(0x7f0000000400)={'trans=xen,', {[{@access_any='access=any'}, {@cache_mmap='cache=mmap'}, {@noextend='noextend'}], [{@rootcontext={'rootcontext', 0x3d, 'system_u'}}, {@subj_type={'subj_type', 0x3d, '/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}}, {@euid_eq={'euid', 0x3d, r0}}, {@euid_gt={'euid>', r1}}, {@fowner_lt={'fowner<', r2}}, {@appraise_type='appraise_type=imasig'}, {@seclabel='seclabel'}]}}) r3 = socket(0x100000000000a, 0x1, 0x8) ioctl$sock_inet6_SIOCDELRT(r3, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) setns(r4, 0x40000000) ioctl$EVIOCSABS0(r4, 0x401845c0, &(0x7f0000000040)={0xfffffffffffffffe, 0x80000001, 0x401, 0xff, 0x1003c0000002, 0x7}) [ 279.067160] EXT4-fs (sda1): re-mounted. Opts: [ 279.104056] FAULT_INJECTION: forcing a failure. [ 279.104056] name failslab, interval 1, probability 0, space 0, times 0 [ 279.118281] CPU: 0 PID: 10475 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 279.126791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.136157] Call Trace: [ 279.138772] dump_stack+0x244/0x39d [ 279.142429] ? dump_stack_print_info.cold.1+0x20/0x20 [ 279.147636] ? __handle_mm_fault+0xa57/0x5be0 [ 279.152147] should_fail.cold.4+0xa/0x17 [ 279.156220] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 279.161335] ? kasan_check_read+0x11/0x20 [ 279.165494] ? do_raw_spin_unlock+0xa7/0x330 [ 279.169922] ? trace_hardirqs_on+0x310/0x310 [ 279.174352] ? zap_class+0x640/0x640 [ 279.178085] ? zap_class+0x640/0x640 [ 279.181834] ? zap_class+0x640/0x640 [ 279.185539] ? find_held_lock+0x36/0x1c0 [ 279.189629] ? rcu_read_unlock_special+0x1c0/0x1c0 [ 279.194546] ? perf_trace_sched_process_exec+0x860/0x860 [ 279.199982] ? rcu_softirq_qs+0x20/0x20 [ 279.203946] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.209472] __should_failslab+0x124/0x180 [ 279.213699] should_failslab+0x9/0x14 [ 279.217491] __kmalloc_track_caller+0x2d1/0x760 [ 279.222147] ? strncpy_from_user+0x5a0/0x5a0 [ 279.226545] ? strndup_user+0x77/0xd0 [ 279.230347] memdup_user+0x2c/0xa0 [ 279.233890] strndup_user+0x77/0xd0 [ 279.237504] ksys_mount+0x3c/0x140 [ 279.241033] __x64_sys_mount+0xbe/0x150 [ 279.244996] do_syscall_64+0x1b9/0x820 [ 279.248872] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 279.254251] ? syscall_return_slowpath+0x5e0/0x5e0 [ 279.259183] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.264015] ? trace_hardirqs_on_caller+0x310/0x310 [ 279.269019] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 279.274064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.279600] ? prepare_exit_to_usermode+0x291/0x3b0 [ 279.284612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.289458] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.294635] RIP: 0033:0x459fda [ 279.297815] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 279.316702] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 279.324394] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 279.331647] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 279.338900] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 279.346155] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 13:27:56 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x4000000000000000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:56 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) 13:27:56 executing program 0: r0 = syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x1ff, 0x805) accept4$unix(r0, &(0x7f0000000180)=@abs, &(0x7f0000000200)=0x6e, 0x80000) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f0000000040)=""/136, 0x8000, 0x800, 0x3f}, 0x18) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfe, 0x200000}, 0xc) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:56 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0d50000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 279.353421] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 13:27:56 executing program 