0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) restart_syscall() 03:40:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:13 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x300000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x287, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2691.150319] FAT-fs (loop4): Directory bread(block 2561) failed 03:40:13 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:13 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x1, 0x0) ioctl$TUNSETNOCSUM(r1, 0x400454c8, 0x0) syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8000, 0x0) [ 2691.200128] FAT-fs (loop4): Directory bread(block 2562) failed [ 2691.225734] FAT-fs (loop4): Directory bread(block 2563) failed [ 2691.256806] FAT-fs (loop4): Directory bread(block 2564) failed [ 2691.274619] FAT-fs (loop4): Directory bread(block 2565) failed [ 2691.283430] FAT-fs (loop4): Directory bread(block 2566) failed [ 2691.294057] FAT-fs (loop4): Directory bread(block 2567) failed [ 2691.304259] FAT-fs (loop4): Directory bread(block 2568) failed [ 2691.310769] FAT-fs (loop4): Directory bread(block 2569) failed [ 2691.318297] FAT-fs (loop4): Directory bread(block 2570) failed 03:40:13 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r0, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:13 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x3000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000040)) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@random={'os2.', '\x00'}) 03:40:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x255, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:13 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x480c0, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0xa55) r1 = socket$inet(0x2, 0x80000, 0x6) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r1, 0x0, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:14 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x40) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000700)={0x2, {{0x2, 0x0, @multicast1=0xe0000001}}, {{0x2, 0x0, @loopback=0x7f000001}}}, 0x108) close(r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'dummy0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000540)={'ip_vti0\x00', r1}) 03:40:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:14 executing program 3: r0 = open(&(0x7f0000000140)='./file0\x00', 0x1, 0x13) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000001c0)={0xffffffffffffffff}, 0x2}}, 0x20) r2 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x8, 0x40) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f0000000280)={0x12, 0x10, 0xfa00, {&(0x7f0000000180), r1, r2}}, 0x18) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x100000000008912, &(0x7f0000000040)="1c5cc83d6d345f8f762070") r4 = memfd_create(&(0x7f00000000c0)="620aa6877b334d7a2e4dbcd42f8920000000", 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='@\x00', r4}, 0x10) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000000)=0x100, 0x4) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0) 03:40:14 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1000000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x5c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:14 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e21}, 0xfffffe27, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:14 executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x40) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f0000000700)={0x2, {{0x2, 0x0, @multicast1=0xe0000001}}, {{0x2, 0x0, @loopback=0x7f000001}}}, 0x108) close(r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'dummy0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000540)={'ip_vti0\x00', r1}) 03:40:14 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r0, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x127, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:14 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:14 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000040)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) 03:40:14 executing program 4: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x0, 0x0) ioctl$UFFDIO_COPY(r0, 0x400c55cb, &(0x7f0000000000)={&(0x7f0000000000/0x1000)=nil, &(0x7f0000942000/0x4000)=nil, 0x1000}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000100)={{0xc1}, 'port0\x00', 0x8, 0x4, 0x7, 0x7158, 0x6, 0xffffffff, 0x1ff, 0x0, 0x2, 0x70}) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f00000000c0)={0x0, 0x1, 0x8, 0x8, 0x9}, 0xc) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) getsockopt$inet_tcp_int(r0, 0x6, 0x24, &(0x7f0000000040), &(0x7f0000000080)=0x4) 03:40:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) connect$unix(r1, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) 03:40:15 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x11e1f5feffb467e8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3c0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:15 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001280)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, &(0x7f0000000000)="0f09650f01bfa6c30f070f01d10f20c06635000000400f22c00f20c06635020000000f22c0baf80c66b8e817458166efbafc0c66ed6766c7442400f2ffffff6766c7442402fd26b3e46766c744240600000000670f011424baf80c66b86e02978e66efbafc0cb80900efba4300b80900ef", 0x71}], 0x1, 0x0, &(0x7f00000000c0), 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) ioctl$TIOCOUTQ(r2, 0x400454da, &(0x7f0000000300)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SMI(r3, 0xaeb7) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}}) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 2692.974671] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:40:15 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x15, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2693.076218] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 03:40:15 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r0, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:15 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x28c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000040)='b\n\x00', 0x80000000000) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000000)=0x7) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) 03:40:15 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x208402, 0x0) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000100)=0x6) r1 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='ip_vti0\x00', 0x10) r2 = fcntl$dupfd(r1, 0xfffffffffffffffe, r1) setsockopt$inet6_group_source_req(r2, 0x29, 0x2f, &(0x7f00000001c0)={0x4, {{0xa, 0x4e23, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x2}}, {{0xa, 0x4e20, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x80000001}}}, 0x108) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:15 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4000000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:15 executing program 4: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x13d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:15 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:15 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000080)=0x753) 03:40:15 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:15 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x1010, r1, 0x0) getitimer(0x0, &(0x7f0000000040)) [ 2693.903427] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:15 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:16 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) r1 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r1, 0x0, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x81008}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@bridge_getneigh={0x3c, 0x1e, 0x1, 0x70bd29, 0x25dfdbfd, {0x7, 0x0, 0x0, 0x0, 0x200, 0x114a}, [@IFLA_IFALIASn={0x4, 0x14}, @IFLA_NET_NS_FD={0x8, 0x1c, r0}, @IFLA_PROTO_DOWN={0x8, 0x27, 0x4}, @IFLA_CARRIER={0x8, 0x21, 0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x10) 03:40:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:16 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfec0, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:16 executing program 3: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socket(0x1, 0x5, 0x3) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) r3 = mq_open(&(0x7f0000000040)='-$\x00', 0x0, 0x0, &(0x7f0000000080)) finit_module(r3, &(0x7f0000000180)='filter\x00', 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0) 03:40:16 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x24d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:16 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:16 executing program 5: r0 = socket$inet(0x2, 0x3, 0x800000032) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) mq_open(&(0x7f0000000080)='ip_vti0\x00', 0x40, 0x20, &(0x7f00000000c0)={0x4, 0x10000, 0x6477c893, 0x4000, 0x0, 0xfae7, 0x2, 0x3}) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:16 executing program 4: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:16 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) fcntl$getflags(r0, 0x40b) 03:40:16 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfa4bd2feff3c56a0, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:16 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) utimensat(r1, &(0x7f0000000100)="2e2f66696c6530000000000000000005b400", &(0x7f00000000c0)={{0x77359400}, {0x0, 0x2710}}, 0x0) get_mempolicy(&(0x7f0000000080), &(0x7f0000000140), 0x2, &(0x7f0000000000/0x4000)=nil, 0x2) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) utimensat(r1, &(0x7f00000001c0)="2e2f66696c6530000000000000000005b42f66696c653000", &(0x7f0000000240)={{r2, r3/1000+10000}}, 0x100) [ 2694.833622] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x11d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:16 executing program 4: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:16 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:16 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x20000) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x0) clock_gettime(0x0, &(0x7f0000000180)) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x1ff) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000002, 0x80010, r0, 0x0) write$binfmt_aout(r1, &(0x7f0000001300)={{0xcc, 0x6, 0x2, 0x367, 0x90, 0x4, 0x6f, 0x2}, "90526a558e126ea64611a17f74c76ed607e2e8f2d3ebdb56df7abe037f8ffe04d617a5f82940b327ed521bd25232298171f260b9bb6b525619ec53bf820b1aba3e9abf4ad618e090fab4a1315c2f4e2e4f12da349bad95de8ead11949bf0f8e977d8f9a08532e7394c570a914f103b1c54cad794adabd834e67d8ad560e0cd85aeae3eb4ef9aeb8b2c8cebb81f077a8f68a4a6b4f3f0c0371e9d2d243124efa5da4aa4ce57c1a4f92e4295dc62d6fdea1ee75d219e1193c968d3e6c5c4843aa22b58248adbba0658e3abd532539a98715ba61f6fae9fb4ca6a94ef414db7d52117d0c3814ca33c37dcc9ed6dc656a35aa67a3531c031861791f771b289b097aa3ab25401985ee5f1eee6b225d44b7d4b2cc944dfe6e1da6dc5bfffa5f4f218e9b1f7f224c2a3e685f74f6cc0a3bba96c900463bcdab2827efda2244c7d2e1f46d265edf00a683192e6ff639587b38f55b8c04c53af282003d686e4b9f6efaaad9e52a95fb722bfe4b1e9035ed6df722de771d0c801a03ba11c3b531d83af004ee13a5de1755b1a3a209f369d2be12f5dde7e3c7d0a7ae7f4789720469a4e984941bc03b9556daef17612ed6b009ba34963730be7fc31737af52c0078ff931779b449a17897abefed97c907f4fc1a5f4d4b973ea341e1b38089868f4992462da96cacf0c18a8c39d47dd7519a480431484523ec4783aad32d56a53044c77cf6cf19323bd6a0cd5afa68f09b829aaf5dd07bf48e0d41891e23cf2ea4d1bc9425a5caa407d770c39671b6236ea513234bc8e249a21574c1592bfa26097c9640bb9b268d771a14a387a5c0260b2f332f40928129e6d312ed14f7706b749649fa5f20a72216db661ece67157706598065c5b28f86457c4a92789f5e6fed82eed4e348458d69f908b5c828f4380da550ad31714042f3184cc8b23326745fb9a9459b6ef79dc81295ea0be2a91ac87c76e97ce85b1cf09f66eb4c3d9e87a6885bf8841a225c149019e36bbfd1ffbe50883bb06b448cde4f2470dfd66b229f68d4caa00dfb894c2e3d2d6ce00d753eae510dd5954e1261e3b24bc45871abfc83bf38a90b93eaf2430827a4016feb81921ac46615b77654dae73496c2ce4fb66007d45189289f7f6ac747e102cea460f76c5505804bea13b677258d0106a664bb5ce8446398a5cbeeb8b1f836f4e894d0d33a9a62155cbf374b9abb189d31d894dfcbda7b44d52b7e32f7df03de229048e1c7458be9ec01fdbc408b9427141dfb4b994e76a982ab071f311870efca30903e9741744da84943ac8a34c6ca18858bd36ff303d62d32fd807e5b99338a09e66c399b532e44f1783bb6eee2698dd3bf6c21971b3b047ba7c126cffe26a1e67c68cd256c8bf2251631558587fa241c4200888a91a6a16d54ab3eaa0076a2c0cb4903277e8b380657a82521e5772ebbd9fcea57175151ccb651603c3a6a5e16fc1e62820d7f9fd2ee757ba1992e70648126313e1b5f58efeb85d7212e8cd644b37a66219c216643c14b7bc86b885deef33e99fe722d3cac9e43b0f90ad85841adbf8e318a8785ec4e998cdf4edb252c5c4cca0ab49451325f04a695240938b472433d9b5570d3e26c07501aae3182f44cdd076c102ff0c372c052b242b795ba301f976131c04b971fc9795c1396f847c7d0f9326801c4c25ee73330f4ecd547b8ba1402742cbd0144eb9575cb04a72052e1cc594276451f57960a1d035a6fe7542531d327a18081c63a39c52d6e1324d4514c166af9f5ec2dcbf97e79c008ca6cf031f9cad499baba1d5d72d174d55b6911e5711f1c544b9c41b408caff40aa32c279d2b33442f032a29d9ddbc211e772f4a37da46a942fecd2e13b7398ecc0ecbdd69d82a73ea8135b65ad8c502c3e187d1b741d266d9480eeb85cd6e0c60c3f00132f4c858e1f5eea07086bb6d4db00e66999c57579c9f5753d8d4f3a5db84720b3dfc12ae92b1a939b686374c098bc4795c6c3f5ef3da9b4e952e953927961a2e388b8fb43a73a974d53b8e91c51171964fbfad68b3a50d0c1af51fb2bc81a016b5b48c4c1fb0df8a34ccd26c56a2783948f474a583b333cca9953ee95f0021a2758422e7842db98229e4418776a33ed74a87ca94c87a1f852a9b4f89ea4626b93c06312433899b8ffbf489145939ddce334d0f806973b3878f6a55c7dbcc8a3ac38a0630dcc86522f967158d300165359940db8afe9b159719cc47da88e4f3f190f09978faa614157693598b52fc07547684323159253520665232e10f7871ca59900562dc53da6109dd3049b9f0929572b819e514570bf274272caccd0fa636876196447683e7117d7bbbf9edede795fce3e1a1ad4b0f2b5c9f539b87313226932e72938b089257d54db474285b7faa056b6f4a7e2eaeb91582b102ac910a54bee837fc3dad4dcaf108b76288715e40b1ff099f72100b38ec75606db38ad641eea001a2cc443845779cbd6e3e2cd0a87378733f2ea022e4a6556dad2a889cb4fa568c8406c511a546640ad3f65755b9efbc127d5a120cde9f3ac1ed9fe4db2df58618df94b82d0ae44fb4d7cd09e94fcefaee5826563916f32f1e1402725482781358d397623eb1e9f0ad8a17ddf9b568409fe84bc755abfd1293d62221ff16f113cdddecfb0b1c4d8d9f98a7a096c8dc4b654a1c906f2afdb9c14afce6282fb0a5fc38e84e70e5d030484b13ec49de00de0ad94343a20ac8a70a8808b9cb516e1767cc22d30169f421a2178d0f12f97875855beb99f42815334a2538186cb2aecdb451405cdf2f3fd0e00eb2bb07a3f1064fc49b84f1269ff4ae82e6fa8c8c4cc4ad9c412b59b1cf13c169f9780432be2dfef58d6782cd740cd5e4f4584b1923f33cbda2d825081024e722beac1edc6497bf403913d12caa6616b765a66e0b7e7c08323e29ac319b71a71880082e24226a2b9c92d874d6a0233903d7feac5ec3f1d26285efe862fb44b684c731599f0a42a8215db6e7695d398a87d03e8725bb9974c371d75741a08626ed100fe0226400a4274190728a8693457b6531db5a52e28c321281b368920346f14c621bc1709c20fad40dd59aa2180ad12017edeade9a56f57f5769289e12325d74101e31d5a058b0f167f377bc3712b19ffec96c897dd861afc60afe05458d0425cabddf7ab8b2d8a85c5f43466c7dbd0e58e18f05875ac65882a67e925bee8c70de8079602e664ae75046b65112bf48ab3bae975130c18a0e2fbf680b2870fe3073f24074834daaec41814a9ad13793c3c8f0cdc49c93fced76ded23551d89f38b3e7100a881b8a42396288b70bdf5aa3665a0cc4240cf7d0cb1dfc735d817720b8971fd747310112a8d49eb868e1e10d53e653e596c6bef66f6c3ddd580d80df25f876e1de16cee58eb5e68c6273c6d1eb2de5b87ce048ef7eab66da3b7b12754e81aa45414ab2985b98b697a017497390e483d4d96fc85d12cfcf9b4fa222af29dd463b7e8292ccc503563b31f8547f63370f55938e35abfc7441055bdfca5226c7a5b7eec7e5021ef0f8a7d69089ea4dfa7e8566f19b1729322f839ea791a95836e26d10509e09fa8d6f259cd3f7463c2ffe90c7fa992df8ba3ad7f33a3c57be25171ce68cad23f257d49b454db916ad36a11e38d48e07cb60c11b8adfea4edb6cf1d414612f81ee9d7ec6d3d4cf99b53023e4a8245ca59beb21ac8865d8c2a799082ac3199a5f63888209493285cf6bd1cb130404d3e947a0e4c3af9ba08d2c305afba4d70fc2d79c0693e41f63273d2176e2fa0044f881b04158238af3cef01f404fd409731164554b9a134f4311219d45ac27b3c0a270be83fb4e34de7add3ffec68d0acd7f347c1cf915d77261365f88efa041f47a2406b3ec622f08646f959b1ff9cadfc62e86fae44ac734fc3d812a983420ea66c57782fbeed7dcebf61f6b0ab651c5a8fcc3e4479e6fd7b98733158cb415cff563131b8157fa5807546e059ef988fbf121607671fab4da3b212abe94e5483c732ee05d2a28496383c48ca159c1018cda570eb73d9937ee43205a62792edac9a2285d3fdab560559e1a3ea0525ae31bbcec523c446bd11104714eea48ec4d17ba1ecb83ba7a477309c1bc465e50bef1257a823bc5fb436f698dfa04f78fa1b486a1a9c1586c8348271e5d3c0f0e84527e5b1a774d378e2e6a290cd3644ccbea3e3f50c8a91b8a6ffba841749cdd38d679771f76fced2f4232512125859d3bf13ceb724964f696a69869ad4166f67f2783201a93265028f0f382454e07f032aa4e618561365f6d4c737de7d66be2e6c9360f7c0f3313284b6dd089f4347a7ebed868bc5f33e9b10ef186dd7e840f56e29508c95e4d79bc79cb4e63b3991d2f24f8756265c241b506f102d6d2ad5cda5a4b74178823baa223b17e4302085b6c28b61c769245d52ad1367a12c782d9bce4b43f8782dcbeaca681ce08df785ce4110477272a3f8e9828cf39885bd0c599610a11e366d908235e204062ca8f32eeb6bc963badc6a5d5823ac67fce2958bf23a3142060953d2c1d0d574241d4235b29fe698cb6ffb31050c5f33127968de72b5dc6c15a11dba159dbdd735478a1b1121e2a5bd316888dac6e72ac1cca5c9d0ec8c8e2063d8469bde3c9d0903b773b77a9337172c6a153f7e102c295221173541e93bd1f7475927e7e10c383fe2fb38949e483675d77f19328adcf50713f37fde35475a5650b5c2235411fbd2ec603c106abbca5b06c7210e950d973bd63ecf5437f7056b09976a144822d7f06de37411fc3071376fb878e29c0e95dc86a1105257a00ce20a5ace468798f9f7ba8a9b247d74b08dac706b40affc3a7c8f148e54274ed9924e458d359e9e81d4118f21c9fea6f1d9f127bb722ace1cc9b90bfc91dcb4d7936fe9428b29538f8ecf422614c0053fb260582ca374bf7a49cc73f181640a5d112c0c414c214ed7a13e395a14a195a7bd4595ebb2b9813c1b53792d69ca06621ce59e7e73a588793ac7c1123b0728a4a72c0cc80dc40f5ef9ebfd9a9c2b3baceaa44dfbe10edd636e1fdfbb1936f6c563b0ee59e26bf85606136f62cf0595b70547cba33f459c344fdbd3074d955adeaac0bb1f48bd28286a39ded86f1213ed305d96d65933eaee163f01e3b66c8e0a6a62de5fa2f2c589951fd976d408bc23a369f46f55eb3c52dc84718f97dd1d934a7e1a4ae6b35f8139ec28b4ebb112598828740d1f26ea36cc4f816415ab4eabfead9fb59d630cc857a1b734d80a77292c831463d2565befa17f7b975d5945d834e61dfcaa2c55cbbd2a9e8d690d38320b9d2bc0498301b7ff180d8438f3d7ad55fbaf9935e5a60be4fbd54afb33d80338407a77efb9e62a2f493ee5f6cc85e2cd7a3ec12adaa26a0fc5b9fb437d0e32f77aeddd9e81e82da02f9e9c8135f7aba81baa5a5b152157cb4c929497854c97e31ec68c16baa140e02124904475c2c7208d22928a6a0769da19abc093dcb6bdb7f15b9a5ce6c72cdfddf0596ca7293f58469d14e6865c3d0f2d7442cdf23e8652c48ac540ae2b056b91586e151d3f32fa228327f932e04366d00450c4df3873e400403d9ef7af316d9a29391ea77c6e604f4a82a32dbd250d0a1fd59b0cb0bab59518b4fdbf3bfd353a16c830087caf98e4fcf700e1eb37764390cdeffd6528e38fb4638443264d8647c5c20bddbec6df7c086b7045bd7e4614a662ab87cd69fc9a88e537d3677a1d741d9e49a224b1f55ffbeda1bdd5afe33b46d0c1aba31952b6bccaea7e6a303a52eccebb49bdc09350a790515efb32f91421", [[]]}, 0x1120) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x12, r2, 0x4) accept$unix(r0, &(0x7f0000000080), &(0x7f0000000100)=0x6e) 03:40:16 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:16 executing program 5: r0 = socket$inet(0x2, 0x2, 0x400000002f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2695.007071] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:17 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x20d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x84) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={0xffffffffffffffff}, 0x117, 0x7}}, 0x20) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r1, &(0x7f0000000140)={0x5, 0x10, 0xfa00, {&(0x7f00000002c0), r2}}, 0x18) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x100000000, 0x400000) r4 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r3, 0x10e, 0x1, &(0x7f00000001c0)=0x1a, 0x4) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0) 03:40:17 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa8aaaafffeaaaa18, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:17 executing program 4: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) fcntl$dupfd(r0, 0x0, r0) 03:40:17 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:17 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/netstat\x00') ioctl$TCSETSW(r0, 0x5403, &(0x7f00000000c0)={0x6, 0x7, 0x3ff, 0x80000000, 0x100000001, 0x1, 0x8, 0x1, 0x7, 0x7, 0x1, 0x2}) r1 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r1, 0x0, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:17 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xe, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x344, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socket$can_raw(0x1d, 0x3, 0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x48000, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000080)={0x1, 0x7, 0x2, 0x4}) r2 = memfd_create(&(0x7f0000000040)='&ppp1vmnet0%&:]bdev\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) [ 2695.821809] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:17 executing program 4: r0 = socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) 03:40:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2695.961320] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:18 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:18 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfec0000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:18 executing program 5: r0 = socket$inet(0x2, 0x991ac7059598b544, 0x137) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000002c0)="9528fb82f845a3dcf24a817cdb7d94f40a2d7935739d20bbb62324d2108b1bcdad8aa4fc8cff6231268b3e8bdbdb8a8e49195ed26e8c3db915d35f496d8c4ad3deeefbdc6ebcfac0e02458f30eb9e65214edfc4052e861108dc6c02a92c8126c427386b4cd2a536bbd2a354b1d2dc5cc059342eaa96a104eea577c9055aa7a4a84ab5f4a48b78c6b95e352c79940db940ec3d92f21ed6bd7322aaf76d3985ce52d93cd4b4c2b989271566e2638f9be1565c2d5571db7f78d") r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x42041, 0x0) ioctl$KDGKBMETA(r2, 0x4b62, &(0x7f0000000240)) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r0, 0x4000000, r2) openat(r2, &(0x7f0000000280)="2e2f66696c6530000000000000000005b42f66696c653000", 0x101001, 0x18) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) recvfrom$unix(r0, &(0x7f0000000080)=""/148, 0x94, 0x2160, &(0x7f00000001c0)=@file={0x1, "2e2f66696c6530000000000000000005b400"}, 0x6e) 03:40:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x391, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:18 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0) 03:40:18 executing program 4: socket$inet(0x2, 0x3, 0x32) syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:18 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:18 executing program 5: r0 = socket$inet(0x2, 0x3, 0x33) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x4000) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000400)={@empty, 0x0}, &(0x7f0000000440)=0x14) setsockopt$inet6_mreq(r1, 0x29, 0x0, &(0x7f0000000480)={@local={0xfe, 0x80, [], 0xaa}, r2}, 0x14) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x107, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:18 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xff000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:18 executing program 3: r0 = socket$inet6(0xa, 0xe, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000080)='+!-cgroup!vmnet0selinux', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000000, 0x12, r1, 0x20000) fcntl$setpipe(r1, 0x407, 0x5) [ 2696.774087] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:18 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x5, &(0x7f0000000480)=[{&(0x7f0000000100)="067746", 0x3, 0x8a00}, {&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2696.955772] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:19 executing program 0: openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:19 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x1, 0x0) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f00000000c0)=""/118) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x35, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:19 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x10000, 0xc0) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0)={0x2, 0x2, 0x0, 0x6, 0x7, 0x9, 0x100000000, 0x9, 0x0, 0xfff}, 0xb) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = memfd_create(&(0x7f0000000380)="620a00fcff", 0x1) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x200001, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) bind$alg(r1, &(0x7f0000000100)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58) ioctl$TIOCGSID(r3, 0x5429, &(0x7f00000002c0)=0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000580)=0x0) kcmp(r4, r5, 0x5, r0, r3) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000040)={0xffffffffffffffff, 0x1, 0x6, 0x3, 0x1000}) getpeername$packet(r3, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000240)=0x14) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f00000003c0)=0xc) setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000400)={{{@in=@multicast1=0xe0000001, @in6, 0x4e21, 0xfffffffffffffffb, 0x4e21, 0x8, 0x2, 0x80, 0xa0, 0x3f, 0x0, r7}, {0x4c39, 0x6, 0x9, 0x1, 0x7, 0x2, 0x9, 0xffff}, {0x0, 0xfffffffffffffff8, 0x401, 0xa9}, 0x3f, 0x0, 0x2, 0x1, 0x3, 0x1}, {{@in=@multicast1=0xe0000001, 0x4d3, 0x3f}, 0xa, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x3503, 0x4, 0x3, 0xfffffffffffff842, 0x6, 0x5}}, 0xe8) sendmsg$nl_route(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="280000001900020028bd7000fddbdf250a3080015735f98e3b27fad3ff00c807074000000c0009000800035f72267ee65288260492399b44504be1fa32b2d7dc234c3ca9bed990c29ac9089c859d", @ANYRES32=r6], 0x28}, 0x1, 0x0, 0x0, 0x4008004}, 0x20000004) 03:40:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:19 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x4, &(0x7f0000000480)=[{&(0x7f00000001c0)="96d55b180b0b34016d8c8e614a5d0aa7f4bad59849ae88ba8475854a0770e031cc3b37a3fac542b6aaf32768e67604b67b613c1808f6bf590fa7f5e5838a522a3ededa746756c3290e3ae0ce946ca406450650a581c63992e4ef840c4f5e6a1b3f8a3adf42", 0x65, 0x9}, {&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x9000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xd4, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2697.740215] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:19 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000500)=0x0) fstat(r0, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000001600), &(0x7f0000001640), &(0x7f0000001680)=0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000016c0)={0x0}, &(0x7f0000001700)=0xc) fstat(r0, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000017c0)="2e2f66696c6530000000000000000005b400", &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001880)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000018c0)={{{@in=@rand_addr, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@remote}}, &(0x7f00000019c0)=0xe8) stat(&(0x7f0000001a00)="2e2f66696c6530000000000000000005b400", &(0x7f0000001a40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = socket$inet(0x2, 0x1, 0x21f0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001ac0)=0x0) lstat(&(0x7f0000002140)="2e2f66696c6530000000000000000005b400", &(0x7f0000002e00)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000001bc0)=0x0, &(0x7f0000001c00), &(0x7f0000001c40)) fcntl$getownex(r0, 0x10, &(0x7f0000002500)={0x0, 0x0}) fstat(r0, &(0x7f0000002540)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f00000025c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r18 = getpgrp(0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000002880)={{{@in6=@ipv4={[], [], @broadcast}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@dev}}, &(0x7f0000002980)=0xe8) getgroups(0x5, &(0x7f00000029c0)=[0xee00, 0xee00, 0xee00, 0xee01, 0xee01]) r21 = getpid() stat(&(0x7f0000002a00)="2e2f66696c6530000000000000000005b42f66696c653000", &(0x7f0000002a40)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000002ac0)="2e2f66696c6530000000000000000005b400", &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000002b80)=0x0) r25 = getuid() getresgid(&(0x7f0000002bc0)=0x0, &(0x7f0000002c00), &(0x7f0000002c40)) sendmmsg$unix(r1, &(0x7f0000002d40)=[{&(0x7f00000000c0)=@file={0x1, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000140)="a8662486a7b52b68453c2d6dced5983f48df56e85cfade4933ee13962cc8bb5de36a408cc43207", 0x27}, {&(0x7f00000001c0)="448ab7786a5c88cd2d75a4ad4becd4cbdd9d7da39c033af9a74d3059423912cd032e17e6ba418edb9b399c421aa3abccbb806542d05edee7b87b2371a63cd96b84dbfb7d0d4695db258d0661425a55f6fdf2edfed53c04963dc6b9bb89683755419df70a72afd3e5ea2001401535f7f68a5ec915ced03c9e6a9abf522e42be19a7c988b9e5c5ea74e9081359a11dcad025607d4d15a619311b182103fcf2a9658620279b96f5453011884bfc2696bb6c9cda9588d0ec1bf7b137f0f11fa6de0245c7bac6e12321bc2f9e125dee90", 0xce}, {&(0x7f00000002c0)="df2dce641a3949584e718eb5e25e817312646945b19a7e5df383514c74babeab2fe5977e1cc0efbbd8350062a67f89a97d36ca22975d9fb0aa0381685841cadbfe6578224f9c863844010e00937880a21729c916350d5aa820df47ef6fa8fce72421e50e7390c4d93626b5651bd025424ca75a6fc9072926ee1e26d34a8bc9a49a98f6c87601de60c716b97efa3db2b55812af41bb444f8cf97f76ca3f16e337ef80a5fb104b8727c19cdcedc99b93132a9dbdcf0591524a8d7de7ec81", 0xbd}, {&(0x7f0000000580)="7bc826cd6b3d3288690cacf4c757871044a31e17b950e2a2c6f87a8e2f434c8b3e12e9fd124e34a667057db70ce7b06f7f26b38223eaf99c21c0daad9d873dcbaf455bd08c66d4904e52f54b25fa4680089d0c88be59278251ee36a0d3d4a3e9159b4bc938ffa3202ccc651b9eef83842bb37afc6ec6b428b91f7f81c853aee8e2a74a560d1ffc992f0921a0fd9619e0a5c0017024a5e7c065fde7772b0e81d616e2096fa6695db5c1cca787fc1ad7ed381591efbba7b3d8a42f1f82b04365041356e2d3222b26eb93667be259da4b590e2f51106024ffcf0cd66bc4046bce088f52d5b64b45f63ef6da2ad9b90352e3e76507665f3c9e2723615ddef69074684f948fdf8d2de4790ac6b0ef8e295b92ae57c3a3dab1d20dadf6130d3721ac7d0e36911decf55478e08cb23617977ba2cddc09f470c1211a918807becd41dea6faddf0c850f4279706bb7f2ddbe045567379ce15b65251487a57654fec43c416a5681a5a9e6573599d69103a9dc57d097036c3e65f2e45d432b518624234aaef21054903cd5be2acd9f00f70a16e31b02ea96111383041b9c9cd1b7e8e8eb1d7bfd38f658b5def3f0fd78b9d598990f5e97b4b4f2141e8baa8441ef3fcb7d9821d1dac100c7b976fb1da3081292fcd0f814920046b7fcad79597e7e33b9ba5275774a7745ffdab38140de46c587dec711fb91cecec589f9f5ed621194861ff3a08084b16daf001775e4916c3fac7b5b7b4f6eefea995560a6829ed843919f3ff2d474d8b1adc9033d5c4b0910874d462d521e6d2d93144e1725f037c752e7bb2924d810504bc4849dc2d64f48769d5f1d0979bbfcde246712484a26caf030ac11e99463952e8daba55264b2da7735409bac47fd4ab8007395118f83f7eea50bc1b5934d53494d5add9af6c2549f3a32916d4886ceec6f7036cb49dacf8de3ae1f68979ed780cc1900cbf184178d40eb975cc5b4dbfb3df402e46775e71fd72a6913444844fc56114870e60bce27f3c0436981a1bd7c0a4508e315cf9d4d717afb6cca02e246719f9e0b637e479557b4ae759e5cc1a47bd1035fb85107bd95403532828c3564a0d616c055d1e33204f374f99f806bd8ec8a6a77dcbc60760cbc90d96ca1029d081ea70e30c465f8573022f7f57aeb01aac9c0a4189b4fdd77c63b5abd83117cf703abc9c39bd80c712621799b4e142a3e46baa390c5a84fcd12586607629edb25c5138d57330960a95b918e23d21eb25f588b16834824f53f062404be16cc900f9e8c6044e10d7f98c1d99254ea59756af6735e06d3a6728999d07069cd961155efebeece1798c3d34ae5bc49e2f40c9543be7710e04843debb3229027f9b2320c7daa3e801524ef07e3dc541aa4b3949994c99f71a2f08d6f5d0a809be776b96c7d419da2fd670688465817ddd95f6521e2c6fc35c6722b2d3b1e76bf70290987cde7c199df990cce3d7e9f774a043e04b6a58af95ad60da36c55fbaa048255fd7a80d8fef5f5d46f4d132e9b3590f3a7168158c647e204acca76d7f3b7ab5b52c0a9eeaee132ea489c1cd197c48ab76fce10ddb6821f7f011a6a62af8fd1431b42b5c1fd06223ab3861b745e20bf44bcc47a255aad4a8a0ac300656e58fe7b59cb4d61fa3df723b5c683261dba9e0ee16b48c981c43f52ab1e6b1a2a5261e0a08b959ad5f5a33c196a34a3c56abca78783826158907c97ff5348a1fef1181b84a962329eb578d946a678a165d279ba6c5e96a37dfeff74ab223d112a4f388941724336c5bb9593b7853293ec89ad6dbdd931df4a9adba2e87ecfd20556e520f62da2de3eae9b81e4a30779c47e24094ab5135f200adc0cb25f72c223c60f66538cc50646dcd91212da04701681c526a68babdcd1d3cc0d842619b45dbf9daaed88cdb83d409d5e4f94235ba30dfe696c88bc2fff2abb86ed9bc44595ed0f9818dbd46efceaa26fb751b463696d1d9aeac2bf81870466ed03c11de68588f0402e2ca8866cb932bd8c394258141e72aa18630dd616f71473876a725c58358a0e489d088187018c51b4c2b820fc6df6454c4bc5a1f559f175619fcaabccb21c18f9bf58f692ef9a1250173585c3e9160da3351297b5ee09693b86f1590e2ed272a23263e5b355f78b9244488bb6c1a5e8f17753b1702ce32f31bf8bcf6c4d9f0c6c7bc51359d7d80f5043426e02451f3a5cdd9fb0e3c3eb863507342e7277b13186f5f4947444fae3ef8fb48c66d75aa8fa1d2c37a9366949701c5aa0578d3a32a4e7294ed939da5553dc3ef78dbc25be8db484027eb06bcb996d0be2cccd178536534a550e983689c46b3a3c90992c144fbe65cdc8d3f746db0d4c5f68ebc21a156a9abe767dd9d53b16f0b81b167c9856af856fce4ebedf880211360fbf79c56bc252bbb848e25c10a43c0921e2ecf9dd597bbe03a6808e6c1f2567afceb01187010cc2a71793a5fb7d1429cc8bf6d8dd73e5b3a3dc79a4d6507da3dec1656fd9f1960cd4ac11bf30bfad0f13ac3cb4deeafce4a9f3a7a3aafe5f72dd17a14673861128a61468fd9a6662513928f5268fefdc1ea4d66ed76298e540601a60a3e4bf103e665c9c322dada89900ec311e8f1d98729374b9a6062ca0dedb9f619c1b3e54f1f23fca21cea3af472a05fbf70bd6c773e8b4dbc2d323af444e72dd1bec2f92c2b01931506fa0e6cf61f0d6613b4ab36a60eba5e9e9362e5e029fff7fa014c4aca9a2e60920e07d63e02d1168a6c0476b92438b5dfc54cb4d77b9c069202468c2af6cac0d74ac5eb4440d28e54d27f151e573cfcff8d4e9d1f7307a04d4b1c778a9a61538df21828ed4cd699bd3478294c70e04976718639ab1bccb240586fa516cd69905de18a891c1506c7dd2e6c7ac04e820982aa21b05449dba8552e76c83e536455b66621e5cdfd35ded91382706829889ca9c64122e035641eee5e8e56f0d3fe8beef971ea82a762804d8f656c52c6fc5d7b91e06b7c8d35fd450f3024cc78bff4beb4eb8569f818852136fefc41dd56ffbe05a721c94c9116773d1e9204bc1c42c051592b18a6dad39f98be076869ca06657a3cf594613215d562fde28ae5ace95799dc295365d48fa9dcc4b6ee213eb57267a81d4f01b60b650cf0e20a46c98de3a3a4c580a9d784e1da427e7721a38467a7f8f2a825b935f39977cffe91cfd933b3210796b2444c9c23a7e904ba0ecf1452c80ea7997e87e056e05f812a1e43fad58d17fb02e5422d48af5c9a02ab62108ef4eb8513b16d74024a280f4e645303c66ac3ce7319797decea66f2a66c4b27a8bc9ce2b90e4e5ef9dfbcf1d153e8447b18edeb9fa2f1f62ca9b894b86e4be0f6d3bfd6990e601f56f022a723d2ef597662e1a6304873ebe4dd7ac3f6e2ea94a4bc1956e41c8fbd8249896d986d2096242abab458af0a15650ef8ef6b99927c5ea56f2cceb1191f809c946d222cfcd14003cd0457832b17aefa2719c6700d5c21a7b9e3597fa6438f1bd3eadad34bafad6c2acdaeb126c8c1743f7d5802e6b02ea7e9acbe7b8647db067d801a46aa7e6614ff11b58bdcea9ed02ddea8f06e6c96a9113196ba4e4de87e6283332aa0dd2c28f61188bff8e3f4cd9973b9dffe09479a54839719874463c4da4364d382acd66a493c57a2163ff317688f3c4b53d052638a46d62356b49a6464f16409ea3d3fd199e9c942bb82c7131c2dd22aca59dab4b409b851f35a55c1c075fe48cc2d7b7fffc4dd50db9e8bd1b061293d65898b36c72b81e8ad9252ad0bde284ca940b68a7a169cb2f5934002a1a2e62506f6d7470af028678d5893bbffccddf7888bee4928069f4efea874fcff6b598fa88ec1bb704a3a44c82a57c3b69fd9bb3ec237a701b20bde90dd327b6db131ca915156cf25776ec52863d75378eb899ac3381949c08087820b2f05d27ed74a20bc24ab6ba96043db514fe8815b137b9257f838cffc771616541b12af6c93c1e89d18854977f7c79414f5e4d6d7e03d37c391ae1d1afe6b1bfb6196e24c0bf6e93b2a95d9126ee59d95afb7c3160a4f057f17015a0a3c8b12cf8a5c83692f00232e4cf54e793368412312632694464c2615afd6e2bfb6eefa7f3c09a26bd32160695b2266f503863ad4ede8b3d10ec58c312bf44f053a44fb668a8cc9afb23a6364420d537d2324eb11ef62fd048306de79820fc522aa931a6dba024c40a83b29d87f6fae1fc1050f6e5598a794233e48e91ef1a361b092be20bd07c287bd82b45fd37e410df5ce8b8c2326cbe8f61e6250b57c01838e1668da9d62c042e4851c1711ed78768f31a0919bbbaa3fa0f436f1fc28786000e36ef2f03a0fab119388fe899ff2a345f6bc69d326e68a37671d983a74a01726b8ee5cd67a14543ff323f7e23997c9d979e163d678146256429157a14f94ead7eab288348fe591cefabd7205b0229b90e6c960b808cf069c49b1004a75fb6001f3512517e00caa5e163a2f6d3a3b7646d0664ee300d3e5c0a6a40d4fc56b935ca59c7ac7f541331d4a296c839f7e95db6d9bbff0eee1cb03bc24a0a413a74d3665d07dd8f28f2ae6add1385436c3cedb0c8674b38bd2c24ef1074753ff5f72ed21e09dfa274908cd50a3d27445b8dee3993050836a0390affa2c05166de867aab8c41ecc25c87ecf2b155937fc8701abf5a3c16e49629d20dc1da7f55b158f05de30491688bb059930acc5c3a798c29a45bb994ac3e0af74dcc24b2620a1a4bf148789ac5e84a7cc02086eeef9aa1775ebe1522439e30feddab65c013bfa18415b750079a8e6ebbc76feb6030cf8f52ea34c0260c5daf91d5152b5bac5bc99a1b73ad473576552d884e6c98593fdf32796085719fec7fce795d9cbdd7a5539d162cbd7e5c54cdfecb9e1dea318d7da88fa4b4c328b0b4b8212b9307ded99bb10fe2d261c745810cb36da61a5f29cdaa57798f2e10f96c5670cc3711f36f68abdd57bc27e55e7a5f3af6a5279baf462f927f6de86ae0857de4991dfd6b35af313ef0fcadd5d19c5db136e7e0279db1b8c95caa381c92a5b75ad9497690d2f3194c6535dd3ba9a0ad84aa48d07a37ad694154c85e1be2cde43e229bbc777095965587668910d4bae22393ca5b9773ea7734aa0baa068378ab62e62bddaf08d282deeb67eb4f48cc79509e1d84989b28959e1fd10cc23e897efe378faee8b7cf9d89d964c3c7070fc8c964fdc55ad78f2905e111e0b69e1acc9e62d113e25ab14ac15e2eed13e52f7e00b8dcc0565442ea3c2d6a24ffa3793227e11831e37f3afc54b727fcc181cda463f94cef090792a91ea5ee53edb8ae45a7c3724e79152aece06aca0e2eda9f4eb912c20bb4abd4d5b14246ed3424bb84c97bcba17e55e511885a2cec3c7d11591f7a6256f45592650bfaef0a9cf181d820fc40291a9b711716d03a3a610e410f946d5e8de2ccbfa3e2b3b06d9a67ce90bdf92088c6716680884b336bd3ac6ea2ee7b49e017045fce295a909d2a4adfb984e3e5303a1ded95037697ce078d706a5cb77aaba61f2291dd1a024c81781ada3a2a1e7335f18c8578a3b13a9872981d89cb93c92875e174f9436d1002d1ff5d95ee175fd0752281727d7bd7c9001adbec2450c1ae84d10f08d681728b44e30c2a6679f080f8d858a28d3404b36e5e40a21342490073d2253014de345a7112a2b98e54f94ad3a1ae1dcbed24ca43e63794135ccc8d5847a44d66dc6afaaea818ac56d09ab00848ea026ec0a34102228623e665fc2ffbfd74b53c1e549df1353385b382402f9006a148de5bb74f1dfd3546c616a052e8", 0x1000}, {&(0x7f0000000380)="91a5fe4a34ce65b1dbcc7e52fc4b779dfa9fda96cb14c608876320bb380ca0f800f6339d4b582a533c0b78b515c6359ebf2508656ec7a891f06bc30cceebd6b7f2aeaeb461ad45ca44a62e0a7d99396ff712f83df522259e8483fb98aae35bcdd94101cd1c6557d63f24870a3abd0b36fc5fcd7ee5bcb322f15f4aafd3baed562c7d28825a41ab7cc11802ffc98007b0fb70c2d0ba58bd33aa47ea118ba98d7777749af6433ced5d7731c22a00d0115cfe95d7a53b6a39dc07b653afd0d9fca78f2faca3c2e40f8499", 0xc9}], 0x5, &(0x7f0000001c80)=[@rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r2, r3, r4}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r5, r6, r7}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @rights={0x18, 0x1, 0x1, [r0]}, @rights={0x28, 0x1, 0x1, [r11, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r12, r13, r14}], 0x160, 0x20000000}, {&(0x7f0000001e00)=@file={0x1, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000002440)=[{&(0x7f0000001e80)="c150f1ccc44b300fcbab08343bc4a81fec12e4cafdbc4348d432f85ec9bb1f03172e061b29ae3269db5a76280bfbea9fe1440aa06ca5d9773ac8cfcb1f162325f35b6e250b0675a4ddbffca9e927d5c3f84dacdf84efdf333236560e4a78971fc74b95124c71462ea5fcd75eaa8519bc4f9028650a119351e90d4f2780caec5eea7057f0345afc8c5635f7b95585a2e9fd21228c10c6aedbcdebc9759438893b46bb23989fe5ce12dd0ebc77e84f349a0e92d36571818061519037fd50df92fd1049741ff46680c15525e58fa3", 0xcd}, {&(0x7f0000001f80)="c6ee09949287771ddf285398a7b6f5305c4eda37bcfd3d4ba76bcc3b46b76144ceaa0963da4baaf82da4de4452ca3d1b6544374b5a99f26bbf715566a4cae35f70a37843a07b78addd5596f0ae62464141585b09f7c23ab1666e73b77c596165025ee408471df6cb97c1b2999bb01535a7aa1840696eea8b962a5cb92f15cfe9de124a88eb4d8d61b7505a8115abe9f056caa8491ca154aa38f166e19ef85b0440ac3fc20aad43b4831b02740920d586e9cdac8ebe3db04cfd8ac515067b309bc65a9100869cd81de09cdace5ce194abe08d06249fe00015d80875bc528cba277c2eccd38f2b5f", 0xe7}, {&(0x7f0000002080)="482776f88f32cc9f9260beb09e5157ebf7eabd09a0db2754373590aa513dd67e24fa1e9ea43486649b153ef046b59cf0fc4617367fe9f3017d77b978490df8d340fb4f8d4b567262ecd35c90bdbcc656dfeeade3b43747c39186d0fa8b3e495b5f39e39739a88ba0748f0070898c3b4f9a2fcd93e2731d7f7e757eb17655df751a510a5c881b6b766543", 0x8a}, {&(0x7f0000002140)}, {&(0x7f0000002180)="7057a0070421a04f24cf33dfa9cd6666b34f0c63628fc09a9cab2e04174c377e9d2c63588fbdd95308dc69ae7346d9e59d7f6ae9c4aa5a185e1b6fb35bebb9dfac90dd922a80040a75682ed74cfb63162786c55a91351c9f558f22c8b60b8d127cfba09883b883b657a42e39e5a88fbf33470e5f8407cb23daefc7c4df1f00718ed0872086217ea9ee1c2fbbc5c8c131a241f946123dd48c3a12c58f25c4054dc92db41cb47323461d8486bea24eb6f49069dcc6bbab6f09253abda00f595d1820d5e1fd7238dd80f180f4bf38ce113d1d17e616ebfdc24635580c06a5c4600bff9e8144c88768216e7aaa082288e7a66c63", 0xf2}, {&(0x7f0000002280)="d7838812cf6b59b5317cefc2fc4a415597c2becde9157fc91d48c0ed1f1436e55ace5fbbb469067f3a43bfd22625a572072c", 0x32}, {&(0x7f00000022c0)="0b3f2372a493c4e45cf2c25306f1031a95613873a536808b4c0bf222661d0c", 0x1f}, {&(0x7f0000002300)="bdff77fb78e285776e43762ddb963ab220806f41bae6efad52e3", 0x1a}, {&(0x7f0000002340)="a704067d68daaab40499eec9cc5521ae2fa1740d214d775687fd39f725adeffe7c62cf64862e8acf8c63b5f4aad3fb29a7f60592bbc8be7902780e2f2d070e4c8e6d6f5395a3c616c29c222e650883799507cf26aa8aaa5d824fcbcc99df9918486696855406902f3bb989a269fd58f6026aaa1f84e0b26fd72069291502a31f8bd9e99b6d8d9db1f7", 0x89}, {&(0x7f0000002400)="8a24999fe36cbbef86098fe8f9683d849669aaba69566d7c144de3132e7a8ae7963d4691e3e219302fd5e8dc59da048643fe02e3c80f06", 0x37}], 0xa, &(0x7f0000001b00)=ANY=[@ANYBLOB="2000180c8a00d8e50000000000000000000000000000000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r15, @ANYRES32=r16, @ANYRES32=r17, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x98, 0x10}, {&(0x7f0000002700)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000002840)=[{&(0x7f0000002780)="3eb9b5460f4942a0b1ac6cf1f6eb83371b2c24e4de8783aa5176d0c0bd2f6d9ab8620e719a5895c1ead43a8a76886b0f46d23cfe7b2eb26b6dc19315badd199f95f5879843692dc3ff765e5ad2a3d5191ecffe8c3bfc4b5e7455e47053ec418213daf863a0e36c40864d18e5b030ac475a2989847975ab59c64f40a67b3108c3aa225c15e1f31813fc61fdb362b645cb643f404d1307b3d973", 0x99}], 0x1, &(0x7f0000002c80)=[@cred={0x20, 0x1, 0x2, r18, r19, r20}, @cred={0x20, 0x1, 0x2, r21, r22, r23}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r24, r25, r26}], 0xa0, 0x40000}], 0x3, 0x4000004) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r27 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r27, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:19 executing program 3: socketpair(0x3, 0x7, 0x1a, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000080)=0x6001, 0x4) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f0000000180)) accept(r1, &(0x7f00000000c0)=@ipx, &(0x7f0000000140)=0x80) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) 03:40:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:20 executing program 0: openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x15e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:20 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x3, &(0x7f0000000480)=[{&(0x7f0000000240)="eb03b6904de629a246e69fd8a78e82ffa83e7bb02ac5bd556428b59f62e8d8823f49330e6fa3b2a293c1ab9bfc4f01fc82388ffecce156b76f1c8bc8a83b3497772d58fe35cba8b4043b9005e6308e1683908c8baddcfc49fc0db5504df4b8b380f92d2d6423f6bde8d68ddf532a6391d36fbe9b9817e5dd2eb6d106921b217088160d5e5b3500c075eaa479882872e8f8ea6e873cfd43b29f5d431931ea1b767876b268e00406cd57cd46360fd903731efe3b65b8c75627bf0b5c64573fd14137", 0xc1, 0xffffffffffffff80}, {&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:20 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfe80, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:20 executing program 3: r0 = socket$inet6(0xa, 0x800000000000001, 0x8010000000000084) bind$inet6(r0, &(0x7f0000ef8cfd)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000000)={@ipv4={[], [], @broadcast}}, &(0x7f0000000040)=0x14) listen(r0, 0xffffffffffffff7f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r1, &(0x7f0000e33fe0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x9, @loopback={0x0, 0x1}}, 0x1c) 03:40:20 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='erspan0\x00', 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:20 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) sendto$inet(r0, &(0x7f00000001c0)="271376ffd974316dc2b9e21ad6d984feb625b4867b2967cd0c48aecd6fe6e6bc611d2e26153514bbd032bb346a828f91d704f8ccd34238a0ce347ab974f2a98c28fe8d9c115ca5404ead93cb61e84d0852815aea4e6af60d91925081eb10826f07f782bffc76c5f0d39ed7d86eecf87693a3f949d3208869f5c4df1c9d082514e7de00ef05a8cd1d6d36fe488029cdb0f9013ea5bb04d64c6e66143c023c2c", 0x9f, 0x4, &(0x7f0000000280)={0x2, 0x4e20}, 0x10) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000080)={0x2, 0x8000, 0x0, 0x401, 0x0}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000100)={r1, 0x101}, &(0x7f0000000140)=0x8) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:20 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xe00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x195, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2698.662126] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:20 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:20 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$RTC_VL_CLR(r1, 0x7014) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000080)={0x39, 0x3}) 03:40:21 executing program 0: openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:21 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x2, &(0x7f0000000480)=[{&(0x7f0000000340)="dbb703c0f59f762cf38fc7563ff7a79b39d6e468cfe5b05d96f97a7495cdc64fbb8eb8b2e38d71d10871dc1efb44fde7666d3e35a33a4724f09652130c7a176d856b0942daf62e4a3856de853da780b50164123ccd2b05d5ed91d684bdc9278b8a5e23ffcbedb814bc129a126da876e37bb1d6573e5a3cabb0bb1bf9fd7e8a42df17adb5fc50fbceff7a899408f3fb", 0x8f}, {&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:21 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000200)="025cc83d6d345f8f762070") setrlimit(0x7, &(0x7f0000a9cff8)) pipe2(&(0x7f0000000000), 0x0) 03:40:21 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x14d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:21 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x10, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:21 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat(0xffffffffffffffff, &(0x7f0000000100)="2e2f66696c6530000000000000000005b400", 0x34081, 0xb4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000400)={@broadcast, @remote, 0x0}, &(0x7f0000000440)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001580)={{{@in6=@remote, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000000480)=0xe8) setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000001680)={{{@in6=@ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @in=@multicast1=0xe0000001, 0x4e24, 0xedd, 0x4e24, 0x20000000000000, 0xa, 0x20, 0xa0, 0x2f, r2, r3}, {0x100, 0xff, 0xfffffffffffffffe, 0x401, 0x1f, 0x400, 0x100000001, 0x200}, {0xfffffffffffffff8, 0x1, 0x5, 0x8}, 0x80000001, 0x6e6bbd, 0x3, 0x1, 0x1, 0x3}, {{@in6=@remote={0xfe, 0x80, [], 0xbb}, 0x4d2, 0xff}, 0xa, @in6, 0x3504, 0x6, 0x3, 0x0, 0x1, 0x500000, 0x8e8b}}, 0xe8) r4 = fcntl$dupfd(r0, 0x0, r0) ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f0000000080)={0x2, 0x0, [{}, {}]}) sendmmsg$unix(r4, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:21 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000080)={0x1ffe00000000, 0x1}) 03:40:21 executing program 3: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x2) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20008000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x100, r1, 0x2, 0x70bd2b, 0x25dfdbfc, {0x2}, [@IPVS_CMD_ATTR_DAEMON={0x18, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote={0xfe, 0x80, [], 0xbb}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x100000000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_DEST={0x58, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xffffffff}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x556d}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xb0}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@local={0xac, 0x14, 0x14, 0xaa}}]}, @IPVS_CMD_ATTR_DEST={0x64, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfffffffffffffffb}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3f}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xfffffffffffffffb}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xb79}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x40) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f00000002c0)="025cc83d6d345f8f762070") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x10bd}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0xa, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x0, 0x1, 0x50}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x1, 0x3bc, &(0x7f00001a7f05)=""/251}, 0x2e) 03:40:21 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x500000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:21 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x11a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2699.584318] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:21 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x1, &(0x7f0000000480)=[{&(0x7f0000000400)="90344e0e18f59064950cde22e3df2a32c23d91a469c4c3ca877b540de011fe1b9426cc501748350ae80b2724a006ddb379d87ee62e9ea2304bdbac5e399fccef520e94ef61f15b2c016a422dd335ca829978c338813d3416fb0b67c46a25e912b38628bfafb02b19a1f96ea7725468ceae63fb87f83bbb06a0d9a6334c8998", 0x7f}], 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:21 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x7, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2699.755960] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x380, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:22 executing program 5: r0 = socket$inet(0x2, 0x800000000080006, 0x100000001) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$FOU_CMD_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="44000100", @ANYRES16=0x0, @ANYBLOB="000427bd7000fedb0900000000000400050004000500080001004e240000080002000a0000000800040001000000080001004e220000080001004e220000"], 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040000) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f00000000c0)=[{0xb, 0xb800000000000000}, {0xb, 0x3}, {0xc, 0x5}, {0xf, 0x2}, {0x3, 0x100000001}, {0x8, 0x1ff}, {0x3, 0x92c}, {0xb, 0x20}], 0x8) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:22 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x0, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:22 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x111800, 0x3) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001100)='/dev/zero\x00', 0x4000, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000001140)={0x0, r1, 0x1}) r2 = socket(0x40000000055, 0x805, 0x0) getsockopt(r2, 0x9, 0x5e0, &(0x7f0000000080)=""/4096, &(0x7f0000001080)=0x1000) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x40, 0x0) connect$vsock_stream(r2, &(0x7f0000000000)={0x28, 0x0, 0x0, @reserved=0x1}, 0x10) 03:40:22 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4c4fb7feff47be88, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:22 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x200000, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:22 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa00, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:22 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) socketpair(0xa, 0x80006, 0x2, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f0000000200)=0x100000001, 0x4) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@setneightbl={0x14, 0x43}, 0x14}, 0x1}, 0x0) [ 2700.495255] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2e9, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:22 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:22 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x6, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:22 executing program 5: r0 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000100)=0x80, 0x800) r1 = socket$bt_hidp(0x1f, 0x3, 0x6) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000001c0)={0x10000010}) r2 = socket$inet(0x2, 0x16, 0x1) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r2, 0x0, r2) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2af, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2700.642593] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:23 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x0, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:23 executing program 3: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) ioctl(r0, 0x5, &(0x7f00000003c0)="56d4953be1df3af52e2929268e2e114e59f47ac9122b3418fc1dd53941cfb38f02ec8f03fa8a86a2bc672b520ffd38") r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x100, 0x80000) syz_extract_tcp_res$synack(&(0x7f0000000400)={0x41424344}, 0x1, 0x0) syz_extract_tcp_res$synack(&(0x7f0000000080)={0x41424344}, 0x1, 0x0) write$tun(r1, &(0x7f0000000880)=ANY=[@ANYBLOB="65f4ac60020e7f07ff020000000000000000000000000001000000000000000000000000000000000022000000000000c910fe8000000000000000000000000000aac20400000009c20400000843001e460f090fd32c48688b4031634490f02db12cffc9aa3af35301beb2db03ca05020004c91000000000000000000000000000000001c204000001ac142217323d0040feb5bac9234467d5ef9ec8146c87cbe43de05c9035c028b664823cb2ea898bbffacc3094939b440d18d5ae095a8478eab3630d5960a1deb94846b4c8273eac62413919ee616cec6fd364a9c5293c49e0cc2a378099f362598577950c5e5778432567d02c969ed2aeff3f49bba500ccd5c3ef71e1e2e3e2e734b28ab2fbd1df78cfe6b4e0c642625799b93409f24632ce5ae58ab83cf5bcfe40326c52b206ddfc1ab2eb24c5c77a94b6a37620b1a031640aaf25b32b6f19c2040000000000730e070000000000040106c910ff0100000000000000000000000000010738ffffffe10c06056ad9ac879041a9c500ff0300000000000006000000000000004c41000000000000070000000000000000000000000000010000000000000003010007000000000000000600000000000000010000000100000005020003000000ff000448670000001101000000000000010700000000000000000000000000004e214e23cc94d6b297c8890653aabe1477e816b2d725c170b2bec37f0a1cdcb2e9f2d6e0ff2f5f199c49917897982e0e3056030f0cc9243c43ad95ca9f50fdb9a6bdf53fa79e363dd25449304159512d9af1521529f13207d71ef944235847f9b66bdab9b210af9f77fa8c83e290088ef0e72350f073f1994eeb306deff0985e722449fff8c2ef2ffa5961e9eacff6074f5bb7361320eeac5d97f8b8a33ca187a294a657d5d235db1b8b889408c65f6acc9a3dfd86035cbb079d637395ab7603b724af103fbbc60e91e8b59fc1fc72063ca3613492036538a9e24f40a622b6752966b56a066ee846ac07a64cfb65b39cb897946c03cd71cbcfddeeeeb8113d08222d019cb2e1348bafe2cd95051e23dbe60e6de6f8b09f58fc99d0c215009933583b5e51f9", @ANYRES32=r2, @ANYRES16=r2, @ANYBLOB="70c2000790780008fe06e2d4c3d9000028159ebfab6d9396a9117a18d3576658c3326545352dc755d7f8c1e403031e34a5260630a510cc343ba3af0b956969b7644c"], 0x4) r4 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r4, 0x8913, &(0x7f0000000280)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00') setsockopt$inet_mreq(r1, 0x0, 0x27, &(0x7f0000000340)={@empty, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x8) syz_mount_image$hfs(&(0x7f00000004c0)='hfs\x00', &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, &(0x7f00000018c0), 0x0, &(0x7f0000000040)=ANY=[@ANYRES64=r3]) write$RDMA_USER_CM_CMD_JOIN_MCAST(r1, &(0x7f0000000140)={0x16, 0x98, 0xfa00, {&(0x7f0000000100)={0xffffffffffffffff}, 0x3, 0xffffffffffffffff, 0x1c, 0x1, @in={0x2, 0x4e24, @broadcast=0xffffffff}}}, 0xa0) ioctl$sock_ifreq(r4, 0x8926, &(0x7f0000000240)={'syzkaller1\x00', @ifru_addrs=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x40000}}) ioctl$RNDADDTOENTCNT(r1, 0x40045201, &(0x7f0000000300)) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r1, &(0x7f0000000200)={0x11, 0x10, 0xfa00, {&(0x7f00000000c0), r5}}, 0x18) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) 03:40:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfc, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:23 executing program 5: r0 = socket$inet(0x2, 0x3, 0x201) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:23 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:23 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x25c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:23 