0: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4cb9, 0x40) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f00000000c0)={r2, 0x5}, 0x8) 13:27:56 executing program 3 (fault-call:3 fault-nth:25): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:56 executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1, 0x2) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000040)={0x10000, 0x7}) write$P9_RFLUSH(r1, &(0x7f0000000080)={0x7, 0x6d, 0x2}, 0x7) socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@mcast1, @loopback, @empty, 0x0, 0x1}) [ 279.647177] FAULT_INJECTION: forcing a failure. [ 279.647177] name failslab, interval 1, probability 0, space 0, times 0 [ 279.681175] EXT4-fs (sda1): re-mounted. Opts: [ 279.695659] CPU: 0 PID: 10509 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 279.704178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.713537] Call Trace: [ 279.716145] dump_stack+0x244/0x39d [ 279.719791] ? dump_stack_print_info.cold.1+0x20/0x20 [ 279.724995] ? __kernel_text_address+0xd/0x40 [ 279.729496] ? unwind_get_return_address+0x61/0xa0 [ 279.734438] should_fail.cold.4+0xa/0x17 [ 279.738510] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 279.743630] ? kasan_kmalloc+0xc7/0xe0 [ 279.747523] ? __kmalloc_track_caller+0x157/0x760 [ 279.752373] ? memdup_user+0x2c/0xa0 [ 279.756092] ? zap_class+0x640/0x640 [ 279.759813] ? do_syscall_64+0x1b9/0x820 [ 279.763976] ? zap_class+0x640/0x640 [ 279.767697] ? zap_class+0x640/0x640 [ 279.771426] ? find_held_lock+0x36/0x1c0 [ 279.775520] ? perf_trace_sched_process_exec+0x860/0x860 [ 279.780977] ? lock_release+0xa10/0xa10 [ 279.784960] ? perf_trace_sched_process_exec+0x860/0x860 [ 279.790420] ? usercopy_warn+0x110/0x110 [ 279.794494] __should_failslab+0x124/0x180 [ 279.798742] should_failslab+0x9/0x14 [ 279.802550] kmem_cache_alloc_trace+0x2d7/0x750 [ 279.807245] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.812788] ? _copy_from_user+0xdf/0x150 [ 279.816954] copy_mount_options+0x5f/0x430 [ 279.821203] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 279.826749] ksys_mount+0xd0/0x140 [ 279.830301] __x64_sys_mount+0xbe/0x150 [ 279.834747] do_syscall_64+0x1b9/0x820 [ 279.838644] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 279.844020] ? syscall_return_slowpath+0x5e0/0x5e0 [ 279.848958] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.853815] ? trace_hardirqs_on_caller+0x310/0x310 [ 279.858843] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 279.863872] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 279.869422] ? prepare_exit_to_usermode+0x291/0x3b0 [ 279.874455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 279.879311] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 279.884508] RIP: 0033:0x459fda [ 279.887708] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 279.906624] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 279.914341] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 279.921615] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 279.928889] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 279.936164] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 13:27:56 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 279.943436] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 13:27:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0005000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 280.220998] EXT4-fs (sda1): re-mounted. Opts: 13:27:57 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0x100000, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:57 executing program 3 (fault-call:3 fault-nth:26): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:57 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x200000, 0x0) sendto$inet6(r0, &(0x7f00000000c0)="3cd27deb4801c184c9b38ed9803bea10fd450dc6ee5dbb0bc47e683bd96a03e794ae3751a0494a77325eb94af6828e55a249b4f060e683725858c97187bcb85e325a6d57895f25fd79f1", 