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:23 executing program 5: r0 = socket$inet(0x2, 0x3, 0x6baf) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x8c28f4fffe3571cd, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xa0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2701.453785] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:23 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:23 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) [ 2701.525944] hfs: unable to parse mount options 03:40:23 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e24}, 0xfffffffffffffd39, &(0x7f0000000080), 0x100000000000010e, &(0x7f0000000480)}], 0x49249f6, 0x3) [ 2701.585653] hfs: unable to parse mount options [ 2701.659886] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:24 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x0, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2f1, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x3f00, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:24 executing program 5: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) ptrace$cont(0x9, r0, 0x800100000000, 0x9d) r1 = socket$inet(0x2, 0x3, 0x32) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000100)={r1}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001e40)={'team_slave_1\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001e80)={'vcan0\x00', r3}) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r4 = fcntl$dupfd(r1, 0x0, r1) madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x13) sendmmsg$unix(r4, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:24 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:24 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1100000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:24 executing program 5: r0 = socket$inet(0x2, 0x3, 0x200a) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) r2 = inotify_add_watch(r1, &(0x7f0000000080)="2e2f66696c6530000000000000000005b400", 0x4000d01) inotify_rm_watch(r1, r2) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2702.412241] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2702.436352] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x20b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:24 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2702.578942] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:25 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:25 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xf306a3feffea5c7c, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:25 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x480000, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x420080, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)="2e2f66696c6530000000000000000005b400", &(0x7f00000000c0)='9p\x00', 0x9010, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdjo=', @ANYRESHEX=r1, @ANYBLOB=',nodevmap,mmap,afid=0x0000000000000003,afid=0x0000000000000006,posixacl,nodevmap,privport,\x00']) openat$cuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cuse\x00', 0x290a01, 0x0) r2 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r2, 0x0, r2) connect$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @rand_addr=0x800}, 0x10) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:25 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1c0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:25 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:25 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x18, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x295, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2703.422255] REISERFS warning (device loop4): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2703.422255] [ 2703.439096] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:25 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = accept(r0, &(0x7f0000000080)=@nl=@proc, &(0x7f0000000100)=0x80) setsockopt$inet6_tcp_int(r1, 0x6, 0x37, &(0x7f0000000140)=0x7, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:25 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@expose_privroot='expose_privroot', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:25 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc650e8feff7439f0, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2703.588221] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:26 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:26 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x55, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:26 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:26 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x900000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:26 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x2000, 0x0) r2 = fcntl$getown(r0, 0x9) write$P9_RGETLOCK(r1, &(0x7f00000003c0)={0x37, 0x37, 0x2, {0x2, 0x0, 0x0, r2, 0x19, 'user^^^mime_typetrusted:C'}}, 0x37) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x6, 0x4, 0xec, 0x1, 0x90}, &(0x7f0000000140)=0x98) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x0, 0x0) openat(r4, &(0x7f0000000340)="2e2f66696c6530000000000000000005b400", 0x2200, 0x143) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0)=@assoc_id=r3, 0x4) r5 = fcntl$dupfd(r0, 0x8000000000000000, r0) sendmmsg$unix(r5, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) r6 = open$dir(&(0x7f0000000200)="2e2f66696c6530000000000000000005b400", 0x400000, 0x24) fgetxattr(r6, &(0x7f0000000240)=@known='system.posix_acl_access\x00', &(0x7f0000000280)=""/111, 0x6f) gettid() 03:40:26 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:26 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfc000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:26 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xec, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2704.414454] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 2704.424739] REISERFS warning (device loop4): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2704.424739] 03:40:26 executing program 5: r0 = socket$inet(0x2, 0x3, 0x0) socketpair(0x4, 0x80000, 0x100000000, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000040)={{0x7fffffff, 0x2}, 0x20}, 0x10) ioctl$FICLONE(r2, 0x40049409, r1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000080)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x4924924924927d2, 0x3) 03:40:26 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:26 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2704.597216] REISERFS warning (device loop4): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2704.597216] 03:40:27 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:27 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:27 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xf5, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:27 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x600, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:27 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:27 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) ioctl$sock_bt_hidp_HIDPGETCONNINFO(0xffffffffffffffff, 0x800448d3, &(0x7f00000000c0)={{0x0, 0x401, 0x4, 0x8, 0x2a31, 0x8}, 0xcb9, 0xffffffff, 0x909d, 0x81, 0x6, "0a307b7ad519c90696d1330d7d725901ecbc17a76480007e831937e34794df89f6deaf8c8421b943b73c717765e702de81167538f45a1405b155a6b3236dad37501875d7bf12b5adcb6e3ac3c5cfc5986c4995b761f5ab9d5a459bd2e7d53226047e4576ce8b7a47c26dcfcf5ad67bbcc1f053ee3e033994b5e050ca5cfa0ece"}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:27 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:27 executing program 5: r0 = socket$inet(0x2, 0xa, 0x1fd) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000100)=0x54) r1 = socket$bt_rfcomm(0x1f, 0x3, 0x3) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r0, 0x0, r0) lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = getpid() getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4={[], [], @broadcast}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}}}, &(0x7f0000000440)=0xe8) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getpgid(0x0) r8 = geteuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000500)={0x0, 0x0, 0x0}, &(0x7f0000000540)=0xc) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000580)=0x0) stat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = getegid() r13 = getpgrp(0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000680)={{{@in=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in6=@mcast1}}, &(0x7f0000000780)=0xe8) getgroups(0x4, &(0x7f00000007c0)=[0x0, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff]) r16 = getpgid(0xffffffffffffffff) r17 = geteuid() getresgid(&(0x7f0000000800), &(0x7f0000000840), &(0x7f0000000880)=0x0) r19 = gettid() getresuid(&(0x7f00000008c0), &(0x7f0000000900), &(0x7f0000000940)=0x0) lstat(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r22 = getpgid(0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000a40)={0x0, 0x0}, &(0x7f0000000a80)=0xc) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000ac0)={0x0, 0x0, 0x0}, &(0x7f0000000b00)=0xc) r25 = fcntl$getown(r1, 0x9) r26 = geteuid() r27 = getgid() sendmsg$netlink(r2, &(0x7f0000000c80)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)=[{&(0x7f00000001c0)={0xa4, 0x34, 0x311, 0x70bd25, 0x25dfdbfe, "", [@generic="4b9528bcc0bda77da0caa5ab7128506e17d6dfb331391453e2ced85e2ee01308239347af2db68a4e8e87dd8f7b824a5f37f10cfee755746a8e18ed44f5ef10fd430f9a3ab83a2827bd558d8a987937f4ff5b9814a4debcd25a0b06a41eb39cde0b9df7e4cadbbd3ea89794e67e2c4db5e58434e7487e5ecabf5d37cccf072a8778258829b51d96", @typed={0xc, 0x86, @u64=0x5}]}, 0xa4}, {&(0x7f0000000140)={0x18, 0x10, 0x200, 0x70bd28, 0x25dfdbfc, "", [@typed={0x8, 0x0, @uid=r3}]}, 0x18}], 0x2, &(0x7f0000000b40)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @cred={0x20, 0x1, 0x2, r16, r17, r18}, @cred={0x20, 0x1, 0x2, r19, r20, r21}, @rights={0x18, 0x1, 0x1, [r2, r1]}, @cred={0x20, 0x1, 0x2, r22, r23, r24}, @cred={0x20, 0x1, 0x2, r25, r26, r27}], 0x130, 0x8000}, 0x1) sendmmsg$unix(r2, &(0x7f0000000540), 0x0, 0x0) 03:40:27 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:27 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:27 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x97, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:27 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:27 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x900, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2705.401940] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2705.407783] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2705.407783] 03:40:27 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) [ 2705.506384] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2705.506384] 03:40:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:28 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snapshot\x00', 0x27fe, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='ip6tnl0\x00', 0xc5) r1 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r1, 0x0, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000100), &(0x7f0000000140)=0xc) 03:40:28 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2bd, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:28 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x0, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xf03974fffee850c6, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:28 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@nouser_xattr='nouser_xattr', 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xb0a3d2fefffa6c60, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x211, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:28 executing program 5: r0 = socket$inet(0x2, 0x3, 0x5) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip_vti0\x00', 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480), 0x0, 0x41}], 0x1, 0x0) 03:40:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1e, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2706.345346] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2706.361579] REISERFS warning (device loop3): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument [ 2706.361579] 03:40:28 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@commit={'commit', 0x3d, 0x4}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:28 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:28 executing program 5: r0 = socket$inet(0x2, 0x1f, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$ASHMEM_SET_SIZE(r1, 0x40087703, 0x2) ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f0000000080)={r0, 0x0, 0x3, 0x6, 0x8}) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x309, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2706.471326] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2706.489247] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:29 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x0, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x81934fffe1f3ddb, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x258, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:29 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f00000000c0), 0x0, &(0x7f0000000480)}], 0x4924924924922bb, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 03:40:29 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:29 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@usrjquota='usrjquota', 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3b2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x500, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:29 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x2, 0x0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:29 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@hash_r5='hash=r5', 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) [ 2707.299250] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 2707.319668] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x12c56feff1bbb1c, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2707.405746] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:30 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x0, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:30 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:30 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syzkaller1\x00', 0xffffff90) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/udplite\x00') r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1001010}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x7c, r2, 0x11, 0x70bd29, 0x25dfdbfb, {0x8}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xe8da}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local={0xfe, 0x80, [], 0xaa}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x9}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8984c49c230c8e42}, 0x4) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540), 0x49249f6, 0x80) 03:40:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x272, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:30 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@balloc_test4='block-allocator=test4', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 03:40:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xd9c6a9feffdbdbc4, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc4dbdbfffea9c6d9, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x136, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:30 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip_vti0\x00', 0x10) r1 = fcntl$dupfd(r0, 0xffffffffffffffff, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x1, 0x0) 03:40:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xcaaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:30 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) [ 2708.264376] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 2708.286371] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2708.354815] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:31 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2c5, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:31 executing program 4: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:31 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0xfffffffffffffff8}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={r2, 0x10000}, 0x8) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1b00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:31 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xcd7135fefff4288c, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x20c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:31 executing program 5: r0 = socket$inet(0x2, 0x3, 0x7) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f00000001c0)={'nat\x00', 0x0, 0x0, 0x0, [], 0x9, &(0x7f0000000080)=[{}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x108) 03:40:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x200000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2709.196858] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2709.224673] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 03:40:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2709.257353] kernel msg: ebtables bug: please report to author: Wrong nr of counters [ 2709.292173] kernel msg: ebtables bug: please report to author: Wrong nr of counters 03:40:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:32 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x7000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:32 executing program 4 (fault-call:0 fault-nth:0): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x90, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:32 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@mangle={'mangle\x00', 0x1f, 0x6, 0x5e0, 0x0, 0x0, 0x3a8, 0x248, 0x138, 0x548, 0x548, 0x548, 0x548, 0x548, 0x6, &(0x7f0000000080), {[{{@ip={@dev={0xac, 0x14, 0x14, 0x10}, @multicast2=0xe0000002, 0xffffffff, 0x0, 'bcsh0\x00', 'ipddp0\x00', {0xff}, {0xff}, 0x0, 0x1, 0x28}, 0x0, 0x110, 0x138, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}, @common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x9, 0x2, 0x2}}]}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x195e}}}, {{@uncond, 0x0, 0xe8, 0x110, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0xc}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x2}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x1}}}, {{@ip={@rand_addr=0x400, @multicast2=0xe0000002, 0xff000000, 0x0, 'veth1_to_team\x00', 'veth1_to_bond\x00', {0xff}, {}, 0x84, 0x3, 0x2}, 0x0, 0x138, 0x160, 0x0, {}, [@common=@inet=@set3={0x50, 'set\x00', 0x3, {{0x6a35, 0x0, 0xfffffffffffffe00}, {0x4, 0x3}, {0x4e33, 0x5}, 0x169fed55}}, @common=@osf={0x50, 'osf\x00', 0x0, {'syz0\x00', 0x2, 0x1}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x98, 0xe0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x58cd, 0xfa5a}}}, {{@uncond, 0x0, 0x98, 0xc0}, @TTL={0x28, 'TTL\x00', 0x0, {0x3, 0x2}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x640) 03:40:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:32 executing program 3 (fault-call:0 fault-nth:0): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2710.121369] FAULT_INJECTION: forcing a failure. [ 2710.121369] name failslab, interval 1, probability 0, space 0, times 0 [ 2710.123552] FAULT_INJECTION: forcing a failure. [ 2710.123552] name failslab, interval 1, probability 0, space 0, times 0 [ 2710.132742] CPU: 0 PID: 2472 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2710.132749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2710.132752] Call Trace: [ 2710.132772] dump_stack+0x1c9/0x2b4 [ 2710.132803] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2710.173007] ? get_pid_task+0xd8/0x1a0 [ 2710.176960] should_fail.cold.4+0xa/0x11 [ 2710.181042] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2710.186563] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2710.191654] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 2710.196482] ? lock_downgrade+0x8f0/0x8f0 [ 2710.200633] ? proc_fail_nth_write+0x9e/0x210 [ 2710.205109] ? proc_cwd_link+0x1d0/0x1d0 [ 2710.209165] ? lock_acquire+0x1e4/0x540 [ 2710.213123] ? lock_acquire+0x1e4/0x540 [ 2710.217077] ? fs_reclaim_acquire+0x20/0x20 [ 2710.221380] ? lock_downgrade+0x8f0/0x8f0 [ 2710.225530] ? check_same_owner+0x340/0x340 [ 2710.229837] ? rcu_note_context_switch+0x730/0x730 [ 2710.234749] __should_failslab+0x124/0x180 [ 2710.238985] should_failslab+0x9/0x14 [ 2710.242766] __kmalloc+0x2c8/0x760 [ 2710.246302] ? strncpy_from_user+0x510/0x510 [ 2710.250700] ? fput+0x130/0x1a0 [ 2710.253964] ? __x64_sys_memfd_create+0x142/0x4f0 [ 2710.258790] __x64_sys_memfd_create+0x142/0x4f0 [ 2710.263440] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2710.268957] ? memfd_fcntl+0x1e80/0x1e80 [ 2710.273021] do_syscall_64+0x1b9/0x820 [ 2710.276904] ? finish_task_switch+0x1d3/0x870 [ 2710.281395] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2710.286338] ? syscall_return_slowpath+0x31d/0x5e0 [ 2710.291274] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2710.296290] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2710.301291] ? perf_trace_sys_enter+0xb10/0xb10 [ 2710.305942] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2710.310782] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2710.315965] RIP: 0033:0x455e29 [ 2710.319141] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2710.338275] RSP: 002b:00007fa177346a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2710.345968] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2710.353232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2710.360482] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2710.367830] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2710.375081] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000000 [ 2710.382349] CPU: 1 PID: 2471 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2710.390699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2710.400049] Call Trace: [ 2710.402620] dump_stack+0x1c9/0x2b4 [ 2710.406231] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2710.411418] ? get_pid_task+0xd8/0x1a0 [ 2710.415292] should_fail.cold.4+0xa/0x11 03:40:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xff00, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x9, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xf00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2b2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2710.419351] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2710.424961] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2710.430056] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 2710.434893] ? lock_downgrade+0x8f0/0x8f0 [ 2710.439035] ? proc_fail_nth_write+0x9e/0x210 [ 2710.443509] ? proc_cwd_link+0x1d0/0x1d0 [ 2710.447551] ? lock_acquire+0x1e4/0x540 [ 2710.451517] ? lock_acquire+0x1e4/0x540 [ 2710.455471] ? fs_reclaim_acquire+0x20/0x20 [ 2710.459773] ? lock_downgrade+0x8f0/0x8f0 [ 2710.463915] ? check_same_owner+0x340/0x340 03:40:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1f00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:32 executing program 3 (fault-call:0 fault-nth:1): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2710.468230] ? rcu_note_context_switch+0x730/0x730 [ 2710.473142] __should_failslab+0x124/0x180 [ 2710.477374] should_failslab+0x9/0x14 [ 2710.481157] __kmalloc+0x2c8/0x760 [ 2710.484680] ? strncpy_from_user+0x510/0x510 [ 2710.489073] ? fput+0x130/0x1a0 [ 2710.492337] ? __x64_sys_memfd_create+0x142/0x4f0 [ 2710.497166] __x64_sys_memfd_create+0x142/0x4f0 [ 2710.501832] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2710.507440] ? memfd_fcntl+0x1e80/0x1e80 [ 2710.511501] do_syscall_64+0x1b9/0x820 [ 2710.515398] ? finish_task_switch+0x1d3/0x870 [ 2710.519901] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2710.524829] ? syscall_return_slowpath+0x31d/0x5e0 [ 2710.526830] FAULT_INJECTION: forcing a failure. [ 2710.526830] name failslab, interval 1, probability 0, space 0, times 0 [ 2710.529747] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2710.529757] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2710.529765] ? perf_trace_sys_enter+0xb10/0xb10 [ 2710.529773] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2710.529785] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2710.529805] RIP: 0033:0x455e29 [ 2710.568799] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2710.588141] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2710.595951] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2710.603202] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2710.610470] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2710.617719] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2710.624976] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000000 [ 2710.632239] CPU: 0 PID: 2504 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2710.640563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2710.649914] Call Trace: [ 2710.652487] dump_stack+0x1c9/0x2b4 [ 2710.656095] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2710.661272] ? mnt_get_count+0x150/0x150 [ 2710.665333] should_fail.cold.4+0xa/0x11 03:40:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x231, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2710.669378] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2710.674464] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2710.679461] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2710.684197] ? lock_acquire+0x1e4/0x540 [ 2710.688151] ? is_bpf_text_address+0xae/0x170 [ 2710.692630] ? lock_downgrade+0x8f0/0x8f0 [ 2710.696771] ? lock_release+0xa30/0xa30 [ 2710.700739] ? kasan_check_read+0x11/0x20 [ 2710.704869] ? lock_acquire+0x1e4/0x540 [ 2710.708826] ? fs_reclaim_acquire+0x20/0x20 [ 2710.713141] ? lock_downgrade+0x8f0/0x8f0 [ 2710.717271] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2710.722278] ? check_same_owner+0x340/0x340 [ 2710.726591] ? rcu_note_context_switch+0x730/0x730 [ 2710.731518] ? iterate_fd+0x4b0/0x4b0 [ 2710.735301] __should_failslab+0x124/0x180 [ 2710.739523] should_failslab+0x9/0x14 [ 2710.743318] kmem_cache_alloc+0x2af/0x760 [ 2710.747447] ? lock_downgrade+0x8f0/0x8f0 [ 2710.751576] ? shmem_destroy_callback+0xc0/0xc0 [ 2710.756236] shmem_alloc_inode+0x1b/0x40 [ 2710.760294] alloc_inode+0x63/0x190 [ 2710.763901] new_inode_pseudo+0x71/0x1a0 [ 2710.767941] ? prune_icache_sb+0x1b0/0x1b0 [ 2710.772156] ? _raw_spin_unlock+0x22/0x30 [ 2710.776279] new_inode+0x1c/0x40 [ 2710.779632] shmem_get_inode+0xf1/0x910 [ 2710.783608] ? shmem_encode_fh+0x340/0x340 [ 2710.787863] ? lock_downgrade+0x8f0/0x8f0 [ 2710.792018] ? lock_release+0xa30/0xa30 [ 2710.796003] ? check_same_owner+0x340/0x340 [ 2710.800306] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2710.805308] ? __check_object_size+0x9d/0x5f2 [ 2710.809797] __shmem_file_setup.part.48+0x83/0x2a0 [ 2710.814727] shmem_file_setup+0x65/0x90 [ 2710.818684] __x64_sys_memfd_create+0x2af/0x4f0 [ 2710.823334] ? memfd_fcntl+0x1e80/0x1e80 [ 2710.827378] do_syscall_64+0x1b9/0x820 [ 2710.831243] ? finish_task_switch+0x1d3/0x870 [ 2710.835720] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2710.840631] ? syscall_return_slowpath+0x31d/0x5e0 [ 2710.845541] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2710.850541] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2710.855542] ? perf_trace_sys_enter+0xb10/0xb10 [ 2710.860197] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2710.865035] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2710.870203] RIP: 0033:0x455e29 [ 2710.873380] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2710.892511] RSP: 002b:00007fa177346a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2710.900211] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2710.907472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2710.914726] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2710.921976] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2710.929235] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000001 03:40:33 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1c, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x270, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:33 executing program 4 (fault-call:0 fault-nth:1): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:33 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f00000001c0)={0x3, 0xd6, &(0x7f0000000080)="c2d71b7ad4b6a42dc90eb2342ed2530278d84330928a0068887c576351fff45dbff2a045bd55a6f24ea8656ce29fe55a6062305112db6d39b8f2a07768a420ccff64190e5ee59a7579da11e3ebe9869d6b04684697350c464b2721fd690fc8f27bb5f13c65d0d9f556dbe9ab1d8029221e074f7189b88dcffe47c11e4bab3ccd9be6f0ccfff71701f881cd46287e5e6496c931abb5e441db94785a8ce4de8e29103f51d0a018f3251ff19ca63e4922b5f9ed014e437f33f7dcbfe7e4fa222dc912021776f61f523e7b20073a5949b72612307e73cbf3"}) 03:40:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:33 executing program 3 (fault-call:0 fault-nth:2): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xf, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2711.323321] FAULT_INJECTION: forcing a failure. [ 2711.323321] name failslab, interval 1, probability 0, space 0, times 0 [ 2711.334597] CPU: 1 PID: 2528 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2711.342924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2711.352258] Call Trace: [ 2711.354828] dump_stack+0x1c9/0x2b4 [ 2711.358437] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2711.363630] ? mnt_get_count+0x150/0x150 [ 2711.365552] FAULT_INJECTION: forcing a failure. [ 2711.365552] name failslab, interval 1, probability 0, space 0, times 0 [ 2711.367691] should_fail.cold.4+0xa/0x11 [ 2711.367703] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2711.367726] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2711.393064] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2711.397820] ? lock_acquire+0x1e4/0x540 [ 2711.401776] ? is_bpf_text_address+0xae/0x170 [ 2711.406252] ? lock_downgrade+0x8f0/0x8f0 [ 2711.410384] ? lock_release+0xa30/0xa30 [ 2711.414352] ? kasan_check_read+0x11/0x20 [ 2711.418482] ? lock_acquire+0x1e4/0x540 [ 2711.422446] ? fs_reclaim_acquire+0x20/0x20 [ 2711.426747] ? lock_downgrade+0x8f0/0x8f0 [ 2711.430889] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2711.435904] ? check_same_owner+0x340/0x340 [ 2711.440210] ? rcu_note_context_switch+0x730/0x730 [ 2711.445117] ? iterate_fd+0x4b0/0x4b0 [ 2711.448913] __should_failslab+0x124/0x180 [ 2711.453135] should_failslab+0x9/0x14 [ 2711.456931] kmem_cache_alloc+0x2af/0x760 [ 2711.461059] ? lock_downgrade+0x8f0/0x8f0 [ 2711.465191] ? shmem_destroy_callback+0xc0/0xc0 [ 2711.469852] shmem_alloc_inode+0x1b/0x40 [ 2711.473909] alloc_inode+0x63/0x190 [ 2711.477527] new_inode_pseudo+0x71/0x1a0 [ 2711.481578] ? prune_icache_sb+0x1b0/0x1b0 [ 2711.485797] ? _raw_spin_unlock+0x22/0x30 [ 2711.489936] new_inode+0x1c/0x40 [ 2711.493285] shmem_get_inode+0xf1/0x910 [ 2711.497240] ? shmem_encode_fh+0x340/0x340 [ 2711.501460] ? lock_downgrade+0x8f0/0x8f0 [ 2711.505591] ? lock_release+0xa30/0xa30 [ 2711.509548] ? check_same_owner+0x340/0x340 [ 2711.513867] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2711.518876] ? __check_object_size+0x9d/0x5f2 [ 2711.523359] __shmem_file_setup.part.48+0x83/0x2a0 [ 2711.528296] shmem_file_setup+0x65/0x90 [ 2711.532604] __x64_sys_memfd_create+0x2af/0x4f0 [ 2711.537340] ? memfd_fcntl+0x1e80/0x1e80 [ 2711.541389] do_syscall_64+0x1b9/0x820 [ 2711.545258] ? finish_task_switch+0x1d3/0x870 [ 2711.549749] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2711.554657] ? syscall_return_slowpath+0x31d/0x5e0 [ 2711.559564] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2711.564557] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2711.569552] ? perf_trace_sys_enter+0xb10/0xb10 [ 2711.574219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2711.579044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2711.584213] RIP: 0033:0x455e29 [ 2711.587376] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2711.606496] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2711.614180] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2711.621443] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2711.628692] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2711.635940] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2711.643198] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000001 [ 2711.650461] CPU: 0 PID: 2531 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2711.658789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2711.668132] Call Trace: [ 2711.670706] dump_stack+0x1c9/0x2b4 [ 2711.674316] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2711.679505] should_fail.cold.4+0xa/0x11 [ 2711.683554] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2711.688639] ? trace_hardirqs_on+0x10/0x10 [ 2711.692853] ? __kernel_text_address+0xd/0x40 [ 2711.697329] ? unwind_get_return_address+0x61/0xa0 [ 2711.702243] ? __save_stack_trace+0x8d/0xf0 [ 2711.706560] ? save_stack+0xa9/0xd0 [ 2711.710180] ? save_stack+0x43/0xd0 [ 2711.713797] ? __lockdep_init_map+0x105/0x590 [ 2711.718271] ? kasan_slab_alloc+0x12/0x20 [ 2711.722403] ? lock_acquire+0x1e4/0x540 [ 2711.726358] ? fs_reclaim_acquire+0x20/0x20 [ 2711.730660] ? lock_downgrade+0x8f0/0x8f0 [ 2711.734788] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 2711.734799] FAULT_INJECTION: forcing a failure. [ 2711.734799] name failslab, interval 1, probability 0, space 0, times 0 [ 2711.750956] ? check_same_owner+0x340/0x340 [ 2711.755259] ? rcu_note_context_switch+0x730/0x730 [ 2711.760167] __should_failslab+0x124/0x180 [ 2711.764385] should_failslab+0x9/0x14 [ 2711.768165] kmem_cache_alloc+0x2af/0x760 [ 2711.772727] ? lockdep_init_map+0x9/0x10 [ 2711.776763] ? __rwlock_init+0x2d/0x140 [ 2711.780727] __d_alloc+0xc8/0xd50 [ 2711.784168] ? mpol_set_shared_policy+0x9d0/0x9d0 [ 2711.788990] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 2711.794073] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 2711.799245] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2711.804774] ? timespec64_trunc+0xea/0x180 [ 2711.808998] ? inode_init_owner+0x340/0x340 [ 2711.813301] ? _raw_spin_unlock+0x22/0x30 [ 2711.817431] ? current_time+0x131/0x1b0 [ 2711.821386] ? timespec64_trunc+0x180/0x180 [ 2711.825688] ? __lockdep_init_map+0x105/0x590 [ 2711.830167] d_alloc_pseudo+0x1d/0x30 [ 2711.833946] alloc_file_pseudo+0x158/0x3f0 [ 2711.838169] ? alloc_file+0x3e0/0x3e0 [ 2711.841948] ? check_same_owner+0x340/0x340 [ 2711.846250] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2711.851248] ? __check_object_size+0x9d/0x5f2 [ 2711.855724] ? kasan_check_write+0x14/0x20 [ 2711.859940] __shmem_file_setup.part.48+0x110/0x2a0 [ 2711.864935] shmem_file_setup+0x65/0x90 [ 2711.868891] __x64_sys_memfd_create+0x2af/0x4f0 [ 2711.873553] ? memfd_fcntl+0x1e80/0x1e80 [ 2711.877599] do_syscall_64+0x1b9/0x820 [ 2711.881462] ? finish_task_switch+0x1d3/0x870 [ 2711.885941] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2711.890850] ? syscall_return_slowpath+0x31d/0x5e0 [ 2711.895760] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2711.900756] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2711.905755] ? perf_trace_sys_enter+0xb10/0xb10 [ 2711.910421] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2711.915251] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2711.920422] RIP: 0033:0x455e29 [ 2711.923590] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2711.942714] RSP: 002b:00007fa177346a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2711.950416] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2711.957670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2711.964934] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 03:40:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x11, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x70d220fffe2eb430, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:33 executing program 4 (fault-call:0 fault-nth:2): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2711.972195] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2711.979975] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000002 [ 2711.987253] CPU: 1 PID: 2553 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2711.995606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2712.004945] Call Trace: [ 2712.007516] dump_stack+0x1c9/0x2b4 [ 2712.011123] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2712.016305] should_fail.cold.4+0xa/0x11 [ 2712.020348] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2712.025434] ? trace_hardirqs_on+0x10/0x10 [ 2712.029651] ? __kernel_text_address+0xd/0x40 [ 2712.034124] ? unwind_get_return_address+0x61/0xa0 [ 2712.039037] ? __save_stack_trace+0x8d/0xf0 [ 2712.043356] ? save_stack+0xa9/0xd0 [ 2712.046964] ? save_stack+0x43/0xd0 [ 2712.050571] ? __lockdep_init_map+0x105/0x590 [ 2712.055043] ? kasan_slab_alloc+0x12/0x20 [ 2712.059185] ? lock_acquire+0x1e4/0x540 [ 2712.063141] ? fs_reclaim_acquire+0x20/0x20 [ 2712.067457] ? lock_downgrade+0x8f0/0x8f0 [ 2712.071594] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 2712.076601] ? check_same_owner+0x340/0x340 [ 2712.080906] ? rcu_note_context_switch+0x730/0x730 [ 2712.085814] __should_failslab+0x124/0x180 [ 2712.090477] should_failslab+0x9/0x14 [ 2712.094255] kmem_cache_alloc+0x2af/0x760 [ 2712.098417] ? lockdep_init_map+0x9/0x10 [ 2712.102491] ? __rwlock_init+0x2d/0x140 [ 2712.106465] __d_alloc+0xc8/0xd50 [ 2712.109907] ? mpol_set_shared_policy+0x9d0/0x9d0 [ 2712.114733] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 2712.119736] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 2712.124921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2712.130461] ? timespec64_trunc+0xea/0x180 [ 2712.134682] ? inode_init_owner+0x340/0x340 [ 2712.138988] ? _raw_spin_unlock+0x22/0x30 [ 2712.143123] ? current_time+0x131/0x1b0 [ 2712.147078] ? timespec64_trunc+0x180/0x180 [ 2712.151383] ? __lockdep_init_map+0x105/0x590 [ 2712.155878] d_alloc_pseudo+0x1d/0x30 [ 2712.159663] alloc_file_pseudo+0x158/0x3f0 [ 2712.163882] ? alloc_file+0x3e0/0x3e0 [ 2712.167672] ? check_same_owner+0x340/0x340 [ 2712.171988] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2712.176991] ? __check_object_size+0x9d/0x5f2 [ 2712.181484] ? kasan_check_write+0x14/0x20 [ 2712.185710] __shmem_file_setup.part.48+0x110/0x2a0 [ 2712.190715] shmem_file_setup+0x65/0x90 [ 2712.194674] __x64_sys_memfd_create+0x2af/0x4f0 [ 2712.199339] ? memfd_fcntl+0x1e80/0x1e80 [ 2712.203385] do_syscall_64+0x1b9/0x820 [ 2712.207252] ? finish_task_switch+0x1d3/0x870 [ 2712.211740] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2712.216655] ? syscall_return_slowpath+0x31d/0x5e0 [ 2712.221565] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2712.226560] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2712.231561] ? perf_trace_sys_enter+0xb10/0xb10 [ 2712.236221] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2712.241055] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2712.246227] RIP: 0033:0x455e29 [ 2712.249403] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2712.268537] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2712.276241] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2712.283493] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2712.290768] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2712.298027] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2712.305285] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000002 03:40:34 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:34 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:34 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xe867b4fffef5e111, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:34 executing program 5: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000080)={0x0, 0x57, "012ea68f65c34f3721673789764533d9ee5d81498fdcd7cb9674bcb05fc754145b60759e7a74de5d043299607841ecfa97211c5f6e1d8e6ac415a637c49e35ff3dbcd43fca8ff74f51fb93b307a01a32520e437ce0bdd1"}, &(0x7f0000000100)=0x5f) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={r1, 0x0, 0x181decf7}, 0x8) r2 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r2, 0x0, r2) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:34 executing program 3 (fault-call:0 fault-nth:3): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3b8, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:34 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:34 executing program 4 (fault-call:0 fault-nth:3): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:34 executing program 5: r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/uts\x00') r1 = syz_open_dev$amidi(&(0x7f00000002c0)='/dev/amidi#\x00', 0x0, 0x8000) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x3ff, 0x6}, &(0x7f0000000340)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000380)={r2, 0x0, 0x10}, &(0x7f00000003c0)=0xc) r3 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x3, 0x80) ioctl$KDDELIO(r3, 0x4b35, 0x1) ioctl$int_out(r3, 0x5462, &(0x7f0000000280)) signalfd(r0, &(0x7f0000000140), 0x8) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r4, 0x84, 0x7, &(0x7f0000000200), &(0x7f0000000240)=0x4) mq_open(&(0x7f0000000080)="694f71dfd932e17568000000000200", 0xc0, 0x80, &(0x7f00000000c0)={0x3, 0x10000, 0x0, 0x7, 0x5, 0x2, 0x20, 0x3377}) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmmsg$unix(r5, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000400)="55caeeb6a9bd9697fc06a31d2a88c3815155e83f10068472f03142cd384c24773ed1410672075cdf1867681c4db9a1e043a360d6962906865a3e808bc190e93eb21463b9a380757de91312f8e787c854bb2daf696ec742b8f615c24f86f8bbb80891580e4e84a65040d7a89aafbcf04c06f4a6376b5da5ecb942b25eb50fd92038fe41e405a52d9665940b9308594ae4f0b4eae97ee97913fe4fe017194ca5be3bbac5f0a0f096fe3d9560e47d76b0ae8f87a97fa9341146e5addba41ea942398c53c3b91bc5bcc8ac281f8165fa27aafc0cd6d22fc08b5f158775dfc9f1b0c196e9f94a", 0xe4}, {&(0x7f0000000580)="e2fd4a97730a42e3633085e48a4d5589d9c9552aa20380b42cf8238eb5802d2d942b07c73fa9d4518e6344cb68682a881b9bc995671c5f17835aa26eb5565c9e7048879769066c6e4c623312100b966956aedaac1b6fbd67ecf3ee871f4194675d795693845566dcd701f73aebcd4ec2a339f074b39a53df5cc6d9aa3ec19021c5d3b406f86982af8d", 0x89}, {&(0x7f0000000640)="2c647a10cd3bdd674a48f402d70df33574e7b070f252ca5ee71ea7d27ae6dc9f06b93bbc188ad762c545861511ed5696f014e939bb2a9d99e706fede7a794d6b2b882174d2281f354e8c8f04cb36e3367b47ca56fa07632c456cd37c4661743447d909831b611f288a4d37f0b573810801ab3123327f896e8d88cf5f683bcde04840c72b58d9750eea95b6c2", 0x8c}, {&(0x7f0000000700)="03f5096b9195896b6f2e0329fa083f2078818460c316e4a93ed7bd392b35f40374903ef549faed77d791fcf22169ca5f6de94bfc1331d9dd4b0b9ef32c129ac5895d1ba44aad3e574ac767e79bc2c72df95fe0d8760928fb6908a0a081cf6ec12dcbe6f0958ae559a03f9391de221660ad1bc1e94fc81494b605f6d431b5a727cbf8cd33d6816cac5344cf6795aea3b85197954b7dd97778ad08de73e038bcb899f002c05dbb329673eb75be2c0ddd66a9834559", 0xb4}, {&(0x7f00000007c0)="7b7320b35c378df79a3381dfc439d7a61a2268f6dee93b4bf4173cd8ddb2b227fbe6c1a6dea321e356669a72752bdfafb0b1c7b4341e56913b996435f3ea2a1b9d467dd94ea4a11b04277788a638e1b8c256160a6fce132d73c3448a9e8815c5a6d0511c09a748a34a78accb443e7c89d3ac5667f63e9f265c9fff816711250a854c8d5e07dcbc13198cf657e3964f9c13d628e27fa8361075cb4a6ee869f9d38707ad75696a6850efbf5188156106a49e", 0xb1}, {&(0x7f0000000b00)='0H', 0x2}, {&(0x7f0000000880)="d25dd105f8334e1b1ea5802236a7b0f0f5a570031bd01846ee395c1b4d6efd419f01095ade09d9ca40d81a86005f3f24fc9a96a7d8b6d7e0e537f1cf408d34d9bc0fbdb0d3dccf0e1f5f6b86e79e0f110c69a33f53c107e9a4774f2827abc5b93d84c1bfae433e4aa4e1f789b33ed2eb1359e74c", 0x74}, {&(0x7f0000000900)="8d23a47ac545a8c486769cca3205a02cb1e8f73988148cf9ba33677e912f5449dd23e5453be065df4d831c955293a311c7acb3e0e1956597fed2de6356fabfd168df10cc0afc9788dd248e05beacf3a54ec197ebf3d5e0b42e2f5599dda7002c993558890fba1ae6d63b244fe76c3e97aac1a77588e51278366b4bc579c054da79fe833ff635b09e6372a7706740d5e8d978eb4ddd2bc06a738069d5d26244ee7d4908967d121f29c919ba55135a4e17e3491fcc8567ba419b10dc658b6776", 0xffffffffffffff1d}, {&(0x7f00000009c0)="86089722e2ede7fb02eb2a94f687b12de109e0a0fa6fe00e03477d3c8896c4725af37800ab1a797c31286c16bf003d11cffd392d541ffcdc7b606450ba8de219c0b650343c591ad4818fcbaa7ee2fc3d679a1d", 0x53}], 0x9, &(0x7f0000000480), 0x0, 0xfffffffffffffffd}], 0x1, 0x0) 03:40:34 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2712.597686] FAULT_INJECTION: forcing a failure. [ 2712.597686] name failslab, interval 1, probability 0, space 0, times 0 [ 2712.609000] CPU: 1 PID: 2577 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2712.617319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2712.626676] Call Trace: [ 2712.629283] dump_stack+0x1c9/0x2b4 [ 2712.632924] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2712.638138] should_fail.cold.4+0xa/0x11 [ 2712.642211] ? save_stack+0x43/0xd0 03:40:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1dc, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2712.645861] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2712.651416] ? __shmem_file_setup.part.48+0x110/0x2a0 [ 2712.656652] ? shmem_file_setup+0x65/0x90 [ 2712.660829] ? do_syscall_64+0x1b9/0x820 [ 2712.664909] ? trace_hardirqs_on+0x10/0x10 [ 2712.669163] ? lock_acquire+0x1e4/0x540 [ 2712.673146] ? percpu_ref_put_many+0x119/0x240 [ 2712.677728] ? lock_downgrade+0x8f0/0x8f0 [ 2712.677748] ? lock_release+0xa30/0xa30 [ 2712.677771] ? memcg_kmem_get_cache+0x3a9/0x9d0 [ 2712.685869] ? mem_cgroup_handle_over_high+0x130/0x130 [ 2712.685892] ? fs_reclaim_acquire+0x20/0x20 [ 2712.695825] ? lock_downgrade+0x8f0/0x8f0 [ 2712.695844] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 2712.709279] ? lock_acquire+0x1e4/0x540 [ 2712.713248] ? fs_reclaim_acquire+0x20/0x20 [ 2712.717571] ? lock_downgrade+0x8f0/0x8f0 [ 2712.717589] ? check_same_owner+0x340/0x340 [ 2712.726020] ? rcu_note_context_switch+0x730/0x730 [ 2712.730965] ? kasan_check_read+0x11/0x20 [ 2712.735130] __should_failslab+0x124/0x180 [ 2712.739379] should_failslab+0x9/0x14 [ 2712.743192] kmem_cache_alloc+0x2af/0x760 [ 2712.747348] ? _raw_spin_unlock+0x22/0x30 [ 2712.751497] ? __d_instantiate+0x522/0x750 [ 2712.754744] FAULT_INJECTION: forcing a failure. [ 2712.754744] name failslab, interval 1, probability 0, space 0, times 0 [ 2712.755732] __get_empty_filp+0x11b/0x620 [ 2712.755745] ? d_instantiate+0x79/0xa0 [ 2712.755768] ? proc_nr_files+0x60/0x60 [ 2712.778790] ? kasan_check_read+0x11/0x20 [ 2712.782932] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2712.787328] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2712.791899] ? kasan_check_write+0x14/0x20 [ 2712.796122] ? do_raw_spin_lock+0xc1/0x200 [ 2712.800345] alloc_file+0x29/0x3e0 [ 2712.803875] alloc_file_pseudo+0x267/0x3f0 [ 2712.808121] ? alloc_file+0x3e0/0x3e0 [ 2712.811910] ? check_same_owner+0x340/0x340 [ 2712.816233] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2712.821242] ? __check_object_size+0x9d/0x5f2 [ 2712.825727] ? kasan_check_write+0x14/0x20 [ 2712.829956] __shmem_file_setup.part.48+0x110/0x2a0 [ 2712.834969] shmem_file_setup+0x65/0x90 [ 2712.838939] __x64_sys_memfd_create+0x2af/0x4f0 [ 2712.843600] ? memfd_fcntl+0x1e80/0x1e80 [ 2712.847655] do_syscall_64+0x1b9/0x820 [ 2712.851532] ? finish_task_switch+0x1d3/0x870 [ 2712.856016] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2712.860946] ? syscall_return_slowpath+0x31d/0x5e0 [ 2712.865875] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2712.870880] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2712.875889] ? perf_trace_sys_enter+0xb10/0xb10 [ 2712.880557] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2712.885390] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2712.890565] RIP: 0033:0x455e29 [ 2712.893739] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2712.912960] RSP: 002b:00007fa177346a88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2712.920658] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2712.927924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2712.935185] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2712.942442] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2712.949705] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000003 [ 2712.956978] CPU: 0 PID: 2581 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2712.965302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2712.974649] Call Trace: [ 2712.977247] dump_stack+0x1c9/0x2b4 [ 2712.980881] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2712.986085] should_fail.cold.4+0xa/0x11 [ 2712.990156] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2712.995265] ? trace_hardirqs_on+0x10/0x10 03:40:34 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x28a7befffe52da15, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:34 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) write$binfmt_aout(r0, &(0x7f0000000580)={{0x107, 0x9, 0xcd, 0x210, 0x2e3, 0xffffffffffffff45, 0x2bb, 0x1000}, "fe7249b2a709fe0abf6aeefe139beb57b4d39e07e809bf87f2404cc6701376796283fd8b9354e18c64de0e09035eddef3fa55390133f58e707bd201c32851464634b97a44521fe0a99dd08d453ca561487cf5423db19fbe5dc33464b6a3de4677f5cf5f467e76277ab85a7b0f950df7c260e1045974b58504bf1aa7b1c0ce8b8d17f5de3d142ba55e161198335bbe5df9100749b3652ca6971d79870328f188300085a547ac31c3d7c7c69be2fc366ac5998d1d6349b983ed01c25728335b9dd229f8cec685b58f562ceef063700d76fa8cc86149511985d3231b40d7cd67c987106ef818d9a0256a9c9df0fc67495278c4fbf5ffc163d3be6a3ae4251ee65942909a03c367661b1478aadfa405ed3087c37fa5d3fa1c332723efb1e535c790f3df90f7e6dc85642a48892df6a81db232c436589f12b52b46ac83509c9d5c6bc000baf50279c1c7c760c7ccc10d8d4d5fc4f3f6d84f9502e5f33bbb0d580638b6c11de0f3dc1f0360a2c1bb38902e8a60ef5e5da06e01dcec371fe6704d3c9ddff650545f636afcbf8bb58eb5004e560a31f5c88a33cb63abfb7337cc824392fe7277d86bb601be424c7ebf3be4a7362a3cc8dc20fbc5e2c19e108d135b117edb5f1bbb3c41c979a2afab01bfa34629ae6023f865c496a5b3ce00b789cfb72326321cc312e0e8dca859f47740db9e84b96aa3343a089777db60d1a999ca88e56dedd84fbb817eabecab14d2d244e2bcc2f46316e60521b20e49cedd002a1e740220ae56ee68bc88b4340671094012908ae965ffebb09359b5ff49fc436476a49eb028d3df440fd9c7b606864e03a5a5697f799602b6247dcf76babaeee2f5dd2484502e67683040f984e31ce4cc0d7175f0b18c718fd49e37756f28bc7007b4b2a0b81782fe86c82acd27a02c6e2c3088253f619854e1eb68918d88b71646949ac3bc3a1a9a2464f17c78c87461e39c0fe3b4a59a0b645f8176b125530a3b1f3be99c0f5a972340ab2c0920121142e3dfbc63752ff1d6de38bd576cc28e3ec341943e611c8169e4cbd5663403482da0433d7bd0383f878ffa21e0f7a04263de854f0ffae07bdc6f3fa20cc495d0255e8eeafb4b9975156bbdaf024d062de2b4e6cbb3399cab8477deed3a224d1da108f0ca81e7a807fe8fabcf84de3e7109a9b0e9d17ed98be60de653e036538cc6ff698aa628a53317ce43f2aa2b95246cf83603834d0d68d148e67a465eb0cc237d90a42a342883ab6774e946d842bc5cf14116e8a858f6f3fee6c09365d0da224a88f8f9572a3819cd74ae1db43d88d9fc41432a31eb5a1cb94c306e5e863463a6698eba8489bf9d0a583d2786107a9aaa5d1dd4b881b91ed5024331f9c581849c0e8a374c6d6c740f77bb12896d5ebf22da3010b2d89aee9659fe4c1c6d10d44905376cb8a4e7e505d03f0d22c656db1c22bb05e78639fdc9dc78d11cec57889e1b4e1b20e6a65eae0d502f102fb74f00bdaa96279d62eeb80b68b0c1f05c5781250ac418fe23413845df94c3f20440c74b1d9da4d890e496d9a046c5b9dcf5c304541e1b8770f3b16ec7fd8a00ec7224dd41da51ba23ef046958d57c7087e13ffc991a69422f2adf82b5575688df3025ae4efb189cd50c5f9b7b6a5018654cd7eab706c468fc50a9fe20bce6da577eb0fab1ccc89b3a11e1837b246bc7e32e337bcae93cf80fd7ec2ff6fb5d417c01882ac9bd21fcca00969f4b4a0c422dfc10ab1eaa46385647564a717bfe69dd36374cc691ca3af4249edc9f6b4ee7998f47481991a907ba764737e776f322b3a57f0cb1717752c94ce67258f77184a9e2db0fe760aff2ea998f408d9e34171776b477a74d75b819e709da06703131629b2ecd111fc6297431177552c573402f2f9925637bd0aa58180d0dac13a80c2fa48404c6edd5e45010eeb8caa7f7182dbb7b02145f0e8763e033537b9c935a363b011fc88d63c6cf8facb37ba5dbaa534cc7fbbfc2b704c6a6f9cccce7a46429e830e0303693109b54b82f205998c1220efdb1bc25e0504efa46fdee671073a146e84b90da720bb2f855d42da6c99024eb5446ff07e6a5d958ce667655bc1964f9a22c54fdd5b59821758fe6139cb89f2f4d2783b6f34d2c552e16edd74cd88c17cf30361dcc0244b1993cfa5398d7b185c08a725b7d032473b287a645fd27866a0f0dc7360b36ffd3a51399ef17fc2f544ff8d49fe25901cf9bc2827753b5abb3754ebee3bad23c195eb4fc8fed8fe085755eddd3e851080a9b15b16f3294246824d0922c10b89f5de84c1aded9fed73bd73f0aae640fd229fd5799d7844e90bbc6b92d3545a4e611ed83729bbc4aa936e8abb5f01ad6a5878b15643d963801e471d2bfc8b0da560eecc95180d9a8a4f1235e8dd50f23f5223e5865f60375b6e51351dfd7bd5143f0691efb6867fce5d6142a25e28495fab761bea9aa27517154e7fd51585a15c0b8eb73bdccde8b598a97e1176d9aaab1f7ccf0ea362bf2057709f42e581fef9dc6435ec3c4a194474d1270fd0eb8f62436451461561b8bf5f4f18b73af438cdb10a3b972f38779291e94c8baf932c5379672f06da63135e83fff5e931ac84890580a0d4e70e130fbe2f03be0791eaf06caf5fe103b77871f27dd9ee076eba2c75f42828ca491f6399374e652198eea0575d041339c5383e1b23bbe9fba915ea9617a7ae5cdeeabb545336df6a2fd5f8befebf403b3cd2ee5c7f409cb7c198f07cd0cddeae77dc5579b19d55e907318e2631c98dcf99cf95d28f5ea3c53b96f44d3eaf8f05d0e312121f727a0de5f21318753e4ab8ec29e37e6e5eca799b95415976add6485447a9e494097c0186d10bcba75a85b523108639a7ad817ba7e260f6a26fd5a82f75e010328c61a1eb85ee9d4c421b5d43852eb3f98b34b7f1a7bfe8a0a62cb2ae630775a3be0935a452cd599771a0f2f1cec62db3ae9c680aedaf6bd165903fa5ec055255783159667e49dce6ef7e49b596d58cb133659ac8b6360aff7e051b913290cefb24fea6d7a001689d6e8c879dc286048914c2c5d407ebdba996a204b8882d831bb004e8203a31e3533fcf249839a6f3a93f241a1852978eaa4d873f143bda46b16d1ddb3cd2199a2d2be4d2d7b923d8c7babf16f490276daaf3767b6f8743524680098a0639b89322b74c084ab9efce7eb145cf67345331f0ad67067d96bd520929becc2605edba0bcdf1b0abd466f002c006070e2c32fa983c73934fad5f996e8f8ad26ee73484dc28ce35df8be33145508add7600c5f52e3bf9a1dd12e290f59be95d01505336038b41ce27c67955f579d48ed6005d5b11d24e6edaa66770abc5257512b50d2c3be008f3ffc64476f1985eb3585f5bae11d32bc863f90ba6b3c104512a2af99a5c459366d45091e0e7b25ef3dea5520ba4349dc4fe30536f5114c355f22781520aaf700517170c2d7905e2b16caa40b2842727de37a8f7d6f76747b50508be46ee8c513fb7862e581fa0748b9569470dc256f62df23a535a262ddb580495e88472be2c3cb3aea3670d2f7bb3a0f0cfd03bd1132bf2050e42045d1c75a560f252f131e9a4d96bf33c92a6e080641782be88e97b688c014e178d57a90d399d5264c3260c0d62e480eff71255c668623473336b2e9e19f19d02a4c05e70cf8a183b3379f4e5cbc09151eec01484f343aac9e4dad39516d1aa0e5e717a5a60e2cc04b69688717e61df0f1d2d40cd5873acaf9b10883768dfd677035339493846fda8f02c316f4e91ad0431e878f5f9ea129a4188f842cadcc6359ff0e80345acfee97d44278e93c55d071eed7dcd42a29353b89aee16f21d6961a5aa5e482fb58726a10270dc750d34a8095c010f6c3b13bec4f3a7e2714854297c1e464c2c96d2e47b4fdd94ef783fdc6ee8f3b060f070921b15c2e5c4e032be1711179ceed1d422100bf5ac6499f9b781297834c83cef9d9f7870fde0b4b2a4aab0811d527db1b0ea6cbb5222afd916d24d6d9e9e600bfd5739a17c94a636c670019c5bff21f6562a8074785808c01bb4ea90c6a422bc09e89b80717b88129a7aad8c3a8ae0fdb596d58a7f6a7cc1acce6479898692dc64412a2ad71fdefa4e9fa8ffafb48cf788d86a4668c24c111cc78d31b049fe3b2ce3e9ce0e813021a3a01b467a454c21162582571f084331bcae737ebf03a2070fbbcbb20135fa3508cc436390834fcfce33c08eeedd37945bfa035db6a88b6399facdcbd3d680b3e7690eae2b3965d66f0458597c3303283bdbdb1125f17ea276191913dcc443e890f1323de6d7e1437b418c1bdafcd00dabc3fac284462e83594a37e92d545b6ff01ec8df7e3c8682dd29f1b827830e0cd2451e3b1687998a7406e09aae8d750aff44ada6723387e47dbb8476542b370d44f6ecb53d4bcff132283eac677e664ac479d15f35269774ad3ad14059dd6ec5a5415b2df0510d9f859f123e1680b9944f037772b226d9f7a08a4e378cbc9fcef260f46e6812e9002bf306095f59604fb5dc25fd003b61396fa6d7cf99cf13811063b4a039bdf01605f0f8186df1b352902d29cedea1cfa6bea6433d3162150953360d10bb032ffe6bdebbf8f7ceb3ae97ae344c96fca63354c62b3c19648485e5d0e203a7164cff17f8fc9b2458fa39c72bc4de56d1f06820bb41a7a6a1214a067e6f0080896b34fb1630a20df86532b3562143f239cd55255bba145e3a8804794d1fd84bb94f4547d0d1d4296fd83788f08c6b68ad597e06c3e4758a26cc5278e8375e0663a419ff927d693b355df525560e88a30e20f2013e1dea1100771eccedf205277115341426aacf200e8f136f55c279806e03be89f25a6460c659d0669d7115111231d64eda2bcbcb33f3663ef3fd4f6d89093f2aab687f6167197c039f6ceba123f76a220a27484b22e2adfcbdf0ef2b1abba5acdb7a7783eab26020f5a6b255717e34e8e8d01b5d0f5d63a8fc36bcc548fbb8d6d52423bb43dfcf7524e0e5969538d2173e943abe4a86272500165c49f33762249a4f1ca4688ab6e73baa83e1f8d90023ec6e42dca1d72a1749e1ff83d0583967bca41e80458cc12cb6b4d8eb7e9d664ff2278eebdfee706d87fb4b11b18fbf49a02a4d082d9813136301b15ce750d09820d6c139cd0e5d43ab251d36e7a7205a8bad58650b4209b91f1892cfd192793c39274b3e6d70683c95cd7042aef4f35d06ded2532e1a62598e91d8001af977c5698d09f1d5d059141443e44998f7af91d35080f60240375c2aa83a9b3d7a3b686858cffec8b2def6d4ffa2123898a4a5f34a8126bae787ef58ebe14139b94044bf1a91f83c7e0264976759d92e681ebf361f5dd8fcdd4fc39d6a9eceae4826acdddf847d1c9295ac9b21e020f8cea779ef0d2e09d1cb968adaa14f19390a3d531db2bd0d57ba1ae311098924b19f97a767299fa5f2ab2b60245a9c02b3cec41823b49bec33f3237061034bd592b2f12c7a2f41f36f64d3404f8ba3625eb0a7b7453c4fa60266603fd74158824c4f708bd9c77d635a1814dbb2aba6a6a11ba3368b2ebb50cb3ef65fdb630bcc9d27b8d5f74e8685c771e9b55c6d182a92f33cc42eda08422b66a252e5f9fa865a99003baade172fbe2748414b724947edb1f7410f3c8bb553f8658d6bb34c49bc2f7c79855369cf76e67fcce8da2613286cadcb50c36b8fb5cd56ddb1d16b4f45f742339f237a57520ce59fd5ad786c0a05b7f9eb01eb90cb631c42c1edd827d7ee72d2145c40ec979896351987c2041763f0b1a0385850ec7fc7547aca", [[]]}, 0x1120) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000080)=0x4bf, 0x4) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000100)=0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000140)=0xe8) stat(&(0x7f00000002c0)="2e2f66696c6530000000000000000005b400", &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x1000000000000066, &(0x7f0000000380)=[@rights={0x28, 0x1, 0x1, [r0, r0, r0, r1, r1, r1]}, @cred={0x20, 0x1, 0x2, r2, r3, r5}, @cred={0x20, 0x1, 0x2, r2, r4, r5}], 0xffffffffffffff81}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000000c0)=0x451b, 0x4) 03:40:34 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:34 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x190, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2712.999509] ? __kernel_text_address+0xd/0x40 [ 2713.004005] ? unwind_get_return_address+0x61/0xa0 [ 2713.008943] ? __save_stack_trace+0x8d/0xf0 [ 2713.013276] ? save_stack+0xa9/0xd0 [ 2713.016912] ? save_stack+0x43/0xd0 [ 2713.020542] ? __lockdep_init_map+0x105/0x590 [ 2713.025038] ? kasan_slab_alloc+0x12/0x20 [ 2713.029197] ? lock_acquire+0x1e4/0x540 [ 2713.033176] ? fs_reclaim_acquire+0x20/0x20 [ 2713.038460] ? lock_downgrade+0x8f0/0x8f0 [ 2713.042611] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 2713.047647] ? check_same_owner+0x340/0x340 [ 2713.051988] ? lock_downgrade+0x8f0/0x8f0 [ 2713.056144] ? rcu_note_context_switch+0x730/0x730 [ 2713.061088] __should_failslab+0x124/0x180 [ 2713.065337] should_failslab+0x9/0x14 [ 2713.069147] kmem_cache_alloc+0x2af/0x760 [ 2713.073306] ? lockdep_init_map+0x9/0x10 [ 2713.077374] ? __rwlock_init+0x2d/0x140 [ 2713.081351] __d_alloc+0xc8/0xd50 [ 2713.084806] ? mpol_set_shared_policy+0x9d0/0x9d0 [ 2713.089657] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 2713.094678] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 2713.099875] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2713.105496] ? timespec64_trunc+0xea/0x180 [ 2713.109738] ? inode_init_owner+0x340/0x340 [ 2713.114070] ? _raw_spin_unlock+0x22/0x30 [ 2713.118231] ? current_time+0x131/0x1b0 [ 2713.122216] ? timespec64_trunc+0x180/0x180 [ 2713.126546] ? __lockdep_init_map+0x105/0x590 [ 2713.131060] d_alloc_pseudo+0x1d/0x30 [ 2713.134870] alloc_file_pseudo+0x158/0x3f0 [ 2713.139115] ? alloc_file+0x3e0/0x3e0 [ 2713.142922] ? check_same_owner+0x340/0x340 [ 2713.147258] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2713.152296] ? __check_object_size+0x9d/0x5f2 [ 2713.156809] ? kasan_check_write+0x14/0x20 [ 2713.161287] __shmem_file_setup.part.48+0x110/0x2a0 [ 2713.166313] shmem_file_setup+0x65/0x90 [ 2713.170298] __x64_sys_memfd_create+0x2af/0x4f0 [ 2713.174978] ? memfd_fcntl+0x1e80/0x1e80 [ 2713.179056] do_syscall_64+0x1b9/0x820 [ 2713.182947] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2713.187883] ? syscall_return_slowpath+0x31d/0x5e0 [ 2713.192825] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2713.197826] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2713.202827] ? perf_trace_sys_enter+0xb10/0xb10 [ 2713.207492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2713.212342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2713.217515] RIP: 0033:0x455e29 [ 2713.220680] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2713.239910] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 2713.247601] RAX: ffffffffffffffda RBX: 0000000020000480 RCX: 0000000000455e29 [ 2713.254854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000004baa70 [ 2713.262106] RBP: 000000000072bea0 R08: 0000000000000000 R09: 00000000fbad8001 [ 2713.269358] R10: 0000000020000480 R11: 0000000000000246 R12: 0000000000000013 [ 2713.276610] R13: 00000000004c26df R14: 00000000004d3fb8 R15: 0000000000000003 03:40:35 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:35 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:35 executing program 3 (fault-call:0 fault-nth:4): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x21c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:35 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="7365637572697479000000000000000000000000000000002000000000000000540000009655e1d62a3120116b18e53e1b6bf46769a830ee0d0c83ee68a297f85db185a6fd821edc356bb5a1d092d63fde231499591cd5081bc9b3a922169aa91727e46f89d28549bcbcaca475c897ebcdbeece3b9f61163"], &(0x7f0000000100)=0x78) 03:40:35 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x16, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:35 executing program 4 (fault-call:0 fault-nth:4): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2713.512089] FAULT_INJECTION: forcing a failure. [ 2713.512089] name failslab, interval 1, probability 0, space 0, times 0 [ 2713.514270] FAULT_INJECTION: forcing a failure. [ 2713.514270] name failslab, interval 1, probability 0, space 0, times 0 [ 2713.523422] CPU: 1 PID: 2625 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2713.542880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2713.552250] Call Trace: [ 2713.554852] dump_stack+0x1c9/0x2b4 [ 2713.558472] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2713.563657] ? lock_release+0xa30/0xa30 [ 2713.567639] should_fail.cold.4+0xa/0x11 [ 2713.571717] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2713.576819] ? lock_acquire+0x1e4/0x540 [ 2713.580783] ? shmem_setattr+0x50e/0xda0 [ 2713.584834] ? lock_downgrade+0x8f0/0x8f0 [ 2713.588976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2713.594505] ? timespec64_trunc+0xea/0x180 [ 2713.598757] ? inode_init_owner+0x340/0x340 [ 2713.603071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2713.608599] ? fsnotify+0xbac/0x14e0 [ 2713.612445] ? lock_acquire+0x1e4/0x540 [ 2713.616411] ? fs_reclaim_acquire+0x20/0x20 [ 2713.620739] ? lock_downgrade+0x8f0/0x8f0 [ 2713.624893] ? check_same_owner+0x340/0x340 [ 2713.629204] ? rcu_note_context_switch+0x730/0x730 [ 2713.634469] ? notify_change+0xda7/0x10f0 [ 2713.638609] __should_failslab+0x124/0x180 [ 2713.642837] should_failslab+0x9/0x14 [ 2713.646626] kmem_cache_alloc+0x2af/0x760 [ 2713.650782] ? do_sys_ftruncate+0x42d/0x560 [ 2713.655095] ? lock_downgrade+0x8f0/0x8f0 [ 2713.659235] getname_flags+0xd0/0x5a0 [ 2713.663037] getname+0x19/0x20 [ 2713.666220] do_sys_open+0x3a2/0x720 [ 2713.669935] ? filp_open+0x80/0x80 [ 2713.674049] ? do_sys_ftruncate+0x44e/0x560 [ 2713.678364] __x64_sys_open+0x7e/0xc0 [ 2713.682161] do_syscall_64+0x1b9/0x820 [ 2713.686058] ? finish_task_switch+0x1d3/0x870 [ 2713.690549] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2713.695488] ? syscall_return_slowpath+0x31d/0x5e0 [ 2713.700428] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2713.705439] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2713.710448] ? perf_trace_sys_enter+0xb10/0xb10 [ 2713.715112] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2713.719948] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2713.725125] RIP: 0033:0x410081 [ 2713.728297] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 2713.747625] RSP: 002b:00007f4c40b3da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 2713.755323] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000410081 [ 2713.762583] RDX: 00007f4c40b3dafa RSI: 0000000000000002 RDI: 00007f4c40b3daf0 [ 2713.769842] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2713.777110] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 2713.784388] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000004 [ 2713.791661] CPU: 0 PID: 2627 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2713.799983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2713.809371] Call Trace: 03:40:35 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080)={0x101, 0xfffffffffffffe00, 0x1, 0x80000001, 0x400000000}, 0x14) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f00000000c0), 0x0, &(0x7f0000000480)}], 0x1, 0x0) ioctl$ASHMEM_GET_SIZE(r1, 0x7704, 0x0) 03:40:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x376, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2713.811967] dump_stack+0x1c9/0x2b4 [ 2713.815603] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2713.820816] ? lock_release+0xa30/0xa30 [ 2713.824802] should_fail.cold.4+0xa/0x11 [ 2713.828871] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2713.833977] ? lock_acquire+0x1e4/0x540 [ 2713.837954] ? shmem_setattr+0x50e/0xda0 [ 2713.842107] ? lock_downgrade+0x8f0/0x8f0 [ 2713.846266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2713.851824] ? timespec64_trunc+0xea/0x180 [ 2713.856073] ? inode_init_owner+0x340/0x340 03:40:35 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) sync_file_range(r0, 0x1, 0x100, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = syz_open_dev$sndpcmp(&(0x7f0000000940)='/dev/snd/pcmC#D#p\x00', 0x8, 0x24201) ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000980)) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff8) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000900)) ioctl$PPPIOCGMRU(r2, 0x80047453, &(0x7f0000000140)) ioctl$TCGETS(r2, 0x5401, &(0x7f0000000080)) ioctl$PPPOEIOCSFWD(r1, 0x4008b100, &(0x7f00000009c0)={0x18, 0x0, {0x1, @empty, 'eql\x00'}}) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000840)=[{&(0x7f00000001c0)="727fd5f0f3f4da8698c296ca66e654b95ab5e345c3f3a6137796e2f300fdccb05e88e03c5b30f1d93d78a9ca47772efd540add7a610882193e22e59c3a7e5247ad19a23146b60be88fce73fd53f71e9f0d0f4a4c914497b1aab86dd5eebc8ce8b2ca1f45940a62032856594829937f82b283aec845e0f88eb16441004b6a0cde690f2d1e49f7668bd7d8d27870ed6c6c2c01e4c35afba7c7d5204ce636912bfa384544441e"}, {&(0x7f0000000280)="2e94b2d0ef1e4377455bcfc168498858a767b014e08e521ff1abab51fd6448c399adb7e07f0c61f220f050a7931bbb90c08b6627e6a994dade6a5d88bca0f62ce0baad5c240797c98b2b357ef5a0677ef1963fab3e1e659c2e430f9bed58efe2892a6c2ef04c5a2723046d22bb78736c5e0d47c5ec1e8e7d35d93fb24fea5e31ed835663e65c474d124b3f9645068bf2a6c7c8f240531ccddad2eca39e50a30fe4faf5539eebd568ad6bfe74efa4a3af288dae09f82db2b4d0ce840f25cff11f4160aa95fa409bd040373c3423bb3f07e83d8dca90279a4528017b3d"}, {&(0x7f0000000380)="22cf7471e7"}, {&(0x7f00000003c0)="7b51bfa3334be657506909d2a3bd16eee36455d5155df0f2d0deea0f696d18a997bc37297d56217ab0d42fadc06bf2af1232dcd06130d8dd32fd317bbd01592c0773c1a9c331f40dba11086baefdde8ca00645ac1601b4612aa505fbb879372ba6f080d6667f009b137b200f3ac34cd2b372cc852427d23bfe85639f4fa87620"}, {&(0x7f0000000440)="a5f83a4831b011ce2242169c93f00dbfd20cc092d1e460371341ba91d417050f20b3e6a76dd7676ed7f3b20fc7c59660b07e79ddee4b23bfc9e166861f03"}, {&(0x7f0000000480)="9273a1e08e7ab24397d45332679e3c4a7adb2c40ef67e47f2a48ea237870de816b0f85b2c9d319750496d8439e95f70d4b2fc818788f54ad194461e757120855989a32def59f09883c0d96578479ffcd996cbcd67c2c0d5c5299a116bb6ae5010463e55faa8236688f94c7d742066524a4eaf39c9bb58412d857031ab31b4392b48e5410f91dbd2a8ce3e0ff02a59614512ab9f04f3e05209ce04481754f7a0c7371adfbc50f5dd16cdb1c055f6ebcd2eab81babc41f29ef"}, {&(0x7f0000000580)="c20bb26a152bb72754e68f1bc3572ccb5064890572cb2f50a38b4696f9d468d0f9f61ca052ffdfc25c6725eca0f1f89fa8e1787dace0ed8a116e640dcd934e91a10e33cf5c60ecdcb4f8d38fb2a2b15f2012c43e69fee6d5823ccee66a95ccc1408223b4f9636e7f494ffc68db50dd3790b01096fe5cb7444e3801b4314a6388ed3b2afbdc451f966e5e5e7f1b4654e00d5328ab2ed6306a86d67c4542196d3603e9f66f4f677b046b31c620d0bd84df48aa0ee81c"}, {&(0x7f0000000640)="d3e7f585797356a9f03f5dd283a23564dc2627c057f48bfb15e5ceabdab688bab50a9211ff3f8c9efdcb1f807ef756b885759f48a0a80ff33f9e5b6f59b3cfe289cf9eed95ed47e0d64835aef72af4fb680e3d2574f3589c6b20b4bac59df2fc19582cc3c119f5d3eacdaa9091783375f381989900a7024016cdd883bca797abf6c410c94f91a6ecb118df0c1f6e2cb75409120a7789eea38954eee1e74128e611038633d214164101089732707d0ef6201eb4ede0b58dd7e35ed4733074cb702e111a345c9fef9297c864c716a61e0f9dec"}, {&(0x7f0000000740)="6922093e1697b400c15c8dc399745d"}, {&(0x7f0000000780)="3fe428ba662d578a63c049d14b14512f89daedc0696b8832baca42a7455a99aa9ffa056e03c01aed6987a95785b0c89eef78ed8234ddf2c990ed642cf49fb714050dd05cfd3de0b3304e22ed9400311a877c9a35554f987f4c90c2745bf1cb56fcfaa9945659c5545bb833c7e87a2024fd7ddca8ad8b3c141bcfdeef05aaf2aa87"}], 0x0, &(0x7f0000000480), 0xfe89}], 0x49249f6, 0x0) 03:40:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x311, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2713.860405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2713.865943] ? fsnotify+0xbac/0x14e0 [ 2713.869684] ? lock_acquire+0x1e4/0x540 [ 2713.873668] ? fs_reclaim_acquire+0x20/0x20 [ 2713.878022] ? lock_downgrade+0x8f0/0x8f0 [ 2713.882188] ? check_same_owner+0x340/0x340 [ 2713.886536] ? rcu_note_context_switch+0x730/0x730 [ 2713.891466] ? notify_change+0xda7/0x10f0 [ 2713.895650] __should_failslab+0x124/0x180 [ 2713.899897] should_failslab+0x9/0x14 [ 2713.903705] kmem_cache_alloc+0x2af/0x760 [ 2713.907864] ? do_sys_ftruncate+0x42d/0x560 03:40:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:35 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2713.912195] ? lock_downgrade+0x8f0/0x8f0 [ 2713.917937] getname_flags+0xd0/0x5a0 [ 2713.921757] getname+0x19/0x20 [ 2713.924959] do_sys_open+0x3a2/0x720 [ 2713.928681] ? filp_open+0x80/0x80 [ 2713.932230] ? do_sys_ftruncate+0x44e/0x560 [ 2713.936553] __x64_sys_open+0x7e/0xc0 [ 2713.940359] do_syscall_64+0x1b9/0x820 [ 2713.944271] ? finish_task_switch+0x1d3/0x870 [ 2713.948769] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2713.953719] ? syscall_return_slowpath+0x31d/0x5e0 [ 2713.958655] ? prepare_exit_to_usermode+0x3b0/0x3b0 03:40:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x17e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:35 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1aaaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2713.963680] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2713.968702] ? perf_trace_sys_enter+0xb10/0xb10 [ 2713.973376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2713.978230] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2713.983419] RIP: 0033:0x410081 [ 2713.986601] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 2714.005853] RSP: 002b:00007fa177346a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 2714.013596] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000410081 [ 2714.020872] RDX: 00007fa177346afa RSI: 0000000000000002 RDI: 00007fa177346af0 [ 2714.028141] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2714.035414] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 2714.042687] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000004 03:40:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x202, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:36 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:36 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) socket$rds(0x15, 0x5, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000580)=""/4096) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x3000, 0x8000}) openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x202080, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x40000, 0x0) 03:40:36 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x17, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:36 executing program 3 (fault-call:0 fault-nth:5): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:36 executing program 4 (fault-call:0 fault-nth:5): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2714.423651] FAULT_INJECTION: forcing a failure. [ 2714.423651] name failslab, interval 1, probability 0, space 0, times 0 [ 2714.434953] CPU: 1 PID: 2673 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2714.443270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2714.452627] Call Trace: [ 2714.455233] dump_stack+0x1c9/0x2b4 [ 2714.458877] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2714.464108] ? lock_release+0xa30/0xa30 [ 2714.468111] should_fail.cold.4+0xa/0x11 [ 2714.472194] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2714.477315] ? lock_acquire+0x1e4/0x540 [ 2714.481329] ? shmem_setattr+0x50e/0xda0 [ 2714.485424] ? lock_downgrade+0x8f0/0x8f0 [ 2714.489588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2714.495140] ? timespec64_trunc+0xea/0x180 [ 2714.499384] ? inode_init_owner+0x340/0x340 [ 2714.503720] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2714.509265] ? fsnotify+0xbac/0x14e0 [ 2714.512994] ? lock_acquire+0x1e4/0x540 [ 2714.516977] ? fs_reclaim_acquire+0x20/0x20 [ 2714.521308] ? lock_downgrade+0x8f0/0x8f0 [ 2714.525472] ? check_same_owner+0x340/0x340 [ 2714.528530] FAULT_INJECTION: forcing a failure. [ 2714.528530] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2714.529855] ? rcu_note_context_switch+0x730/0x730 [ 2714.546573] ? notify_change+0xda7/0x10f0 [ 2714.550719] __should_failslab+0x124/0x180 [ 2714.554960] should_failslab+0x9/0x14 [ 2714.558754] kmem_cache_alloc+0x2af/0x760 [ 2714.562895] ? do_sys_ftruncate+0x42d/0x560 [ 2714.567212] ? lock_downgrade+0x8f0/0x8f0 [ 2714.571352] getname_flags+0xd0/0x5a0 [ 2714.575142] getname+0x19/0x20 [ 2714.578325] do_sys_open+0x3a2/0x720 [ 2714.582026] ? filp_open+0x80/0x80 [ 2714.585557] ? do_sys_ftruncate+0x44e/0x560 [ 2714.589870] __x64_sys_open+0x7e/0xc0 [ 2714.593667] do_syscall_64+0x1b9/0x820 [ 2714.597542] ? finish_task_switch+0x1d3/0x870 [ 2714.602026] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2714.606949] ? syscall_return_slowpath+0x31d/0x5e0 [ 2714.611868] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2714.616874] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2714.621883] ? perf_trace_sys_enter+0xb10/0xb10 [ 2714.626542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2714.631381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2714.636559] RIP: 0033:0x410081 [ 2714.639745] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 2714.658987] RSP: 002b:00007f4c40b3da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 2714.666686] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000410081 03:40:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:36 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x14, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x275, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:36 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfe800000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2714.673943] RDX: 00007f4c40b3dafa RSI: 0000000000000002 RDI: 00007f4c40b3daf0 [ 2714.681211] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2714.688470] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 2714.695731] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000005 [ 2714.703005] CPU: 0 PID: 2674 Comm: syz-executor3 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2714.711328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2714.720678] Call Trace: [ 2714.723274] dump_stack+0x1c9/0x2b4 [ 2714.726908] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2714.732103] ? trace_hardirqs_on+0x10/0x10 [ 2714.736351] should_fail.cold.4+0xa/0x11 [ 2714.740436] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2714.745554] ? save_stack+0xa9/0xd0 [ 2714.749213] ? __get_empty_filp+0x11b/0x620 [ 2714.753538] ? alloc_file+0x29/0x3e0 [ 2714.757261] ? alloc_file_pseudo+0x267/0x3f0 [ 2714.761678] ? trace_hardirqs_on+0x10/0x10 [ 2714.765920] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2714.770689] ? lock_acquire+0x1e4/0x540 03:40:36 executing program 4 (fault-call:0 fault-nth:6): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:36 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x400000, 0x0) socket$inet6(0xa, 0x8000a, 0x3) write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(0xffffffffffffff9c, &(0x7f0000000140)={0x10, 0x30, 0xfa00, {&(0x7f0000000100)={0xffffffffffffffff}, 0x1, {0xa, 0x4e23, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x8}}}, 0x38) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r1, &(0x7f00000001c0)={0x11, 0x10, 0xfa00, {&(0x7f00000000c0), r2}}, 0x18) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2714.774670] ? is_bpf_text_address+0xae/0x170 [ 2714.779183] ? lock_downgrade+0x8f0/0x8f0 [ 2714.783343] ? lock_release+0xa30/0xa30 [ 2714.787332] ? kasan_check_read+0x11/0x20 [ 2714.791512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2714.797057] ? should_fail+0x246/0xd86 [ 2714.800957] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2714.806094] __alloc_pages_nodemask+0x36e/0xdb0 [ 2714.810769] ? lock_downgrade+0x8f0/0x8f0 [ 2714.814935] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 2714.819960] ? timespec64_trunc+0xea/0x180 [ 2714.823381] FAULT_INJECTION: forcing a failure. [ 2714.823381] name failslab, interval 1, probability 0, space 0, times 0 [ 2714.824198] ? inode_init_owner+0x340/0x340 [ 2714.824217] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2714.824232] ? fsnotify+0xbac/0x14e0 [ 2714.824249] ? lock_acquire+0x1e4/0x540 [ 2714.824273] ? fs_reclaim_acquire+0x20/0x20 [ 2714.857242] ? lock_downgrade+0x8f0/0x8f0 [ 2714.861495] ? lock_release+0xa30/0xa30 [ 2714.865461] ? check_same_owner+0x340/0x340 [ 2714.869777] cache_grow_begin+0x91/0x710 [ 2714.873833] kmem_cache_alloc+0x689/0x760 [ 2714.877977] ? do_sys_ftruncate+0x42d/0x560 [ 2714.882292] ? lock_downgrade+0x8f0/0x8f0 [ 2714.886444] getname_flags+0xd0/0x5a0 [ 2714.890235] getname+0x19/0x20 [ 2714.893414] do_sys_open+0x3a2/0x720 [ 2714.897117] ? filp_open+0x80/0x80 [ 2714.900657] ? do_sys_ftruncate+0x44e/0x560 [ 2714.904972] __x64_sys_open+0x7e/0xc0 [ 2714.908764] do_syscall_64+0x1b9/0x820 [ 2714.912641] ? finish_task_switch+0x1d3/0x870 [ 2714.917131] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2714.922065] ? syscall_return_slowpath+0x31d/0x5e0 [ 2714.926986] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2714.931996] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2714.937011] ? perf_trace_sys_enter+0xb10/0xb10 [ 2714.941933] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2714.946773] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2714.951963] RIP: 0033:0x410081 [ 2714.955141] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 2714.974368] RSP: 002b:00007fa177346a80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 2714.982070] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000410081 [ 2714.989328] RDX: 00007fa177346afa RSI: 0000000000000002 RDI: 00007fa177346af0 [ 2714.996589] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2715.003853] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 2715.011127] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000005 [ 2715.018403] CPU: 1 PID: 2702 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2715.026723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2715.036079] Call Trace: [ 2715.038672] dump_stack+0x1c9/0x2b4 [ 2715.042295] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2715.047483] ? xas_descend+0x20c/0x5f0 [ 2715.051377] should_fail.cold.4+0xa/0x11 [ 2715.055466] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2715.060578] ? trace_hardirqs_on+0x10/0x10 [ 2715.064818] ? alloc_set_pte+0xaf6/0x1790 [ 2715.068975] ? __sanitizer_cov_trace_cmp4+0x16/0x20 03:40:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2715.074002] ? trace_hardirqs_on+0x10/0x10 [ 2715.078244] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2715.083265] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2715.088028] ? lock_acquire+0x1e4/0x540 [ 2715.092005] ? fs_reclaim_acquire+0x20/0x20 [ 2715.096337] ? lock_downgrade+0x8f0/0x8f0 [ 2715.100493] ? check_same_owner+0x340/0x340 [ 2715.104817] ? rcu_is_watching+0x8c/0x150 [ 2715.108966] ? rcu_note_context_switch+0x730/0x730 [ 2715.113904] __should_failslab+0x124/0x180 [ 2715.118153] should_failslab+0x9/0x14 [ 2715.121962] kmem_cache_alloc+0x2af/0x760 [ 2715.126125] __get_empty_filp+0x11b/0x620 [ 2715.130281] ? proc_nr_files+0x60/0x60 [ 2715.134176] ? lock_acquire+0x1e4/0x540 [ 2715.138156] ? is_bpf_text_address+0xae/0x170 [ 2715.141689] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 2715.142649] ? lock_downgrade+0x8f0/0x8f0 [ 2715.142666] ? lock_release+0xa30/0xa30 [ 2715.142685] path_openat+0x110/0x5430 [ 2715.142701] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2715.142722] ? is_bpf_text_address+0xd7/0x170 [ 2715.173365] ? kernel_text_address+0x79/0xf0 [ 2715.177789] ? path_lookupat.isra.45+0xbf0/0xbf0 [ 2715.182562] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2715.187630] ? expand_files.part.8+0x571/0x9c0 [ 2715.192223] ? iterate_fd+0x4b0/0x4b0 [ 2715.196037] ? lock_acquire+0x1e4/0x540 [ 2715.200044] ? __alloc_fd+0x34e/0x710 [ 2715.203857] ? lock_downgrade+0x8f0/0x8f0 [ 2715.208015] ? do_sys_open+0x3a2/0x720 [ 2715.211928] ? kasan_check_read+0x11/0x20 [ 2715.216085] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2715.220500] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2715.225093] ? kasan_check_write+0x14/0x20 [ 2715.229329] ? do_raw_spin_lock+0xc1/0x200 [ 2715.233568] ? _raw_spin_unlock+0x22/0x30 [ 2715.237722] ? __alloc_fd+0x34e/0x710 [ 2715.241530] ? usercopy_warn+0x120/0x120 [ 2715.245613] do_filp_open+0x255/0x380 [ 2715.249415] ? may_open_dev+0x100/0x100 [ 2715.253404] ? get_unused_fd_flags+0x122/0x1a0 [ 2715.257968] ? __alloc_fd+0x710/0x710 [ 2715.261767] do_sys_open+0x584/0x720 [ 2715.265465] ? filp_open+0x80/0x80 [ 2715.268990] ? do_sys_ftruncate+0x44e/0x560 [ 2715.273315] __x64_sys_open+0x7e/0xc0 [ 2715.277105] do_syscall_64+0x1b9/0x820 [ 2715.280974] ? finish_task_switch+0x1d3/0x870 [ 2715.285466] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2715.290396] ? syscall_return_slowpath+0x31d/0x5e0 [ 2715.295325] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2715.300332] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2715.305344] ? perf_trace_sys_enter+0xb10/0xb10 [ 2715.310017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2715.314874] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2715.320050] RIP: 0033:0x410081 [ 2715.323223] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 2715.342417] RSP: 002b:00007f4c40b3da80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 2715.350113] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000410081 [ 2715.357372] RDX: 00007f4c40b3dafa RSI: 0000000000000002 RDI: 00007f4c40b3daf0 [ 2715.364624] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 03:40:37 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:37 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x65, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:37 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1d00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:37 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:37 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000000c0)=0x0) ptrace$peekuser(0x3, r2, 0x1) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f0000000080)={0xffffffffffff0001, 0x3, 0x7a}) 03:40:37 executing program 4 (fault-call:0 fault-nth:7): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2715.371889] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 2715.379141] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000006 03:40:37 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x293f80feff94fdd8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:37 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x16a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:37 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4e20, 0x5, 0x4e21, 0x100000000000, 0x2, 0x20, 0x80, 0x29, r2, r3}, {0x5, 0x9, 0x3f, 0x4, 0x7f, 0x2, 0x0, 0x5}, {0x80, 0x697, 0x3, 0x7}, 0xff, 0x6e6bbf, 0x0, 0x1, 0x1, 0x1}, {{@in6=@remote={0xfe, 0x80, [], 0xbb}, 0x4d4, 0xff}, 0xa, @in=@multicast2=0xe0000002, 0x34ff, 0x4, 0x3, 0x8, 0x0, 0x0, 0x80000000}}, 0xe8) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000100), &(0x7f0000000380)=0x4) r4 = fcntl$dupfd(r0, 0x406, r0) sendmmsg$unix(r4, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 2715.465068] FAULT_INJECTION: forcing a failure. [ 2715.465068] name failslab, interval 1, probability 0, space 0, times 0 [ 2715.476377] CPU: 1 PID: 2742 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2715.484697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2715.494080] Call Trace: [ 2715.496685] dump_stack+0x1c9/0x2b4 [ 2715.500332] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2715.505545] should_fail.cold.4+0xa/0x11 [ 2715.509626] ? up_read+0x110/0x110 [ 2715.513182] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2715.518305] ? refcount_inc+0x29/0x70 [ 2715.522129] ? lock_acquire+0x1e4/0x540 [ 2715.526113] ? lo_ioctl+0x8e/0x1d70 [ 2715.529756] ? lock_release+0xa30/0xa30 [ 2715.533831] ? check_same_owner+0x340/0x340 [ 2715.537493] sctp: [Deprecated]: syz-executor5 (pid 2754) Use of int in max_burst socket option. [ 2715.537493] Use struct sctp_assoc_value instead [ 2715.538170] ? rcu_note_context_switch+0x730/0x730 [ 2715.538193] ? lock_acquire+0x1e4/0x540 [ 2715.538209] ? fs_reclaim_acquire+0x20/0x20 03:40:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:37 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x76, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2715.538234] ? lock_downgrade+0x8f0/0x8f0 [ 2715.568987] ? check_same_owner+0x340/0x340 [ 2715.573315] ? mutex_trylock+0x2b0/0x2b0 [ 2715.577388] ? rcu_note_context_switch+0x730/0x730 [ 2715.582333] __should_failslab+0x124/0x180 [ 2715.587354] should_failslab+0x9/0x14 [ 2715.591158] kmem_cache_alloc_trace+0x2cb/0x780 [ 2715.595843] ? init_wait_entry+0x1c0/0x1c0 [ 2715.600083] ? lock_release+0xa30/0xa30 [ 2715.602974] sctp: [Deprecated]: syz-executor5 (pid 2761) Use of int in max_burst socket option. 