0x4a, 0x48014, &(0x7f0000000140)={0xa, 0x4e21, 0x3ff, @empty, 0x3}, 0x1c) r1 = socket(0x8, 0xfffffffffffffffd, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) socketpair$inet6(0xa, 0x6, 0x4, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f0000000040)={r1}) 13:27:57 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f00000f0000/0x4000)=nil, 0x4000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c831, 0xffffffffffffffff, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000000)={0x0, 0x110000}) socket$netlink(0x10, 0x3, 0x4) r3 = open(&(0x7f0000000040)='./file0\x00', 0x44240, 0x40) getsockopt$IPT_SO_GET_ENTRIES(r3, 0x0, 0x41, &(0x7f00000000c0)={'nat\x00', 0x13, "e44c73447167624765b26a8652eff375fdc0b1"}, &(0x7f0000000100)=0x37) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f0000000140)="360f303e0f01df6766c7442400090000006766c7442402020000006766c744240600000000670f011c240f20c06635200000000f22c0263356470f0764f30f2a342e260f0f970a008e0f08660f5808", 0x4f}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000003c0)=0x5) 13:27:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:57 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="1000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) [ 280.332478] FAULT_INJECTION: forcing a failure. [ 280.332478] name failslab, interval 1, probability 0, space 0, times 0 [ 280.371018] CPU: 0 PID: 10548 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 280.379563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.388937] Call Trace: [ 280.391546] dump_stack+0x244/0x39d [ 280.395260] ? dump_stack_print_info.cold.1+0x20/0x20 [ 280.400472] ? __kernel_text_address+0xd/0x40 [ 280.404988] ? unwind_get_return_address+0x61/0xa0 [ 280.409935] should_fail.cold.4+0xa/0x17 [ 280.414016] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 280.419141] ? save_stack+0x43/0xd0 [ 280.422776] ? kasan_kmalloc+0xc7/0xe0 [ 280.426669] ? __kmalloc_track_caller+0x157/0x760 [ 280.431513] ? memdup_user+0x2c/0xa0 [ 280.435234] ? do_syscall_64+0x1b9/0x820 [ 280.439318] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.444687] ? zap_class+0x640/0x640 [ 280.448408] ? check_preemption_disabled+0x48/0x280 [ 280.453431] ? find_held_lock+0x36/0x1c0 [ 280.457515] ? perf_trace_sched_process_exec+0x860/0x860 [ 280.462972] ? lock_release+0xa10/0xa10 [ 280.466951] ? perf_trace_sched_process_exec+0x860/0x860 [ 280.472413] __should_failslab+0x124/0x180 [ 280.476661] should_failslab+0x9/0x14 [ 280.480461] __kmalloc_track_caller+0x2d1/0x760 [ 280.485133] ? strncpy_from_user+0x5a0/0x5a0 [ 280.489542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 280.495088] ? strndup_user+0x77/0xd0 [ 280.498896] memdup_user+0x2c/0xa0 [ 280.502440] strndup_user+0x77/0xd0 [ 280.506074] ksys_mount+0x73/0x140 [ 280.509622] __x64_sys_mount+0xbe/0x150 [ 280.513619] do_syscall_64+0x1b9/0x820 [ 280.517512] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 280.522879] ? syscall_return_slowpath+0x5e0/0x5e0 [ 280.527808] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.532653] ? trace_hardirqs_on_caller+0x310/0x310 [ 280.537671] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 280.542695] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.548233] ? prepare_exit_to_usermode+0x291/0x3b0 [ 280.553258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 280.558123] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 280.563320] RIP: 0033:0x459fda 13:27:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) [ 280.566522] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 280.585429] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 280.593140] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 280.600410] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 280.607683] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 280.614953] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 [ 280.622220] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 13:27:57 executing program 3 (fault-call:3 fault-nth:27): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:57 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:57 executing program 0: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x10440, 0x0) bind(r0, &(0x7f0000000040)=@un=@file={0x0, './file0\x00'}, 0x80) r1 = socket(0xa, 0x1, 0x0) ioctl$sock_inet6_SIOCDELRT(r1, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) 13:27:57 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000100)='cgroup.procs\x00', 0x2, 0x0) r2 = socket$kcm(0x29, 0x5, 0x0) sendfile(r2, r1, &(0x7f0000000140), 0x10001) [ 280.879501] FAULT_INJECTION: forcing a failure. [ 280.879501] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 280.891374] CPU: 1 PID: 10584 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 280.899872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 280.909242] Call Trace: [ 280.911855] dump_stack+0x244/0x39d [ 280.915511] ? dump_stack_print_info.cold.1+0x20/0x20 [ 280.920738] should_fail.cold.4+0xa/0x17 [ 280.924813] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 280.929932] ? __lock_acquire+0x62f/0x4c20 [ 280.934174] ? lock_downgrade+0x900/0x900 [ 280.938335] ? check_preemption_disabled+0x48/0x280 [ 280.943373] ? mark_held_locks+0x130/0x130 [ 280.947623] ? mark_held_locks+0x130/0x130 [ 280.947650] ? is_bpf_text_address+0xd3/0x170 [ 280.947671] ? kernel_text_address+0x79/0xf0 [ 280.956389] ? __kernel_text_address+0xd/0x40 [ 280.956405] ? unwind_get_return_address+0x61/0xa0 [ 280.956423] ? __save_stack_trace+0x8d/0xf0 [ 280.956442] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 280.956457] ? should_fail+0x22d/0xd01 [ 280.956474] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 280.989607] __alloc_pages_nodemask+0x34b/0xdd0 [ 280.994416] ? __kmalloc_track_caller+0x157/0x760 [ 280.999272] ? memdup_user+0x2c/0xa0 [ 280.999296] ? __alloc_pages_slowpath+0x2dd0/0x2dd0 [ 280.999322] ? find_held_lock+0x36/0x1c0 [ 280.999359] ? trace_hardirqs_off+0xb8/0x310 [ 281.016528] cache_grow_begin+0xa5/0x8c0 [ 281.020611] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.026161] ? check_preemption_disabled+0x48/0x280 [ 281.026187] kmem_cache_alloc_trace+0x684/0x750 [ 281.026209] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.041448] copy_mount_options+0x5f/0x430 [ 281.045705] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.051259] ksys_mount+0xd0/0x140 [ 281.054813] __x64_sys_mount+0xbe/0x150 [ 281.054836] do_syscall_64+0x1b9/0x820 [ 281.054857] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 281.062716] ? syscall_return_slowpath+0x5e0/0x5e0 [ 281.062733] ? trace_hardirqs_off_thunk+0x1a/0x1c 13:27:58 executing program 2: [ 281.062751] ? trace_hardirqs_on_caller+0x310/0x310 [ 281.062767] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 281.062784] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.062800] ? prepare_exit_to_usermode+0x291/0x3b0 [ 281.062819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.062842] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.062855] RIP: 0033:0x459fda [ 281.062871] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 281.062880] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 281.062894] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 281.062903] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 281.062912] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 281.062920] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 [ 281.062928] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 13:27:58 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r1, &(0x7f0000000000)={0x0, 0xf00, &(0x7f0000000700)=[{&(0x7f00000013c0)=""/4096, 0x200023c0}], 0x1, &(0x7f0000000040)=""/16, 0x10}, 0x0) 13:27:58 executing program 0: r0 = socket(0xa, 0x1, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x2, 0x8000) ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f0000000280)=""/247) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000400)=0x5) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000480)={&(0x7f0000000440)=[0x7, 0x9, 0x1], 0x3, 0x4, 0x0, 0x800, 0x80000000, 0x7fffffff, {0x2, 0x6cd, 0x6cf8, 0x5, 0x4, 0x81, 0x6, 0x3, 0xfffffffffffff3a4, 0x800, 0x7f, 0x7, 0x1000, 0x8000000000000000, "04d90756d9e614f0ef80fd6474d115f0e559fe96af1d7c2f05b18ddc9af9cc59"}}) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000140)={0x0, 0x6, 0xffffffffffffff80, 0x53}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000001c0)={r4, @in6={{0xa, 0x4e24, 0x4, @local, 0x55}}, 0x82, 0x80}, 0x90) write$evdev(r1, &(0x7f0000000080)=[{{0x0, 0x7530}, 0x7, 0x121, 0x4}, {{0x0, 0x7530}, 0x1f, 0xf661, 0x40}, {{0x77359400}, 0x17, 0x2, 0x1}, {{r2, r3/1000+10000}, 0x1f, 0x7f, 0x7}, {{0x77359400}, 0x16, 0x4, 0xfffffffffffffffd}, {{0x0, 0x2710}, 0x17, 0x1f, 0x4}], 0x90) shmget$private(0x0, 0x1000, 0x312, &(0x7f0000fff000/0x1000)=nil) ioctl$sock_inet6_SIOCDELRT(r0, 0x8983, &(0x7f0000000380)={@local, @loopback, @empty, 0x4, 0x0, 0x0, 0x500, 0x2000000000}) 13:27:58 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:58 executing program 2: [ 281.123942] EXT4-fs (sda1): re-mounted. Opts: [ 281.183689] EXT4-fs (sda1): re-mounted. Opts: 13:27:58 executing program 2: 13:27:58 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000004c80", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:58 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:58 executing program 3 (fault-call:3 fault-nth:28): perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='bpf\x00', 0x2001001, &(0x7f0000002640)=ANY=[]) syz_mount_image$ext4(&(0x7f0000000040)="0000000080", &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000100), 0x100020, &(0x7f0000000100)) 13:27:58 executing program 0: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@loopback}}, &(0x7f0000000180)=0xe8) ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x8983, &(0x7f00000001c0)={@empty, @loopback, @empty, 0x2, 0x2, 0x4f10b883, 0x100, 0x0, 0x200001, r0}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x408080, 0x0) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000040), &(0x7f0000000240)=0x4) [ 281.431326] FAULT_INJECTION: forcing a failure. [ 281.431326] name failslab, interval 1, probability 0, space 0, times 0 [ 281.445769] CPU: 1 PID: 10624 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 281.454280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.463729] Call Trace: [ 281.466333] dump_stack+0x244/0x39d [ 281.469981] ? dump_stack_print_info.cold.1+0x20/0x20 [ 281.475188] ? kernel_text_address+0x79/0xf0 [ 281.479624] should_fail.cold.4+0xa/0x17 [ 281.483699] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 281.488827] ? save_stack+0xa9/0xd0 [ 281.492467] ? save_stack+0x43/0xd0 [ 281.496111] ? kmem_cache_alloc_trace+0x152/0x750 [ 281.501036] ? vfs_new_fs_context+0x5e/0x77c [ 281.505468] ? do_mount+0xb70/0x1d90 [ 281.509191] ? ksys_mount+0x12d/0x140 [ 281.513002] ? __x64_sys_mount+0xbe/0x150 [ 281.517166] ? do_syscall_64+0x1b9/0x820 [ 281.521240] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.526629] ? find_held_lock+0x36/0x1c0 [ 281.530735] ? mem_cgroup_css_alloc+0x1288/0x1ae0 [ 281.535615] ? perf_trace_sched_process_exec+0x860/0x860 [ 281.541146] ? lockref_get+0x42/0x50 [ 281.544879] ? lock_downgrade+0x900/0x900 [ 281.544901] __should_failslab+0x124/0x180 [ 281.544922] should_failslab+0x9/0x14 [ 281.544939] kmem_cache_alloc_trace+0x2d7/0x750 [ 281.544957] ? rcu_read_lock_sched_held+0x14f/0x180 [ 281.544975] ? kmem_cache_alloc_trace+0x353/0x750 [ 281.545001] legacy_init_fs_context+0x187/0x230 [ 281.545020] ? vfs_dup_fs_context+0x400/0x400 13:27:58 executing program 2: 13:27:58 executing program 5: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback, @dev, @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, @loopback, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) 