03:40:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2715.602974] Use struct sctp_assoc_value instead [ 2715.604065] ? trace_hardirqs_on+0x10/0x10 [ 2715.604082] ? loop_get_status64+0x140/0x140 [ 2715.604097] __kthread_create_on_node+0x127/0x4c0 [ 2715.604112] ? __kthread_parkme+0x1b0/0x1b0 [ 2715.604123] ? __fget+0x4d5/0x740 [ 2715.604146] ? __lockdep_init_map+0x105/0x590 [ 2715.643794] ? loop_get_status64+0x140/0x140 [ 2715.648220] kthread_create_on_node+0xb1/0xe0 [ 2715.652727] ? __kthread_create_on_node+0x4c0/0x4c0 [ 2715.657760] lo_ioctl+0x7f6/0x1d70 [ 2715.661309] ? lo_rw_aio_complete+0x450/0x450 [ 2715.665811] blkdev_ioctl+0x9cd/0x2030 [ 2715.669703] ? lock_acquire+0x1e4/0x540 [ 2715.673682] ? blkpg_ioctl+0xc40/0xc40 [ 2715.677583] ? lock_release+0xa30/0xa30 [ 2715.681564] ? save_stack+0xa9/0xd0 [ 2715.685205] ? save_stack+0x43/0xd0 [ 2715.688836] ? __fget+0x4d5/0x740 [ 2715.692294] ? ksys_dup3+0x690/0x690 [ 2715.696015] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2715.700608] ? kasan_check_write+0x14/0x20 [ 2715.702456] REISERFS warning (device loop3): sh-2021 reiserfs_fill_super: can not find reiserfs on loop3 [ 2715.704841] ? do_raw_spin_lock+0xc1/0x200 [ 2715.704859] block_ioctl+0xee/0x130 [ 2715.704872] ? blkdev_fallocate+0x400/0x400 [ 2715.704887] do_vfs_ioctl+0x1de/0x1720 [ 2715.704901] ? ioctl_preallocate+0x300/0x300 [ 2715.704920] ? __fget_light+0x2f7/0x440 [ 2715.739088] ? fget_raw+0x20/0x20 [ 2715.742551] ? trace_hardirqs_on+0xd/0x10 [ 2715.746711] ? kmem_cache_free+0x22e/0x2d0 [ 2715.750953] ? putname+0xf7/0x130 [ 2715.754413] ? do_sys_open+0x3cb/0x720 [ 2715.758307] ? security_file_ioctl+0x94/0xc0 [ 2715.762717] ksys_ioctl+0xa9/0xd0 [ 2715.766174] __x64_sys_ioctl+0x73/0xb0 [ 2715.770064] do_syscall_64+0x1b9/0x820 [ 2715.773987] ? finish_task_switch+0x1d3/0x870 [ 2715.778495] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2715.783439] ? syscall_return_slowpath+0x31d/0x5e0 [ 2715.788383] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2715.793415] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2715.798435] ? perf_trace_sys_enter+0xb10/0xb10 [ 2715.803093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2715.807924] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2715.813098] RIP: 0033:0x455c97 [ 2715.816264] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2715.835403] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2715.843107] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2715.850360] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2715.857617] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2715.864893] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2715.872159] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000007 03:40:38 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:38 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000140)={@local, @rand_addr}, &(0x7f0000000240)=0x8) mount$9p_xen(&(0x7f0000000080)='ip_vti0\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", &(0x7f0000000100)='9p\x00', 0x200000, &(0x7f00000001c0)={'trans=xen,', {[{@cache_loose='cache=loose', 0x2c}, {@debug={'debug', 0x3d, 0xff}, 0x2c}, {@posixacl='posixacl', 0x2c}, {@cache_mmap='cache=mmap', 0x2c}]}}) r1 = memfd_create(&(0x7f0000000280)='$md5sum:\x00', 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20a00000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=@gettfilter={0x2c, 0x2e, 0x20, 0x70bd27, 0x25dfdbfb, {0x0, r2, {0x3, 0xfff6}, {0xffff, 0xffff}, {0x3}}, [{0x8, 0xb, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:38 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:38 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:38 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1a2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:38 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfc00000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:38 executing program 4 (fault-call:0 fault-nth:8): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:38 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='\neiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:38 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2716.498375] FAULT_INJECTION: forcing a failure. [ 2716.498375] name failslab, interval 1, probability 0, space 0, times 0 [ 2716.509706] CPU: 1 PID: 2787 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2716.518029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2716.527388] Call Trace: [ 2716.529993] dump_stack+0x1c9/0x2b4 [ 2716.533635] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2716.538842] should_fail.cold.4+0xa/0x11 [ 2716.542936] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:40:38 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x109, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:38 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:38 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)="439fde9cdbb1ff1e1f1b2e4d000200", 0xe897d047) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000080)='team_slave_0\x00') sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2716.548074] ? run_rebalance_domains+0x4c0/0x4c0 [ 2716.552849] ? __enqueue_entity+0x10d/0x1f0 [ 2716.557192] ? trace_hardirqs_on+0x10/0x10 [ 2716.561440] ? enqueue_entity+0x34b/0x2130 [ 2716.565684] ? rcu_sched_qs+0xe/0x150 [ 2716.569503] ? rcu_note_context_switch+0x571/0x730 [ 2716.574442] ? rcu_sched_qs+0x150/0x150 [ 2716.578441] ? lock_acquire+0x1e4/0x540 [ 2716.582428] ? fs_reclaim_acquire+0x20/0x20 [ 2716.586768] ? lock_downgrade+0x8f0/0x8f0 [ 2716.590932] ? check_same_owner+0x340/0x340 03:40:38 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:38 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f3, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2716.595269] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2716.599865] ? rcu_note_context_switch+0x730/0x730 [ 2716.604805] ? kasan_check_write+0x14/0x20 [ 2716.609052] __should_failslab+0x124/0x180 [ 2716.613298] should_failslab+0x9/0x14 [ 2716.617109] kmem_cache_alloc+0x2af/0x760 [ 2716.621282] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2716.626312] __kernfs_new_node+0xef/0x5a0 [ 2716.630473] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2716.635349] ? bd_set_size+0x2c1/0x370 [ 2716.639270] ? lock_downgrade+0x8f0/0x8f0 [ 2716.643441] ? enqueue_entity+0x2130/0x2130 03:40:38 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:38 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2716.647777] ? lock_release+0xa30/0xa30 [ 2716.651769] ? check_same_owner+0x340/0x340 [ 2716.656100] ? lock_acquire+0x1e4/0x540 [ 2716.660083] ? blk_queue_write_cache+0x1b8/0x43a [ 2716.664879] ? lock_downgrade+0x8f0/0x8f0 [ 2716.669041] kernfs_new_node+0x80/0xf0 [ 2716.672943] kernfs_create_dir_ns+0x3d/0x140 [ 2716.677364] internal_create_group+0x3c9/0x9e0 [ 2716.681981] ? do_raw_spin_lock+0xc1/0x200 [ 2716.686226] sysfs_create_group+0x1f/0x30 [ 2716.690380] lo_ioctl+0x1307/0x1d70 [ 2716.694017] ? lo_rw_aio_complete+0x450/0x450 [ 2716.698533] blkdev_ioctl+0x9cd/0x2030 [ 2716.702429] ? lock_acquire+0x1e4/0x540 [ 2716.706409] ? blkpg_ioctl+0xc40/0xc40 [ 2716.710308] ? lock_release+0xa30/0xa30 [ 2716.714291] ? save_stack+0xa9/0xd0 [ 2716.717920] ? save_stack+0x43/0xd0 [ 2716.721549] ? __fget+0x4d5/0x740 [ 2716.725004] ? ksys_dup3+0x690/0x690 [ 2716.728725] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2716.733339] ? kasan_check_write+0x14/0x20 [ 2716.737581] ? do_raw_spin_lock+0xc1/0x200 [ 2716.741824] block_ioctl+0xee/0x130 [ 2716.745459] ? blkdev_fallocate+0x400/0x400 [ 2716.749794] do_vfs_ioctl+0x1de/0x1720 [ 2716.753689] ? ioctl_preallocate+0x300/0x300 [ 2716.758103] ? __fget_light+0x2f7/0x440 [ 2716.762086] ? fget_raw+0x20/0x20 [ 2716.765549] ? trace_hardirqs_on+0xd/0x10 [ 2716.769702] ? kmem_cache_free+0x22e/0x2d0 [ 2716.773946] ? putname+0xf7/0x130 [ 2716.777405] ? do_sys_open+0x3cb/0x720 [ 2716.781302] ? security_file_ioctl+0x94/0xc0 [ 2716.785739] ksys_ioctl+0xa9/0xd0 [ 2716.789221] __x64_sys_ioctl+0x73/0xb0 [ 2716.793111] do_syscall_64+0x1b9/0x820 [ 2716.796982] ? finish_task_switch+0x1d3/0x870 [ 2716.801460] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2716.806391] ? syscall_return_slowpath+0x31d/0x5e0 [ 2716.811303] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2716.816302] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2716.821304] ? perf_trace_sys_enter+0xb10/0xb10 [ 2716.825969] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2716.830816] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2716.835999] RIP: 0033:0x455c97 [ 2716.839171] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2716.858304] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2716.866030] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2716.873306] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2716.880570] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2716.887824] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2716.895079] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000008 [ 2716.913557] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:39 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1b7, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:39 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:39 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2f, &(0x7f00000001c0)={0x55, {{0xa, 0x4e24, 0x800, @local={0xfe, 0x80, [], 0xaa}}}, {{0xa, 0x4e22, 0x5, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x80000001}}}, 0x108) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:39 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xb, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:39 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='%eiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:39 executing program 4 (fault-call:0 fault-nth:9): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2717.455124] FAULT_INJECTION: forcing a failure. [ 2717.455124] name failslab, interval 1, probability 0, space 0, times 0 [ 2717.466416] CPU: 0 PID: 2840 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2717.474747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2717.484111] Call Trace: [ 2717.486712] dump_stack+0x1c9/0x2b4 [ 2717.490352] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2717.495566] should_fail.cold.4+0xa/0x11 [ 2717.499646] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:40:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:39 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x300, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:39 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)="69705f76746930000000000000000100", 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2717.504768] ? __update_load_avg_blocked_se.isra.34+0x460/0x460 [ 2717.510851] ? account_entity_dequeue+0x800/0x800 [ 2717.515722] ? update_load_avg+0x2de/0x2590 [ 2717.520051] ? update_load_avg+0x2de/0x2590 [ 2717.524383] ? pvclock_read_flags+0x160/0x160 [ 2717.528893] ? attach_entity_load_avg+0x860/0x860 [ 2717.533758] ? attach_entity_load_avg+0x860/0x860 [ 2717.538614] ? idle_cpu+0x1d0/0x1d0 [ 2717.542250] ? kvm_sched_clock_read+0x9/0x20 [ 2717.546671] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2717.551698] ? find_next_bit+0x104/0x130 03:40:39 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1900000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2717.555773] ? rb_erase+0x3550/0x3550 [ 2717.559586] ? cpumask_next+0x24/0x30 [ 2717.563398] ? select_idle_sibling+0x903/0xd90 [ 2717.567998] __should_failslab+0x124/0x180 [ 2717.572247] should_failslab+0x9/0x14 [ 2717.576058] kmem_cache_alloc+0x47/0x760 [ 2717.580131] ? lock_acquire+0x1e4/0x540 [ 2717.584132] ? is_bpf_text_address+0xae/0x170 [ 2717.588681] ? lock_downgrade+0x8f0/0x8f0 [ 2717.592846] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 2717.598571] idr_get_free+0x887/0x10d0 03:40:39 executing program 5: r0 = socket$inet(0x2, 0x103fffe00000000, 0x2f) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x10001, 0x0) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000200)=ANY=[@ANYBLOB="040000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"]) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x4, 0x0, [{0x614, 0x0, 0x3}, {0x96f, 0x0, 0x2}, {0x34f, 0x0, 0x3}, {0x400003bb, 0x0, 0x612337b4}]}) openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x0, 0x0) 03:40:39 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x2, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2717.602477] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 2717.607419] ? __kernel_text_address+0xd/0x40 [ 2717.611932] ? unwind_get_return_address+0x61/0xa0 [ 2717.616879] ? __save_stack_trace+0x8d/0xf0 [ 2717.621227] ? save_stack+0xa9/0xd0 [ 2717.624870] ? save_stack+0x43/0xd0 [ 2717.628516] ? kasan_kmalloc+0xc4/0xe0 [ 2717.632414] ? kasan_slab_alloc+0x12/0x20 [ 2717.636571] ? kmem_cache_alloc+0x12e/0x760 [ 2717.640896] ? __kernfs_new_node+0xef/0x5a0 [ 2717.645232] ? kernfs_new_node+0x80/0xf0 [ 2717.649297] ? kernfs_create_dir_ns+0x3d/0x140 03:40:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2717.653887] ? internal_create_group+0x3c9/0x9e0 [ 2717.658653] ? sysfs_create_group+0x1f/0x30 [ 2717.662980] ? lo_ioctl+0x1307/0x1d70 [ 2717.666786] ? block_ioctl+0xee/0x130 [ 2717.670595] ? do_vfs_ioctl+0x1de/0x1720 [ 2717.674663] ? ksys_ioctl+0xa9/0xd0 [ 2717.678298] ? __x64_sys_ioctl+0x73/0xb0 [ 2717.682369] ? do_syscall_64+0x1b9/0x820 [ 2717.686441] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2717.691820] ? trace_hardirqs_on+0x10/0x10 [ 2717.696102] ? reweight_task+0x130/0x130 [ 2717.700169] idr_alloc_u32+0x1d4/0x3a0 [ 2717.704066] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 2717.708924] ? lock_acquire+0x1e4/0x540 [ 2717.712912] ? __kernfs_new_node+0x116/0x5a0 [ 2717.717328] idr_alloc_cyclic+0x173/0x360 [ 2717.721482] ? idr_alloc+0x1b0/0x1b0 [ 2717.725208] ? kasan_check_write+0x14/0x20 [ 2717.729454] ? do_raw_spin_lock+0xc1/0x200 [ 2717.733711] __kernfs_new_node+0x1ab/0x5a0 [ 2717.737945] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2717.742710] ? bd_set_size+0x2c1/0x370 [ 2717.746600] ? lock_downgrade+0x8f0/0x8f0 [ 2717.750736] ? enqueue_entity+0x2130/0x2130 [ 2717.755057] ? lock_release+0xa30/0xa30 [ 2717.759033] ? check_same_owner+0x340/0x340 [ 2717.763343] ? lock_acquire+0x1e4/0x540 [ 2717.767320] ? rcu_note_context_switch+0x730/0x730 [ 2717.772245] ? lock_downgrade+0x8f0/0x8f0 [ 2717.776381] kernfs_new_node+0x80/0xf0 [ 2717.780260] kernfs_create_dir_ns+0x3d/0x140 [ 2717.784654] internal_create_group+0x3c9/0x9e0 [ 2717.789219] ? do_raw_spin_lock+0xc1/0x200 [ 2717.793457] sysfs_create_group+0x1f/0x30 [ 2717.797595] lo_ioctl+0x1307/0x1d70 [ 2717.801212] ? lo_rw_aio_complete+0x450/0x450 [ 2717.805693] blkdev_ioctl+0x9cd/0x2030 [ 2717.809577] ? lock_acquire+0x1e4/0x540 [ 2717.813547] ? blkpg_ioctl+0xc40/0xc40 [ 2717.817420] ? lock_release+0xa30/0xa30 [ 2717.821386] ? save_stack+0xa9/0xd0 [ 2717.825018] ? save_stack+0x43/0xd0 [ 2717.828633] ? __fget+0x4d5/0x740 [ 2717.832074] ? ksys_dup3+0x690/0x690 [ 2717.835774] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2717.840355] ? kasan_check_write+0x14/0x20 [ 2717.844576] ? do_raw_spin_lock+0xc1/0x200 [ 2717.848801] block_ioctl+0xee/0x130 [ 2717.852415] ? blkdev_fallocate+0x400/0x400 [ 2717.856720] do_vfs_ioctl+0x1de/0x1720 [ 2717.860592] ? ioctl_preallocate+0x300/0x300 [ 2717.864985] ? __fget_light+0x2f7/0x440 [ 2717.868956] ? fget_raw+0x20/0x20 [ 2717.872396] ? trace_hardirqs_on+0xd/0x10 [ 2717.876530] ? kmem_cache_free+0x22e/0x2d0 [ 2717.880766] ? putname+0xf7/0x130 [ 2717.884208] ? do_sys_open+0x3cb/0x720 [ 2717.888085] ? security_file_ioctl+0x94/0xc0 [ 2717.892479] ksys_ioctl+0xa9/0xd0 [ 2717.895930] __x64_sys_ioctl+0x73/0xb0 [ 2717.899805] do_syscall_64+0x1b9/0x820 [ 2717.903679] ? finish_task_switch+0x1d3/0x870 [ 2717.908160] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2717.913074] ? syscall_return_slowpath+0x31d/0x5e0 [ 2717.917989] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2717.923003] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2717.928022] ? perf_trace_sys_enter+0xb10/0xb10 [ 2717.932683] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2717.937514] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2717.942697] RIP: 0033:0x455c97 [ 2717.945865] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2717.965062] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2717.972763] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2717.980018] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2717.987272] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2717.994610] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2718.001949] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000009 [ 2718.024455] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:40 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:40 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x17aaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:40 executing program 5: r0 = fcntl$getown(0xffffffffffffffff, 0x9) ptrace$getregset(0x4204, r0, 0x206, &(0x7f0000000100)={&(0x7f0000000080)=""/73, 0x49}) r1 = socket$inet(0x2, 0x5, 0x27) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r1, 0x0, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480), 0x0, 0x8000}], 0x1, 0x0) 03:40:40 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:40 executing program 4 (fault-call:0 fault-nth:10): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:40 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x206, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:40 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='r\niserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:40 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa8aaaafffeaaaa15, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:40 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2718.438263] FAULT_INJECTION: forcing a failure. [ 2718.438263] name failslab, interval 1, probability 0, space 0, times 0 [ 2718.449656] CPU: 0 PID: 2926 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2718.457958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2718.467295] Call Trace: [ 2718.469878] dump_stack+0x1c9/0x2b4 [ 2718.473496] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2718.478676] ? __kernel_text_address+0xd/0x40 [ 2718.483156] ? unwind_get_return_address+0x61/0xa0 [ 2718.488074] should_fail.cold.4+0xa/0x11 [ 2718.492121] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2718.497212] ? save_stack+0xa9/0xd0 [ 2718.500825] ? kasan_kmalloc+0xc4/0xe0 [ 2718.504700] ? kasan_slab_alloc+0x12/0x20 [ 2718.508837] ? kmem_cache_alloc+0x12e/0x760 [ 2718.513159] ? radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 2718.519028] ? idr_get_free+0x887/0x10d0 [ 2718.523074] ? idr_alloc_u32+0x1d4/0x3a0 [ 2718.527121] ? idr_alloc_cyclic+0x173/0x360 [ 2718.531427] ? kernfs_new_node+0x80/0xf0 [ 2718.535469] ? kernfs_create_dir_ns+0x3d/0x140 [ 2718.540036] ? internal_create_group+0x3c9/0x9e0 [ 2718.544779] ? sysfs_create_group+0x1f/0x30 [ 2718.549086] ? lo_ioctl+0x1307/0x1d70 [ 2718.552871] ? blkdev_ioctl+0x9cd/0x2030 [ 2718.556917] ? block_ioctl+0xee/0x130 [ 2718.560703] ? do_vfs_ioctl+0x1de/0x1720 [ 2718.564747] ? ksys_ioctl+0xa9/0xd0 [ 2718.568373] ? __x64_sys_ioctl+0x73/0xb0 [ 2718.572421] ? do_syscall_64+0x1b9/0x820 [ 2718.576469] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2718.581820] ? lock_acquire+0x1e4/0x540 [ 2718.585790] ? cpuacct_charge+0x2eb/0x5d0 [ 2718.589924] ? lock_downgrade+0x8f0/0x8f0 [ 2718.594056] ? lock_release+0xa30/0xa30 [ 2718.598018] ? rb_erase+0x3550/0x3550 [ 2718.601807] ? lock_acquire+0x1e4/0x540 [ 2718.605764] ? update_curr+0x4c8/0xc00 [ 2718.609636] ? lock_downgrade+0x8f0/0x8f0 [ 2718.613768] ? lock_release+0xa30/0xa30 [ 2718.617742] ? kasan_unpoison_shadow+0x35/0x50 [ 2718.622310] __should_failslab+0x124/0x180 [ 2718.626531] should_failslab+0x9/0x14 [ 2718.630316] kmem_cache_alloc+0x47/0x760 [ 2718.634363] ? lock_acquire+0x1e4/0x540 [ 2718.638322] ? is_bpf_text_address+0xae/0x170 [ 2718.642803] ? lock_downgrade+0x8f0/0x8f0 [ 2718.646939] ? radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 2718.652811] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 2718.658527] idr_get_free+0x887/0x10d0 [ 2718.662405] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 2718.667320] ? __kernel_text_address+0xd/0x40 [ 2718.671802] ? unwind_get_return_address+0x61/0xa0 [ 2718.676722] ? __save_stack_trace+0x8d/0xf0 [ 2718.681034] ? save_stack+0xa9/0xd0 [ 2718.684645] ? save_stack+0x43/0xd0 [ 2718.688256] ? kasan_kmalloc+0xc4/0xe0 [ 2718.692131] ? kasan_slab_alloc+0x12/0x20 [ 2718.696263] ? kmem_cache_alloc+0x12e/0x760 [ 2718.700567] ? __kernfs_new_node+0xef/0x5a0 [ 2718.704872] ? kernfs_new_node+0x80/0xf0 [ 2718.708917] ? kernfs_create_dir_ns+0x3d/0x140 [ 2718.713499] ? internal_create_group+0x3c9/0x9e0 [ 2718.718239] ? sysfs_create_group+0x1f/0x30 [ 2718.722544] ? lo_ioctl+0x1307/0x1d70 [ 2718.726330] ? block_ioctl+0xee/0x130 [ 2718.730118] ? do_vfs_ioctl+0x1de/0x1720 [ 2718.734159] ? ksys_ioctl+0xa9/0xd0 [ 2718.737771] ? __x64_sys_ioctl+0x73/0xb0 [ 2718.741815] ? do_syscall_64+0x1b9/0x820 [ 2718.745863] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2718.751212] ? rcu_note_context_switch+0x571/0x730 [ 2718.756125] ? rcu_sched_qs+0x150/0x150 [ 2718.760085] idr_alloc_u32+0x1d4/0x3a0 [ 2718.763957] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 2718.768784] ? lock_acquire+0x1e4/0x540 [ 2718.772741] ? __kernfs_new_node+0x116/0x5a0 [ 2718.777137] idr_alloc_cyclic+0x173/0x360 [ 2718.781270] ? idr_alloc+0x1b0/0x1b0 [ 2718.784968] ? kasan_check_write+0x14/0x20 [ 2718.789201] ? do_raw_spin_lock+0xc1/0x200 [ 2718.793431] __kernfs_new_node+0x1ab/0x5a0 [ 2718.798529] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2718.803266] ? bd_set_size+0x2c1/0x370 [ 2718.807138] ? lock_downgrade+0x8f0/0x8f0 [ 2718.811270] ? enqueue_entity+0x2130/0x2130 [ 2718.815579] ? lock_release+0xa30/0xa30 [ 2718.819539] ? check_same_owner+0x340/0x340 [ 2718.823856] ? lock_acquire+0x1e4/0x540 [ 2718.827819] ? blk_queue_write_cache+0x1b8/0x43a [ 2718.832560] ? lock_downgrade+0x8f0/0x8f0 [ 2718.836692] kernfs_new_node+0x80/0xf0 [ 2718.840564] kernfs_create_dir_ns+0x3d/0x140 [ 2718.844955] internal_create_group+0x3c9/0x9e0 [ 2718.849520] ? do_raw_spin_lock+0xc1/0x200 [ 2718.853743] sysfs_create_group+0x1f/0x30 [ 2718.857878] lo_ioctl+0x1307/0x1d70 [ 2718.861492] ? lo_rw_aio_complete+0x450/0x450 [ 2718.865971] blkdev_ioctl+0x9cd/0x2030 [ 2718.869843] ? lock_acquire+0x1e4/0x540 [ 2718.873802] ? blkpg_ioctl+0xc40/0xc40 [ 2718.877695] ? lock_release+0xa30/0xa30 [ 2718.881669] ? save_stack+0xa9/0xd0 [ 2718.885281] ? save_stack+0x43/0xd0 [ 2718.888904] ? __fget+0x4d5/0x740 [ 2718.892343] ? ksys_dup3+0x690/0x690 [ 2718.896043] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2718.900611] ? kasan_check_write+0x14/0x20 [ 2718.904832] ? do_raw_spin_lock+0xc1/0x200 [ 2718.909054] block_ioctl+0xee/0x130 [ 2718.912667] ? blkdev_fallocate+0x400/0x400 [ 2718.916982] do_vfs_ioctl+0x1de/0x1720 [ 2718.920856] ? ioctl_preallocate+0x300/0x300 [ 2718.925246] ? __fget_light+0x2f7/0x440 [ 2718.929214] ? fget_raw+0x20/0x20 [ 2718.932655] ? trace_hardirqs_on+0xd/0x10 [ 2718.936786] ? kmem_cache_free+0x22e/0x2d0 [ 2718.941012] ? putname+0xf7/0x130 [ 2718.944453] ? do_sys_open+0x3cb/0x720 [ 2718.948328] ? security_file_ioctl+0x94/0xc0 [ 2718.952735] ksys_ioctl+0xa9/0xd0 [ 2718.956182] __x64_sys_ioctl+0x73/0xb0 [ 2718.960248] do_syscall_64+0x1b9/0x820 [ 2718.964123] ? finish_task_switch+0x1d3/0x870 [ 2718.968618] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2718.973533] ? syscall_return_slowpath+0x31d/0x5e0 [ 2718.978447] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2718.983448] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2718.988448] ? perf_trace_sys_enter+0xb10/0xb10 [ 2718.993103] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2718.997932] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2719.003106] RIP: 0033:0x455c97 [ 