13:27:58 executing program 0: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000100)={@remote, 0x14, r1}) r2 = socket(0xa, 0x1, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x200000, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000040)={0x0, 0xd1}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000180)={r4, 0x2c, &(0x7f0000000140)=[@in6={0xa, 0x4e23, 0xfff, @remote, 0x1}, @in={0x2, 0x4e21, @multicast1}]}, &(0x7f00000001c0)=0x10) r5 = dup3(r2, r2, 0x80000) ioctl$SCSI_IOCTL_STOP_UNIT(r5, 0x6) ioctl$sock_inet6_SIOCDELRT(r2, 0x8983, &(0x7f0000000380)={@mcast1, @loopback}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) [ 281.545036] vfs_new_fs_context+0x3f4/0x77c [ 281.545058] do_mount+0xb70/0x1d90 [ 281.566882] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 281.566908] ? copy_mount_string+0x40/0x40 [ 281.566930] ? copy_mount_options+0x5f/0x430 [ 281.566967] ? kmem_cache_alloc_trace+0x353/0x750 [ 281.567003] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.567038] ? _copy_from_user+0xdf/0x150 [ 281.567071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.623146] ? copy_mount_options+0x315/0x430 [ 281.627663] ksys_mount+0x12d/0x140 [ 281.631320] __x64_sys_mount+0xbe/0x150 [ 281.635313] do_syscall_64+0x1b9/0x820 [ 281.639212] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 281.644619] ? syscall_return_slowpath+0x5e0/0x5e0 [ 281.644634] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.644652] ? trace_hardirqs_on_caller+0x310/0x310 [ 281.644669] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 281.644687] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.644703] ? prepare_exit_to_usermode+0x291/0x3b0 [ 281.644724] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.649941] kobject: 'loop2' (000000002546d3a0): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 281.654503] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.654516] RIP: 0033:0x459fda [ 281.654535] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 281.654544] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 281.654557] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 281.654566] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 281.654587] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 281.654596] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 [ 281.654605] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 [ 281.669185] BUG: unable to handle kernel paging request at fffffffffffffff4 [ 281.673267] kobject: 'loop5' (00000000b31634f1): kobject_uevent_env [ 281.675296] PGD 926d067 P4D 926d067 PUD 926f067 PMD 0 [ 281.675328] Oops: 0000 [#1] PREEMPT SMP KASAN [ 281.680229] kobject: 'loop5' (00000000b31634f1): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 281.689619] CPU: 1 PID: 10624 Comm: syz-executor3 Not tainted 4.19.0-rc8-next-20181019+ #98 [ 281.689627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 281.689647] RIP: 0010:do_mount+0xb98/0x1d90 [ 281.689662] Code: 06 00 48 89 c2 48 89 c3 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8a 11 00 00 48 b8 00 00 00 00 00 fc ff df <4c> 8b 33 49 8d 7e 18 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 5e 11 [ 281.689670] RSP: 0018:ffff880187d57c28 EFLAGS: 00010246 [ 281.689681] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffc90007ea6000 [ 281.689689] RDX: 1ffffffffffffffe RSI: ffffffff81e011ec RDI: 0000000000000282 [ 281.689704] RBP: ffff880187d57db0 R08: ffff880187bd8240 R09: 0000000000000000 [ 281.696110] kobject: 'loop0' (00000000c70a093b): kobject_uevent_env [ 281.698067] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801bb660630 [ 281.698077] R13: ffff8801c9fe2b00 R14: ffff8801c9fe2b00 R15: ffff8801bf00e580 [ 281.698100] FS: 00007fa4ee771700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 281.717683] kobject: 'loop0' (00000000c70a093b): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 281.724740] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 281.724749] CR2: fffffffffffffff4 CR3: 00000001b84f2000 CR4: 00000000001406e0 [ 281.724762] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 281.724770] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 281.724775] Call Trace: [ 281.724800] ? rcu_lockdep_current_cpu_online+0x1a4/0x210 [ 281.724823] ? copy_mount_string+0x40/0x40 [ 281.733016] kobject: 'loop5' (00000000b31634f1): kobject_uevent_env [ 281.739369] ? copy_mount_options+0x5f/0x430 [ 281.739390] ? kmem_cache_alloc_trace+0x353/0x750 [ 281.747154] kobject: 'loop5' (00000000b31634f1): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 281.753922] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 281.753939] ? _copy_from_user+0xdf/0x150 [ 281.753957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.753978] ? copy_mount_options+0x315/0x430 [ 281.762129] kobject: 'loop2' (000000002546d3a0): kobject_uevent_env [ 281.768336] ksys_mount+0x12d/0x140 [ 281.768354] __x64_sys_mount+0xbe/0x150 [ 281.774854] kobject: 'loop2' (000000002546d3a0): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 281.780014] do_syscall_64+0x1b9/0x820 [ 281.780036] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 281.785698] kobject: 'loop0' (00000000c70a093b): kobject_uevent_env [ 281.793951] ? syscall_return_slowpath+0x5e0/0x5e0 [ 281.793966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.793983] ? trace_hardirqs_on_caller+0x310/0x310 [ 281.793998] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 281.794012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 281.794027] ? prepare_exit_to_usermode+0x291/0x3b0 [ 281.794047] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 281.803175] kobject: 'loop0' (00000000c70a093b): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 281.811890] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 281.811907] RIP: 0033:0x459fda [ 282.077543] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 7d 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 5a 89 fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 282.096430] RSP: 002b:00007fa4ee770a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 282.104133] RAX: ffffffffffffffda RBX: 00007fa4ee770b30 RCX: 0000000000459fda [ 282.111402] RDX: 00007fa4ee770ad0 RSI: 0000000020000080 RDI: 00007fa4ee770af0 [ 282.118654] RBP: 0000000020000080 R08: 00007fa4ee770b30 R09: 00007fa4ee770ad0 [ 282.125906] R10: 0000000000100020 R11: 0000000000000206 R12: 0000000000000004 [ 282.133158] R13: 0000000000100020 R14: 00000000004d7d88 R15: 0000000000000003 [ 282.140414] Modules linked in: [ 282.143595] CR2: fffffffffffffff4 [ 282.147040] ---[ end trace de0950c7f55d6b16 ]--- [ 282.151786] RIP: 0010:do_mount+0xb98/0x1d90 [ 282.156095] Code: 06 00 48 89 c2 48 89 c3 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8a 11 00 00 48 b8 00 00 00 00 00 fc ff df <4c> 8b 33 49 8d 7e 18 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 5e 11 [ 282.175073] RSP: 0018:ffff880187d57c28 EFLAGS: 00010246 [ 282.180438] RAX: dffffc0000000000 RBX: fffffffffffffff4 RCX: ffffc90007ea6000 [ 282.187691] RDX: 1ffffffffffffffe RSI: ffffffff81e011ec RDI: 0000000000000282 [ 282.194943] RBP: ffff880187d57db0 R08: ffff880187bd8240 R09: 0000000000000000 [ 282.202195] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801bb660630 [ 282.209452] R13: ffff8801c9fe2b00 R14: ffff8801c9fe2b00 R15: ffff8801bf00e580 [ 282.216709] FS: 00007fa4ee771700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 282.224926] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 282.230802] CR2: fffffffffffffff4 CR3: 00000001b84f2000 CR4: 00000000001406e0 [ 282.238075] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 282.245337] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 282.252599] Kernel panic - not syncing: Fatal exception [ 282.258853] Kernel Offset: disabled [ 282.262474] Rebooting in 86400 seconds..