2719.006275] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2719.025561] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2719.033518] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 03:40:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:41 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000380)=[@in={0x2, 0x4e22, @loopback=0x7f000001}, @in6={0xa, 0x4e21, 0x1000, @empty, 0x2}, @in6={0xa, 0x4e24, 0xffffffffffffffff, @dev={0xfe, 0x80, [], 0xb}, 0x1}], 0x48) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000080)={0x0, 0x9}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000002c0)={r2, 0x8c, "a604f18255a3241d4b0ebdb680e6d74be9e49d117f0022b74c7585c3999466beda79044f9501efa1bd166ee7e2d39eb0e77ca14993f45ba9832c8f09b7ca68483eeda945296f2e42f7e171d49c03317be8b65f4b197cb168f537338d4307e3cc5a8de226bf007a2ed51e75ada9e96d3c9026e508600623da809c33fe4c0dcceca1f9e49bb5490714191c35cb"}, &(0x7f0000000100)=0x94) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @multicast1=0xe0000001}], 0x10) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000400)=@int=0x2, 0x4) ioctl$sock_netdev_private(r0, 0x89f5, &(0x7f0000000200)="20ce3fe7ccaecc4200710cadd5bfdc776b44b74862eed77f4f6311122b0056b5948086fb93dc97778c2736e95da15f575796262b84f1f7c5d11930eb1ec73abf0f735bcb2b58a651ece6e70791a5a80918d0fe874f399a886e54f9c23074af22242e0be5c06283eb77778bd0ffc170558655b7695deba292e0b4b0cca9f5c8c3fb7c8176b1d4cc02ad36613f6c5cb79361ed2006b42c9329") socketpair$inet(0x2, 0xa, 0x6, &(0x7f0000000140)) 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1300000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2719.040773] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2719.048027] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2719.055277] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2719.062539] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000a 03:40:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2719.189443] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:41 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f4, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x400000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:41 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='r%iserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:41 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f00000000c0)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x402000, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000140)={0x3f, @rand_addr=0x4, 0x4e23, 0x2, 'lblc\x00', 0x20, 0x800000, 0x38}, 0x2c) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f0000000080)={0x4, 0x6fb, 0x5423, 0x3ff, 0x2, 0x101}) 03:40:41 executing program 4 (fault-call:0 fault-nth:11): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2719.365013] IPVS: set_ctl: invalid protocol: 63 0.0.0.4:20003 [ 2719.374706] FAULT_INJECTION: forcing a failure. [ 2719.374706] name failslab, interval 1, probability 0, space 0, times 0 [ 2719.386067] CPU: 0 PID: 2974 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2719.394389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2719.403748] Call Trace: [ 2719.406352] dump_stack+0x1c9/0x2b4 [ 2719.409997] ? dump_stack_print_info.cold.2+0x52/0x52 03:40:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa8aaaafffeaaaa19, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2719.415203] ? rcu_note_context_switch+0x730/0x730 [ 2719.420148] should_fail.cold.4+0xa/0x11 [ 2719.424219] ? kasan_check_write+0x14/0x20 [ 2719.428469] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2719.433580] ? kernfs_activate+0x8e/0x2c0 [ 2719.437739] ? ___ratelimit.cold.2+0x6b/0x6b [ 2719.442168] ? mutex_trylock+0x2b0/0x2b0 [ 2719.446247] ? kasan_check_write+0x14/0x20 [ 2719.450500] ? __radix_tree_replace+0x188/0x2f0 [ 2719.455180] ? kernfs_add_one+0x4f/0x4d0 [ 2719.459250] ? kernfs_activate+0x21a/0x2c0 03:40:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x119, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x19aaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2719.463494] ? lock_downgrade+0x8f0/0x8f0 [ 2719.467653] ? lock_acquire+0x1e4/0x540 [ 2719.471631] ? fs_reclaim_acquire+0x20/0x20 [ 2719.475961] ? lock_downgrade+0x8f0/0x8f0 [ 2719.480121] ? check_same_owner+0x340/0x340 [ 2719.484455] ? kasan_check_write+0x14/0x20 [ 2719.488702] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2719.493643] ? rcu_note_context_switch+0x730/0x730 [ 2719.498586] __should_failslab+0x124/0x180 [ 2719.502832] should_failslab+0x9/0x14 [ 2719.506645] kmem_cache_alloc+0x2af/0x760 [ 2719.510798] ? __mutex_unlock_slowpath+0x197/0x8c0 03:40:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xd1, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x30b42efeff20d270, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2719.515744] ? kasan_check_write+0x14/0x20 [ 2719.520002] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2719.525034] __kernfs_new_node+0xef/0x5a0 [ 2719.529196] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2719.533963] ? mutex_unlock+0xd/0x10 [ 2719.537690] ? kernfs_activate+0x21a/0x2c0 [ 2719.541944] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2719.546817] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2719.552369] ? kernfs_link_sibling+0x1d2/0x3b0 [ 2719.556966] kernfs_new_node+0x80/0xf0 [ 2719.560894] __kernfs_create_file+0x4d/0x330 03:40:41 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xf825ccfffe46f786, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2719.565312] sysfs_add_file_mode_ns+0x21a/0x560 [ 2719.569992] internal_create_group+0x26d/0x9e0 [ 2719.574579] sysfs_create_group+0x1f/0x30 [ 2719.578731] lo_ioctl+0x1307/0x1d70 [ 2719.582370] ? lo_rw_aio_complete+0x450/0x450 [ 2719.586864] blkdev_ioctl+0x9cd/0x2030 [ 2719.590757] ? lock_acquire+0x1e4/0x540 [ 2719.594732] ? blkpg_ioctl+0xc40/0xc40 [ 2719.598634] ? lock_release+0xa30/0xa30 [ 2719.602625] ? save_stack+0xa9/0xd0 [ 2719.606256] ? save_stack+0x43/0xd0 [ 2719.609885] ? __fget+0x4d5/0x740 [ 2719.613344] ? ksys_dup3+0x690/0x690 [ 2719.617058] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2719.621647] ? kasan_check_write+0x14/0x20 [ 2719.625876] ? do_raw_spin_lock+0xc1/0x200 [ 2719.630113] block_ioctl+0xee/0x130 [ 2719.632469] IPVS: set_ctl: invalid protocol: 63 0.0.0.4:20003 [ 2719.633741] ? blkdev_fallocate+0x400/0x400 [ 2719.633761] do_vfs_ioctl+0x1de/0x1720 [ 2719.633780] ? ioctl_preallocate+0x300/0x300 [ 2719.652257] ? __fget_light+0x2f7/0x440 [ 2719.656235] ? fget_raw+0x20/0x20 [ 2719.659694] ? trace_hardirqs_on+0xd/0x10 [ 2719.663850] ? kmem_cache_free+0x22e/0x2d0 [ 2719.668077] ? putname+0xf7/0x130 [ 2719.671519] ? do_sys_open+0x3cb/0x720 [ 2719.675397] ? security_file_ioctl+0x94/0xc0 [ 2719.679787] ksys_ioctl+0xa9/0xd0 [ 2719.683221] __x64_sys_ioctl+0x73/0xb0 [ 2719.687090] do_syscall_64+0x1b9/0x820 [ 2719.690957] ? finish_task_switch+0x1d3/0x870 [ 2719.695443] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2719.700353] ? syscall_return_slowpath+0x31d/0x5e0 [ 2719.705264] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2719.710273] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2719.715282] ? perf_trace_sys_enter+0xb10/0xb10 [ 2719.719935] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2719.724770] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2719.729951] RIP: 0033:0x455c97 [ 2719.733116] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2719.752260] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2719.759970] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2719.767221] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2719.774485] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2719.781741] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2719.788991] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000b [ 2719.811672] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:42 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:42 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x385, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:42 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa0563cfffed24bfa, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:42 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = syz_open_dev$audion(&(0x7f0000000880)='/dev/audio#\x00', 0x3, 0x40400) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000008c0)={0xf000, 0x10000}) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) preadv(r2, &(0x7f0000000780)=[{&(0x7f0000000140)=""/60, 0x3c}, {&(0x7f00000001c0)=""/51, 0x33}, {&(0x7f0000000240)=""/101, 0x65}, {&(0x7f00000002c0)=""/231, 0xe7}, {&(0x7f00000003c0)=""/174, 0xae}, {&(0x7f0000000480)=""/3, 0x3}, {&(0x7f0000000580)=""/158, 0x9e}, {&(0x7f00000004c0)=""/79, 0x4f}, {&(0x7f0000000640)=""/66, 0x42}, {&(0x7f00000006c0)=""/173, 0xad}], 0xa, 0x2a) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, &(0x7f00000018c0)={0x81, 0x0, [0x3]}) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f00000012c0)={"e451ded145d0fdec431460de156134cbc1c072a52ffcec572456c3f5a186847523be9e1884a2ab71f05ce4b53a955d8738cf0a3d1a000000000000007f6c83d4b257a2b7261dcdbf961639a5976bf8769bb4451120a1cb6b3511ac5fec3f451b5b52f3f1ecb8c3cafee2159de782753b997144c576689dd822add5da7f65c206de64f60e8aaebf61f1267c977193c96f4ed1c64dda0062e21d2242879ad09896baef52f1610436a19a2001b72b683a59370b916e3fc2e54ff6a602082b89bdb1cab587a749befab8ea7e16cc906f00ad4feecfb249de45e81059a320afce7f042cb918bd139b78e5cd971081d382b0a91461f71fd925923a3c23bff4335c639c2bedf3e4f03ebcbbfb36086cc86388790522d36364e453c3b88748fc91a4949b0749941ed62d4dd2329e9aefdb3a0fb20eb924227e24524c990965f7c4c900376860a8ba004fc01072e74052d25f319675df5f69bc8db18b6a219458afbd9f0b057ae630f12105c0adb2b97aa131e6cf5fac8666b93488ffc170f1ff334eaec60ba54d9df2a3bc1fd87783f783bae8f9701d59660984fb8229eb935e174ac97b456938b93a1218d1d1eebe4743ef07900528099c9c612d959b92a9f155e50bf5b05690a648820d8bc1c091f8ad472d5c92dfa998937c760f59aaa70e82361038ddd3e759cc9c50c96ba09344a6b64b29ad361e034726deebf52fb1401e33528b6df1ef85f83ac71c3b4f9c717103236a409612f244ea495fe97440cda2f97c8a1177e9af0572a960147f7e3a9a7422908672e65272328503504e528b004d1adfca7d814a1c0d18faf4430c61d5b40c32e26744f994d294910e5fd7f7df8787566ba9a120db61bcae77c145eb1ca45e268f7a9da5cf09a6a76c1ea3165f576b7b2ce7e55670f74e4a8cf9b944d48c0e1b4adf58a440aacadaec980d9a31295253f1e7b80dac1aa49d4e9521a50b773709c161c48bac2cfed0949beda15de0d78a0540c17be0e2d8963374b456c62f6571b7b634f49c560cbc4a23b2b77445b9c026022d7b5fe05777713cc8ca5009d1e0d0738ed6abbefd54000c3a8e9004790a05f56bf42ef4b9b60cf7e6dda8588d8a96ff5f2f47dd89bdc33e57c744a2b4ed1fc83e5cb13fa334dd0041d13ca3a7cb78e02a328e4a5ab9b9b8a02e0819794e4a9e2ff9eeeb18529b61cf250db1f72e41c29c5b70af48551eb33740bd38503720d54b3437508e8fc817cba05a67008c793f0c05042e257536c0bed690b140666f239974d21cdcd846070d7e506e0a7a34500a647ac343e754f1f07e0dd5c4767bf29459f401bb3d6ecf17b60c26602f325150759b5da60fbee3eed062aa833c83a892b6adb1ecab834e158fd343b036378ca67baf69e299062474e7a475f67016055427985976e533ce1b35725d3e29de7f6900"}) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x4e22, @multicast2=0xe0000002}, @in6={0xa, 0x4e24, 0x7, @mcast2={0xff, 0x2, [], 0x1}, 0x7}, @in6={0xa, 0x4e23, 0x856, @mcast2={0xff, 0x2, [], 0x1}, 0x284}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x21}}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}], 0x78) setsockopt$inet_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000100)="1ebb7e4869497a5e139d13ddd1b44dab53127dc78f18ae7e80c17c00f155fda8d3094ee0d1c0799797e8dce04ea8372290a2a7d18f563e3d6869", 0x3a) bind$inet(r0, &(0x7f0000000840)={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) r5 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r5, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:42 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rliserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:42 executing program 4 (fault-call:0 fault-nth:12): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2720.526572] FAULT_INJECTION: forcing a failure. [ 2720.526572] name failslab, interval 1, probability 0, space 0, times 0 [ 2720.537869] CPU: 1 PID: 3031 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2720.546211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2720.555567] Call Trace: [ 2720.558163] dump_stack+0x1c9/0x2b4 [ 2720.561804] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2720.567005] ? rcu_note_context_switch+0x730/0x730 [ 2720.571950] should_fail.cold.4+0xa/0x11 03:40:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:42 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xa8aaaafffeaaaa0c, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:42 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x22f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2720.576020] ? kasan_check_write+0x14/0x20 [ 2720.580270] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2720.585379] ? kernfs_activate+0x8e/0x2c0 [ 2720.589543] ? ___ratelimit.cold.2+0x6b/0x6b [ 2720.593956] ? mutex_trylock+0x2b0/0x2b0 [ 2720.598025] ? kasan_check_write+0x14/0x20 [ 2720.602270] ? __radix_tree_replace+0x188/0x2f0 [ 2720.606946] ? kernfs_add_one+0x4f/0x4d0 [ 2720.611017] ? kernfs_activate+0x21a/0x2c0 [ 2720.615265] ? lock_downgrade+0x8f0/0x8f0 [ 2720.619427] ? lock_acquire+0x1e4/0x540 03:40:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:42 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1200000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2720.623410] ? fs_reclaim_acquire+0x20/0x20 [ 2720.627741] ? lock_downgrade+0x8f0/0x8f0 [ 2720.631897] ? check_same_owner+0x340/0x340 [ 2720.636224] ? kasan_check_write+0x14/0x20 [ 2720.640464] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2720.645405] ? rcu_note_context_switch+0x730/0x730 [ 2720.650345] __should_failslab+0x124/0x180 [ 2720.654587] should_failslab+0x9/0x14 [ 2720.658395] kmem_cache_alloc+0x2af/0x760 [ 2720.662555] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2720.667495] ? kasan_check_write+0x14/0x20 [ 2720.671739] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:40:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:42 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x25e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2720.676759] __kernfs_new_node+0xef/0x5a0 [ 2720.680919] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2720.685677] ? mutex_unlock+0xd/0x10 [ 2720.689395] ? kernfs_activate+0x21a/0x2c0 [ 2720.693636] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2720.698486] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2720.704024] ? kernfs_link_sibling+0x1d2/0x3b0 [ 2720.708609] kernfs_new_node+0x80/0xf0 [ 2720.712513] __kernfs_create_file+0x4d/0x330 [ 2720.716928] sysfs_add_file_mode_ns+0x21a/0x560 [ 2720.721601] internal_create_group+0x26d/0x9e0 [ 2720.726190] sysfs_create_group+0x1f/0x30 [ 2720.730342] lo_ioctl+0x1307/0x1d70 [ 2720.733973] ? lo_rw_aio_complete+0x450/0x450 [ 2720.738480] blkdev_ioctl+0x9cd/0x2030 [ 2720.742377] ? lock_acquire+0x1e4/0x540 [ 2720.746350] ? blkpg_ioctl+0xc40/0xc40 [ 2720.750243] ? lock_release+0xa30/0xa30 [ 2720.754216] ? save_stack+0xa9/0xd0 [ 2720.757845] ? save_stack+0x43/0xd0 [ 2720.761478] ? __fget+0x4d5/0x740 [ 2720.764935] ? ksys_dup3+0x690/0x690 [ 2720.768654] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2720.773240] ? kasan_check_write+0x14/0x20 [ 2720.777481] ? do_raw_spin_lock+0xc1/0x200 [ 2720.781719] block_ioctl+0xee/0x130 [ 2720.785345] ? blkdev_fallocate+0x400/0x400 [ 2720.789669] do_vfs_ioctl+0x1de/0x1720 [ 2720.793562] ? ioctl_preallocate+0x300/0x300 [ 2720.797969] ? __fget_light+0x2f7/0x440 [ 2720.801944] ? fget_raw+0x20/0x20 [ 2720.805395] ? trace_hardirqs_on+0xd/0x10 [ 2720.809555] ? kmem_cache_free+0x22e/0x2d0 [ 2720.813777] ? putname+0xf7/0x130 [ 2720.817216] ? do_sys_open+0x3cb/0x720 [ 2720.821091] ? security_file_ioctl+0x94/0xc0 [ 2720.825482] ksys_ioctl+0xa9/0xd0 [ 2720.828919] __x64_sys_ioctl+0x73/0xb0 [ 2720.832795] do_syscall_64+0x1b9/0x820 [ 2720.836663] ? finish_task_switch+0x1d3/0x870 [ 2720.841140] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2720.846055] ? syscall_return_slowpath+0x31d/0x5e0 [ 2720.850970] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2720.855968] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2720.860968] ? perf_trace_sys_enter+0xb10/0xb10 [ 2720.865619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2720.870447] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2720.875618] RIP: 0033:0x455c97 [ 2720.878786] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2720.897959] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2720.905650] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2720.912909] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2720.920163] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2720.927415] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2720.934664] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000c [ 2720.954260] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:43 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:43 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:43 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1400000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x29e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:43 executing program 4 (fault-call:0 fault-nth:13): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:43 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='re\nserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:43 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffd5, 0x0, 0x0, 0x0, 0x80000001}, [@map={0x18, 0x9, 0x1, 0x0, 0x1}, @call={0x85, 0x0, 0x0, 0x12}, @alu={0x4, 0x3, 0x0, 0x2, 0x4, 0x20, 0xfffffffffffffff0}], {0x95}}, &(0x7f0000000140)='GPL\x00', 0x7, 0xce, &(0x7f00000001c0)=""/206, 0x41100, 0x1, [], 0x0, 0xb}, 0x48) ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000340)=r2) r3 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r3, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000380)={0x0, 0xffffffff7fffffff, 0x10001}, &(0x7f00000003c0)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000400)={r4, @in6={{0xa, 0x4e24, 0x3ff, @mcast1={0xff, 0x1, [], 0x1}, 0x7}}}, 0x84) 03:40:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:43 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1d, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2721.523344] FAULT_INJECTION: forcing a failure. [ 2721.523344] name failslab, interval 1, probability 0, space 0, times 0 [ 2721.534726] CPU: 1 PID: 3092 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2721.543051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2721.552413] Call Trace: [ 2721.555015] dump_stack+0x1c9/0x2b4 [ 2721.558660] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2721.563862] ? rcu_note_context_switch+0x730/0x730 [ 2721.568805] should_fail.cold.4+0xa/0x11 03:40:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:43 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:43 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x40000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2721.572874] ? kasan_check_write+0x14/0x20 [ 2721.577125] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2721.582235] ? kernfs_activate+0x8e/0x2c0 [ 2721.586391] ? ___ratelimit.cold.2+0x6b/0x6b [ 2721.590810] ? mutex_trylock+0x2b0/0x2b0 [ 2721.594874] ? kasan_check_write+0x14/0x20 [ 2721.599121] ? __radix_tree_replace+0x188/0x2f0 [ 2721.603789] ? kernfs_add_one+0x4f/0x4d0 [ 2721.607860] ? kernfs_activate+0x21a/0x2c0 [ 2721.612113] ? lock_downgrade+0x8f0/0x8f0 [ 2721.616268] ? lock_acquire+0x1e4/0x540 03:40:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2721.620242] ? fs_reclaim_acquire+0x20/0x20 [ 2721.624584] ? lock_downgrade+0x8f0/0x8f0 [ 2721.628745] ? check_same_owner+0x340/0x340 [ 2721.633074] ? kasan_check_write+0x14/0x20 [ 2721.637315] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2721.642254] ? rcu_note_context_switch+0x730/0x730 [ 2721.647193] __should_failslab+0x124/0x180 [ 2721.651436] should_failslab+0x9/0x14 [ 2721.655243] kmem_cache_alloc+0x2af/0x760 [ 2721.659400] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2721.664338] ? kasan_check_write+0x14/0x20 [ 2721.668583] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:40:43 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2721.673608] __kernfs_new_node+0xef/0x5a0 [ 2721.677772] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2721.682535] ? mutex_unlock+0xd/0x10 [ 2721.686252] ? kernfs_activate+0x21a/0x2c0 [ 2721.690492] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2721.695345] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2721.700891] ? kernfs_link_sibling+0x1d2/0x3b0 [ 2721.705483] kernfs_new_node+0x80/0xf0 [ 2721.709372] __kernfs_create_file+0x4d/0x330 [ 2721.713785] sysfs_add_file_mode_ns+0x21a/0x560 [ 2721.718458] internal_create_group+0x26d/0x9e0 [ 2721.723045] sysfs_create_group+0x1f/0x30 [ 2721.727193] lo_ioctl+0x1307/0x1d70 [ 2721.730827] ? lo_rw_aio_complete+0x450/0x450 [ 2721.735322] blkdev_ioctl+0x9cd/0x2030 [ 2721.739211] ? lock_acquire+0x1e4/0x540 [ 2721.743184] ? blkpg_ioctl+0xc40/0xc40 [ 2721.747073] ? lock_release+0xa30/0xa30 [ 2721.751057] ? save_stack+0xa9/0xd0 [ 2721.754692] ? save_stack+0x43/0xd0 [ 2721.758321] ? __fget+0x4d5/0x740 [ 2721.761782] ? ksys_dup3+0x690/0x690 [ 2721.765499] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2721.770095] ? kasan_check_write+0x14/0x20 [ 2721.774335] ? do_raw_spin_lock+0xc1/0x200 [ 2721.778574] block_ioctl+0xee/0x130 [ 2721.782202] ? blkdev_fallocate+0x400/0x400 [ 2721.786525] do_vfs_ioctl+0x1de/0x1720 [ 2721.790423] ? ioctl_preallocate+0x300/0x300 [ 2721.794830] ? __fget_light+0x2f7/0x440 [ 2721.798798] ? fget_raw+0x20/0x20 [ 2721.802254] ? trace_hardirqs_on+0xd/0x10 [ 2721.806397] ? kmem_cache_free+0x22e/0x2d0 [ 2721.810622] ? putname+0xf7/0x130 [ 2721.814057] ? do_sys_open+0x3cb/0x720 [ 2721.817933] ? security_file_ioctl+0x94/0xc0 [ 2721.822324] ksys_ioctl+0xa9/0xd0 [ 2721.825759] __x64_sys_ioctl+0x73/0xb0 [ 2721.829641] do_syscall_64+0x1b9/0x820 [ 2721.833519] ? finish_task_switch+0x1d3/0x870 [ 2721.838007] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2721.842923] ? syscall_return_slowpath+0x31d/0x5e0 [ 2721.847830] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2721.852825] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2721.857822] ? perf_trace_sys_enter+0xb10/0xb10 [ 2721.862471] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2721.867306] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2721.872482] RIP: 0033:0x455c97 [ 2721.875648] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2721.895301] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2721.902996] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2721.910263] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2721.917513] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2721.924771] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2721.932028] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000d [ 2721.955482] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:44 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:44 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x16aaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:44 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:44 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) ptrace$setregset(0x4205, r2, 0x207, &(0x7f0000000100)={&(0x7f00000001c0)="caf117e124cc071665ef627803322cce2165b14eac485af687fddb1cb75886586522f15dc7257d7c6687a944c186d4e3fc09dcccfeb76e6865b8446124f72855205a2c395c922f37fc090ab4ddef26501a0b9a80768abbc4e32525c74cfe57fff93e4932947a897e6575c28fe9e4c08db84cdfe4a91f0f64fdbfd00143cdb03b60e27c0329c9110cb88ea595333d", 0x8e}) 03:40:44 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x29d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:44 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='re%serfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:44 executing program 4 (fault-call:0 fault-nth:14): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2722.454592] FAULT_INJECTION: forcing a failure. [ 2722.454592] name failslab, interval 1, probability 0, space 0, times 0 [ 2722.465885] CPU: 1 PID: 3149 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2722.474207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2722.483566] Call Trace: [ 2722.486194] dump_stack+0x1c9/0x2b4 [ 2722.489835] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2722.495039] ? rcu_note_context_switch+0x730/0x730 [ 2722.499982] should_fail.cold.4+0xa/0x11 03:40:44 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:44 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x4000, 0x0) ioctl$KDGETLED(r1, 0x4b31, &(0x7f00000000c0)) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000100)) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:44 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x19, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2722.504057] ? kasan_check_write+0x14/0x20 [ 2722.508305] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2722.513410] ? kernfs_activate+0x8e/0x2c0 [ 2722.517570] ? ___ratelimit.cold.2+0x6b/0x6b [ 2722.521978] ? mutex_trylock+0x2b0/0x2b0 [ 2722.526133] ? kasan_check_write+0x14/0x20 [ 2722.530381] ? __radix_tree_replace+0x188/0x2f0 [ 2722.535072] ? kernfs_add_one+0x4f/0x4d0 [ 2722.539139] ? kernfs_activate+0x21a/0x2c0 [ 2722.543385] ? lock_downgrade+0x8f0/0x8f0 [ 2722.547547] ? lock_acquire+0x1e4/0x540 03:40:44 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x10aaaafeffaaaaa8, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2722.551528] ? fs_reclaim_acquire+0x20/0x20 [ 2722.555860] ? lock_downgrade+0x8f0/0x8f0 [ 2722.560022] ? check_same_owner+0x340/0x340 [ 2722.564353] ? kasan_check_write+0x14/0x20 [ 2722.568594] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2722.573528] ? rcu_note_context_switch+0x730/0x730 [ 2722.578464] __should_failslab+0x124/0x180 [ 2722.582713] should_failslab+0x9/0x14 [ 2722.586535] kmem_cache_alloc+0x2af/0x760 [ 2722.590697] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2722.595634] ? kasan_check_write+0x14/0x20 [ 2722.599879] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:40:44 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2722.604898] __kernfs_new_node+0xef/0x5a0 [ 2722.609057] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2722.613816] ? mutex_unlock+0xd/0x10 [ 2722.617535] ? kernfs_activate+0x21a/0x2c0 [ 2722.621772] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2722.626623] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2722.632165] ? kernfs_link_sibling+0x1d2/0x3b0 [ 2722.636750] kernfs_new_node+0x80/0xf0 [ 2722.640639] __kernfs_create_file+0x4d/0x330 [ 2722.645052] sysfs_add_file_mode_ns+0x21a/0x560 [ 2722.649721] internal_create_group+0x26d/0x9e0 03:40:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:44 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) socketpair(0xb, 0x801, 0xffff, &(0x7f0000000080)={0xffffffffffffffff}) connect$pptp(r1, &(0x7f00000000c0)={0x18, 0x2, {0x0, @broadcast=0xffffffff}}, 0x1e) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2722.654310] sysfs_create_group+0x1f/0x30 [ 2722.658456] lo_ioctl+0x1307/0x1d70 [ 2722.662089] ? lo_rw_aio_complete+0x450/0x450 [ 2722.666585] blkdev_ioctl+0x9cd/0x2030 [ 2722.670471] ? lock_acquire+0x1e4/0x540 [ 2722.674444] ? blkpg_ioctl+0xc40/0xc40 [ 2722.678339] ? lock_release+0xa30/0xa30 [ 2722.682320] ? save_stack+0xa9/0xd0 [ 2722.685947] ? save_stack+0x43/0xd0 [ 2722.689578] ? __fget+0x4d5/0x740 [ 2722.693035] ? ksys_dup3+0x690/0x690 [ 2722.696754] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2722.701340] ? kasan_check_write+0x14/0x20 [ 2722.705577] ? do_raw_spin_lock+0xc1/0x200 [ 2722.709818] block_ioctl+0xee/0x130 [ 2722.713447] ? blkdev_fallocate+0x400/0x400 [ 2722.717766] do_vfs_ioctl+0x1de/0x1720 [ 2722.721658] ? ioctl_preallocate+0x300/0x300 [ 2722.726068] ? __fget_light+0x2f7/0x440 [ 2722.730045] ? fget_raw+0x20/0x20 [ 2722.733503] ? trace_hardirqs_on+0xd/0x10 [ 2722.737655] ? kmem_cache_free+0x22e/0x2d0 [ 2722.741891] ? putname+0xf7/0x130 [ 2722.745347] ? do_sys_open+0x3cb/0x720 [ 2722.749243] ? security_file_ioctl+0x94/0xc0 [ 2722.753656] ksys_ioctl+0xa9/0xd0 [ 2722.757116] __x64_sys_ioctl+0x73/0xb0 [ 2722.761014] do_syscall_64+0x1b9/0x820 [ 2722.764905] ? finish_task_switch+0x1d3/0x870 [ 2722.769403] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2722.774374] ? syscall_return_slowpath+0x31d/0x5e0 [ 2722.779304] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2722.784325] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2722.789343] ? perf_trace_sys_enter+0xb10/0xb10 [ 2722.794018] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2722.798867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2722.804051] RIP: 0033:0x455c97 [ 2722.807229] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2722.826502] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2722.834193] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2722.841442] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2722.848688] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2722.855952] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2722.863197] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000e [ 2722.875678] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:45 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:45 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f8, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:45 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:45 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xc0fe, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:45 executing program 5: r0 = memfd_create(&(0x7f0000000100)='%lo\x00', 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000140)={0x0, 0xf111}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200)={r1, 0xd911}, &(0x7f0000000240)=0x8) r2 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4080, 0x0) setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000280)={0x4, 0xffff}, 0x2) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000000c0)='ip_vti0\x00') r4 = fcntl$dupfd(r2, 0x0, r2) sendmmsg$unix(r4, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:45 executing program 4 (fault-call:0 fault-nth:15): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:45 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='relserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:45 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x15da52feffbea728, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:45 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) listen(r0, 0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x800, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000000c0)={0x5b, 0x9, 0xae4, "e46ed56b6c657e43226a333171f67d3d41acd293c9d9a8205c60d921e0b92491a6d3fc4f918130355a7591a87398437eed8b8e549811c5c3ef2f70324498aa4594bfbd39beb825df1937a660758984e49667fc7edad87e72dbdb1b"}) r2 = fcntl$dupfd(r1, 0xfffffffffffffffd, r1) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:45 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2723.447345] FAULT_INJECTION: forcing a failure. [ 2723.447345] name failslab, interval 1, probability 0, space 0, times 0 [ 2723.458674] CPU: 1 PID: 3208 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2723.466998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2723.476497] Call Trace: [ 2723.479101] dump_stack+0x1c9/0x2b4 [ 2723.482737] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2723.487937] ? rcu_note_context_switch+0x730/0x730 [ 2723.492893] should_fail.cold.4+0xa/0x11 [ 2723.496972] ? kasan_check_write+0x14/0x20 [ 2723.501224] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2723.506338] ? kernfs_activate+0x8e/0x2c0 [ 2723.510505] ? ___ratelimit.cold.2+0x6b/0x6b [ 2723.514927] ? mutex_trylock+0x2b0/0x2b0 [ 2723.519005] ? kasan_check_write+0x14/0x20 [ 2723.523260] ? __radix_tree_replace+0x188/0x2f0 [ 2723.527961] ? kernfs_add_one+0x4f/0x4d0 [ 2723.532038] ? kernfs_activate+0x21a/0x2c0 [ 2723.536293] ? lock_downgrade+0x8f0/0x8f0 [ 2723.540467] ? lock_acquire+0x1e4/0x540 03:40:45 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:45 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0xfc00, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2723.544465] ? fs_reclaim_acquire+0x20/0x20 [ 2723.548812] ? lock_downgrade+0x8f0/0x8f0 [ 2723.552982] ? check_same_owner+0x340/0x340 [ 2723.557316] ? kasan_check_write+0x14/0x20 [ 2723.561560] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2723.566494] ? rcu_note_context_switch+0x730/0x730 [ 2723.571436] __should_failslab+0x124/0x180 [ 2723.575684] should_failslab+0x9/0x14 [ 2723.579495] kmem_cache_alloc+0x2af/0x760 [ 2723.583650] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2723.588595] ? kasan_check_write+0x14/0x20 [ 2723.592843] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:40:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:45 executing program 5: r0 = socket$inet(0x2, 0x80802, 0x8) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='nr0\x00', 0x10) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2723.597871] __kernfs_new_node+0xef/0x5a0 [ 2723.602037] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 2723.606810] ? mutex_unlock+0xd/0x10 [ 2723.610542] ? kernfs_activate+0x21a/0x2c0 [ 2723.614786] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2723.619903] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2723.625626] ? kernfs_link_sibling+0x1d2/0x3b0 [ 2723.630226] kernfs_new_node+0x80/0xf0 [ 2723.634125] __kernfs_create_file+0x4d/0x330 [ 2723.638543] sysfs_add_file_mode_ns+0x21a/0x560 [ 2723.643221] internal_create_group+0x26d/0x9e0 [ 2723.648008] sysfs_create_group+0x1f/0x30 [ 2723.652168] lo_ioctl+0x1307/0x1d70 [ 2723.655806] ? lo_rw_aio_complete+0x450/0x450 [ 2723.660310] blkdev_ioctl+0x9cd/0x2030 [ 2723.664207] ? lock_acquire+0x1e4/0x540 [ 2723.668187] ? blkpg_ioctl+0xc40/0xc40 [ 2723.672077] ? lock_release+0xa30/0xa30 [ 2723.676060] ? save_stack+0xa9/0xd0 [ 2723.679688] ? save_stack+0x43/0xd0 [ 2723.683318] ? __fget+0x4d5/0x740 [ 2723.686777] ? ksys_dup3+0x690/0x690 [ 2723.690493] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2723.695086] ? kasan_check_write+0x14/0x20 [ 2723.699325] ? do_raw_spin_lock+0xc1/0x200 [ 2723.703574] block_ioctl+0xee/0x130 [ 2723.707203] ? blkdev_fallocate+0x400/0x400 [ 2723.711527] do_vfs_ioctl+0x1de/0x1720 [ 2723.715421] ? ioctl_preallocate+0x300/0x300 [ 2723.719831] ? __fget_light+0x2f7/0x440 [ 2723.723810] ? fget_raw+0x20/0x20 [ 2723.727273] ? trace_hardirqs_on+0xd/0x10 [ 2723.731425] ? kmem_cache_free+0x22e/0x2d0 [ 2723.735669] ? putname+0xf7/0x130 [ 2723.739126] ? do_sys_open+0x3cb/0x720 [ 2723.743024] ? security_file_ioctl+0x94/0xc0 [ 2723.747431] ksys_ioctl+0xa9/0xd0 [ 2723.750888] __x64_sys_ioctl+0x73/0xb0 [ 2723.754784] do_syscall_64+0x1b9/0x820 [ 2723.758661] ? finish_task_switch+0x1d3/0x870 [ 2723.763150] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2723.768084] ? syscall_return_slowpath+0x31d/0x5e0 [ 2723.773018] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2723.778038] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2723.783046] ? perf_trace_sys_enter+0xb10/0xb10 [ 2723.787703] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2723.792544] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2723.797729] RIP: 0033:0x455c97 [ 2723.800896] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2723.820050] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2723.827770] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2723.835031] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2723.842281] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2723.849534] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2723.856785] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000000f [ 2723.868961] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:46 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x398, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:46 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x1700000000000000, 0x0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:46 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) readahead(r0, 0x6, 0x7f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f0000000080)={0x1, 0x8, 0x1fa, 'queue0\x00', 0x9}) 03:40:46 executing program 4 (fault-call:0 fault-nth:16): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:46 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiberfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2724.485358] FAULT_INJECTION: forcing a failure. [ 2724.485358] name failslab, interval 1, probability 0, space 0, times 0 [ 2724.496728] CPU: 1 PID: 3277 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2724.505048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2724.514406] Call Trace: [ 2724.517013] dump_stack+0x1c9/0x2b4 [ 2724.520659] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2724.527244] should_fail.cold.4+0xa/0x11 [ 2724.531330] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2724.536453] ? lock_acquire+0x1e4/0x540 [ 2724.540445] ? trace_hardirqs_on+0x10/0x10 [ 2724.544689] ? lock_release+0xa30/0xa30 [ 2724.548670] ? check_same_owner+0x340/0x340 [ 2724.553008] ? rcu_note_context_switch+0x730/0x730 [ 2724.557961] ? kasan_check_write+0x14/0x20 [ 2724.562213] ? lock_acquire+0x1e4/0x540 [ 2724.566224] ? fs_reclaim_acquire+0x20/0x20 [ 2724.570558] ? lock_downgrade+0x8f0/0x8f0 [ 2724.574724] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2724.580286] ? check_same_owner+0x340/0x340 03:40:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:46 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x11e1f5feffb467e8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x12d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:46 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2724.584616] ? number+0x967/0xc90 [ 2724.588083] ? rcu_note_context_switch+0x730/0x730 [ 2724.593027] __should_failslab+0x124/0x180 [ 2724.597275] should_failslab+0x9/0x14 [ 2724.601089] kmem_cache_alloc_node+0x272/0x780 [ 2724.605680] ? set_precision+0xe0/0xe0 [ 2724.609581] __alloc_skb+0x119/0x790 [ 2724.613304] ? skb_scrub_packet+0x490/0x490 [ 2724.617632] ? lock_release+0xa30/0xa30 [ 2724.621613] ? pointer+0x990/0x990 [ 2724.625162] ? device_get_devnode+0x2e0/0x2e0 [ 2724.629694] ? kasan_unpoison_shadow+0x35/0x50 03:40:46 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) eventfd(0x7) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) [ 2724.634444] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2724.639478] ? netlink_has_listeners+0x2cf/0x4a0 [ 2724.644248] ? netlink_tap_init_net+0x3e0/0x3e0 [ 2724.648934] alloc_uevent_skb+0x89/0x220 [ 2724.653017] kobject_uevent_env+0x866/0x1110 [ 2724.657450] ? internal_create_group+0x39a/0x9e0 [ 2724.662229] kobject_uevent+0x1f/0x30 [ 2724.666044] lo_ioctl+0x1385/0x1d70 [ 2724.669681] ? lo_rw_aio_complete+0x450/0x450 [ 2724.674183] blkdev_ioctl+0x9cd/0x2030 [ 2724.678075] ? lock_acquire+0x1e4/0x540 [ 2724.682056] ? blkpg_ioctl+0xc40/0xc40 [ 2724.685953] ? lock_release+0xa30/0xa30 [ 2724.689942] ? save_stack+0xa9/0xd0 [ 2724.693576] ? save_stack+0x43/0xd0 [ 2724.697204] ? __fget+0x4d5/0x740 [ 2724.700667] ? ksys_dup3+0x690/0x690 [ 2724.704390] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2724.708982] ? kasan_check_write+0x14/0x20 [ 2724.713224] ? do_raw_spin_lock+0xc1/0x200 [ 2724.717475] block_ioctl+0xee/0x130 [ 2724.721111] ? blkdev_fallocate+0x400/0x400 [ 2724.725472] do_vfs_ioctl+0x1de/0x1720 [ 2724.729366] ? ioctl_preallocate+0x300/0x300 [ 2724.733782] ? __fget_light+0x2f7/0x440 [ 2724.737769] ? fget_raw+0x20/0x20 [ 2724.741239] ? trace_hardirqs_on+0xd/0x10 [ 2724.745393] ? kmem_cache_free+0x22e/0x2d0 [ 2724.749645] ? putname+0xf7/0x130 [ 2724.753102] ? do_sys_open+0x3cb/0x720 [ 2724.757022] ? security_file_ioctl+0x94/0xc0 [ 2724.761440] ksys_ioctl+0xa9/0xd0 [ 2724.764905] __x64_sys_ioctl+0x73/0xb0 [ 2724.768801] do_syscall_64+0x1b9/0x820 [ 2724.772688] ? finish_task_switch+0x1d3/0x870 [ 2724.777190] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2724.782107] ? syscall_return_slowpath+0x31d/0x5e0 [ 2724.787029] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2724.792044] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2724.797049] ? perf_trace_sys_enter+0xb10/0xb10 [ 2724.801704] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2724.806533] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2724.811704] RIP: 0033:0x455c97 [ 2724.814868] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2724.834046] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2724.841847] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2724.849108] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2724.856371] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2724.863632] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2724.870896] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000010 [ 2724.889620] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:47 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x357, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:47 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) accept(r0, &(0x7f00000000c0)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @ipv4={[], [], @remote}}}}, &(0x7f0000000140)=0x80) prctl$setname(0xf, &(0x7f0000000080)='\x00') sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:47 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1100000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:47 executing program 4 (fault-call:0 fault-nth:17): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:47 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reixerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:47 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$sock_inet_tcp_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) 03:40:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x310, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2725.448193] FAULT_INJECTION: forcing a failure. [ 2725.448193] name failslab, interval 1, probability 0, space 0, times 0 [ 2725.459509] CPU: 1 PID: 3339 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2725.468005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2725.477366] Call Trace: [ 2725.479960] dump_stack+0x1c9/0x2b4 [ 2725.483601] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2725.488810] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 2725.493753] ? radix_tree_iter_replace+0x49/0x60 03:40:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:47 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei+erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:47 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x17, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2725.498591] should_fail.cold.4+0xa/0x11 [ 2725.502663] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2725.507801] ? kasan_check_write+0x14/0x20 [ 2725.512045] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2725.516982] ? lock_downgrade+0x8f0/0x8f0 [ 2725.521140] ? wait_for_completion+0x8d0/0x8d0 [ 2725.525736] ? kasan_check_read+0x11/0x20 [ 2725.529893] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2725.534410] ? kasan_check_write+0x14/0x20 [ 2725.538663] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2725.543613] ? kasan_check_write+0x14/0x20 03:40:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2725.547892] ? wait_for_completion+0x8d0/0x8d0 [ 2725.552504] ? kasan_check_write+0x14/0x20 [ 2725.556755] ? __kernfs_new_node+0x426/0x5a0 [ 2725.561182] ? lock_acquire+0x1e4/0x540 [ 2725.565165] ? fs_reclaim_acquire+0x20/0x20 [ 2725.569515] ? lock_downgrade+0x8f0/0x8f0 [ 2725.573676] ? kernfs_walk_and_get_ns+0x340/0x340 [ 2725.578529] ? check_same_owner+0x340/0x340 [ 2725.582862] ? rcu_note_context_switch+0x730/0x730 [ 2725.587811] __should_failslab+0x124/0x180 [ 2725.592066] should_failslab+0x9/0x14 [ 2725.595880] kmem_cache_alloc_trace+0x2cb/0x780 [ 2725.600563] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2725.606112] ? sysfs_add_file_mode_ns+0x22c/0x560 [ 2725.610967] ? sysfs_add_file_mode_ns+0x23c/0x560 [ 2725.615823] ? device_create_file+0x1e0/0x1e0 [ 2725.620330] kobject_uevent_env+0x20f/0x1110 [ 2725.624739] ? internal_create_group+0x39a/0x9e0 [ 2725.629497] kobject_uevent+0x1f/0x30 [ 2725.633285] lo_ioctl+0x1385/0x1d70 [ 2725.636898] ? lo_rw_aio_complete+0x450/0x450 [ 2725.641385] blkdev_ioctl+0x9cd/0x2030 [ 2725.645266] ? lock_acquire+0x1e4/0x540 [ 2725.649241] ? blkpg_ioctl+0xc40/0xc40 [ 2725.653114] ? lock_release+0xa30/0xa30 [ 2725.657089] ? save_stack+0xa9/0xd0 [ 2725.660713] ? save_stack+0x43/0xd0 [ 2725.664335] ? __fget+0x4d5/0x740 [ 2725.667781] ? ksys_dup3+0x690/0x690 [ 2725.671480] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2725.676061] ? kasan_check_write+0x14/0x20 [ 2725.680285] ? do_raw_spin_lock+0xc1/0x200 [ 2725.684503] block_ioctl+0xee/0x130 [ 2725.688115] ? blkdev_fallocate+0x400/0x400 [ 2725.692433] do_vfs_ioctl+0x1de/0x1720 [ 2725.696302] ? ioctl_preallocate+0x300/0x300 [ 2725.700691] ? __fget_light+0x2f7/0x440 [ 2725.704646] ? fget_raw+0x20/0x20 [ 2725.708083] ? trace_hardirqs_on+0xd/0x10 [ 2725.712213] ? kmem_cache_free+0x22e/0x2d0 [ 2725.716431] ? putname+0xf7/0x130 [ 2725.719863] ? do_sys_open+0x3cb/0x720 [ 2725.723745] ? security_file_ioctl+0x94/0xc0 [ 2725.728152] ksys_ioctl+0xa9/0xd0 [ 2725.731610] __x64_sys_ioctl+0x73/0xb0 [ 2725.735484] do_syscall_64+0x1b9/0x820 [ 2725.739368] ? finish_task_switch+0x1d3/0x870 [ 2725.743849] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2725.748766] ? syscall_return_slowpath+0x31d/0x5e0 [ 2725.753677] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2725.758703] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2725.763706] ? perf_trace_sys_enter+0xb10/0xb10 [ 2725.768361] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2725.773188] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2725.778357] RIP: 0033:0x455c97 [ 2725.781521] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2725.800650] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2725.808342] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2725.815596] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2725.822847] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2725.830098] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2725.837349] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000011 [ 2725.889569] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:48 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x39d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:48 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x5fd0}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYBLOB="00000ae5e70495c6768cec2223dc884fa885482c7b7a21656604fbc1bc6a3b001f000700000006"], 0x1c) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) r3 = semget$private(0x0, 0x4, 0x20) semctl$GETPID(r3, 0x3, 0xb, &(0x7f00000001c0)=""/10) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000100)) 03:40:48 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x100000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:48 executing program 4 (fault-call:0 fault-nth:18): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:48 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei#erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2726.389517] FAULT_INJECTION: forcing a failure. [ 2726.389517] name failslab, interval 1, probability 0, space 0, times 0 [ 2726.400946] CPU: 0 PID: 3397 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2726.409351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2726.418712] Call Trace: [ 2726.421304] dump_stack+0x1c9/0x2b4 [ 2726.424945] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2726.430160] should_fail.cold.4+0xa/0x11 [ 2726.434249] ? __kernel_text_address+0xd/0x40 03:40:48 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f0000000280)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e22, 0x1000, @loopback={0x0, 0x1}, 0x80}, @in={0x2, 0x4e22, @multicast2=0xe0000002}, @in={0x2, 0x4e20, @rand_addr=0x3}, @in={0x2, 0x4e21, @rand_addr=0x5}, @in6={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0x1e}, 0x6}], 0x78) 03:40:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x60, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:48 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfe80000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2726.438768] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2726.443886] ? __save_stack_trace+0x8d/0xf0 [ 2726.448237] ? save_stack+0xa9/0xd0 [ 2726.451881] ? save_stack+0x43/0xd0 [ 2726.455515] ? kasan_kmalloc+0xc4/0xe0 [ 2726.459411] ? kasan_slab_alloc+0x12/0x20 [ 2726.463568] ? kmem_cache_alloc_node+0x144/0x780 [ 2726.468332] ? __alloc_skb+0x119/0x790 [ 2726.472245] ? alloc_uevent_skb+0x89/0x220 [ 2726.476491] ? kobject_uevent_env+0x866/0x1110 [ 2726.481082] ? kobject_uevent+0x1f/0x30 [ 2726.485068] ? lo_ioctl+0x1385/0x1d70 03:40:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x59, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2726.488879] ? blkdev_ioctl+0x9cd/0x2030 [ 2726.492950] ? block_ioctl+0xee/0x130 [ 2726.496762] ? do_vfs_ioctl+0x1de/0x1720 [ 2726.500838] ? ksys_ioctl+0xa9/0xd0 [ 2726.504475] ? __x64_sys_ioctl+0x73/0xb0 [ 2726.508558] ? lock_acquire+0x1e4/0x540 [ 2726.512545] ? fs_reclaim_acquire+0x20/0x20 [ 2726.516882] ? lock_downgrade+0x8f0/0x8f0 [ 2726.521042] ? check_same_owner+0x340/0x340 [ 2726.525381] ? lock_downgrade+0x8f0/0x8f0 [ 2726.529546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2726.535222] ? rcu_note_context_switch+0x730/0x730 [ 2726.540181] __should_failslab+0x124/0x180 [ 2726.544454] should_failslab+0x9/0x14 [ 2726.548287] kmem_cache_alloc_node_trace+0x26f/0x770 [ 2726.553405] ? kasan_kmalloc+0xc4/0xe0 [ 2726.557308] __kmalloc_node_track_caller+0x33/0x70 [ 2726.562257] __kmalloc_reserve.isra.41+0x3a/0xe0 [ 2726.567024] __alloc_skb+0x155/0x790 [ 2726.570744] ? skb_scrub_packet+0x490/0x490 [ 2726.575067] ? lock_release+0xa30/0xa30 [ 2726.579043] ? pointer+0x990/0x990 [ 2726.582586] ? device_get_devnode+0x2e0/0x2e0 [ 2726.587091] ? kasan_unpoison_shadow+0x35/0x50 [ 2726.591686] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2726.597401] ? netlink_has_listeners+0x2cf/0x4a0 [ 2726.602161] ? netlink_tap_init_net+0x3e0/0x3e0 [ 2726.606832] alloc_uevent_skb+0x89/0x220 [ 2726.610890] kobject_uevent_env+0x866/0x1110 [ 2726.615284] ? internal_create_group+0x39a/0x9e0 [ 2726.620034] kobject_uevent+0x1f/0x30 [ 2726.623828] lo_ioctl+0x1385/0x1d70 [ 2726.627439] ? lo_rw_aio_complete+0x450/0x450 [ 2726.631926] blkdev_ioctl+0x9cd/0x2030 [ 2726.635809] ? lock_acquire+0x1e4/0x540 [ 2726.639779] ? blkpg_ioctl+0xc40/0xc40 [ 2726.643653] ? lock_release+0xa30/0xa30 [ 2726.647626] ? save_stack+0xa9/0xd0 [ 2726.651246] ? save_stack+0x43/0xd0 [ 2726.654855] ? __fget+0x4d5/0x740 [ 2726.658295] ? ksys_dup3+0x690/0x690 [ 2726.661994] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2726.666563] ? kasan_check_write+0x14/0x20 [ 2726.670778] ? do_raw_spin_lock+0xc1/0x200 [ 2726.675016] block_ioctl+0xee/0x130 [ 2726.678633] ? blkdev_fallocate+0x400/0x400 [ 2726.682950] do_vfs_ioctl+0x1de/0x1720 [ 2726.686821] ? ioctl_preallocate+0x300/0x300 [ 2726.691223] ? __fget_light+0x2f7/0x440 [ 2726.695195] ? fget_raw+0x20/0x20 [ 2726.698646] ? trace_hardirqs_on+0xd/0x10 [ 2726.702775] ? kmem_cache_free+0x22e/0x2d0 [ 2726.707007] ? putname+0xf7/0x130 [ 2726.710456] ? do_sys_open+0x3cb/0x720 [ 2726.714345] ? security_file_ioctl+0x94/0xc0 [ 2726.718757] ksys_ioctl+0xa9/0xd0 [ 2726.722205] __x64_sys_ioctl+0x73/0xb0 [ 2726.726077] do_syscall_64+0x1b9/0x820 [ 2726.729951] ? finish_task_switch+0x1d3/0x870 [ 2726.734429] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2726.739343] ? syscall_return_slowpath+0x31d/0x5e0 [ 2726.744257] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2726.749264] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2726.754273] ? perf_trace_sys_enter+0xb10/0xb10 [ 2726.758933] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2726.763768] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2726.768960] RIP: 0033:0x455c97 [ 2726.772145] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2726.791366] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2726.799150] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2726.806420] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2726.813675] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2726.820942] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2726.828195] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000012 [ 2726.855806] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xe2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:49 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x80fe, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:49 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:49 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$int_out(r0, 0x5462, &(0x7f0000000080)) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:49 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiXerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:49 executing program 4 (fault-call:0 fault-nth:19): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2727.289318] FAULT_INJECTION: forcing a failure. [ 2727.289318] name failslab, interval 1, probability 0, space 0, times 0 [ 2727.300684] CPU: 1 PID: 3454 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2727.309040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2727.318403] Call Trace: [ 2727.321008] dump_stack+0x1c9/0x2b4 [ 2727.324660] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2727.329877] should_fail.cold.4+0xa/0x11 [ 2727.333958] ? __kernel_text_address+0xd/0x40 03:40:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:49 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xffffffff00000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2727.338611] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2727.343737] ? __save_stack_trace+0x8d/0xf0 [ 2727.348089] ? save_stack+0xa9/0xd0 [ 2727.351734] ? save_stack+0x43/0xd0 [ 2727.355373] ? kasan_kmalloc+0xc4/0xe0 [ 2727.359269] ? kasan_slab_alloc+0x12/0x20 [ 2727.363429] ? kmem_cache_alloc_node+0x144/0x780 [ 2727.368196] ? __alloc_skb+0x119/0x790 [ 2727.372096] ? alloc_uevent_skb+0x89/0x220 [ 2727.376338] ? kobject_uevent_env+0x866/0x1110 [ 2727.380930] ? kobject_uevent+0x1f/0x30 [ 2727.384919] ? lo_ioctl+0x1385/0x1d70 03:40:49 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='i\x00', 0xfffffffffffffe31) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x101000, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000100), &(0x7f0000000140)=0x4) r2 = fcntl$dupfd(r0, 0x0, r0) setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000180)=0x7, 0x4) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2727.388730] ? blkdev_ioctl+0x9cd/0x2030 [ 2727.392801] ? block_ioctl+0xee/0x130 [ 2727.396613] ? do_vfs_ioctl+0x1de/0x1720 [ 2727.400692] ? ksys_ioctl+0xa9/0xd0 [ 2727.404329] ? __x64_sys_ioctl+0x73/0xb0 [ 2727.408410] ? lock_acquire+0x1e4/0x540 [ 2727.412398] ? fs_reclaim_acquire+0x20/0x20 [ 2727.416738] ? lock_downgrade+0x8f0/0x8f0 [ 2727.420902] ? check_same_owner+0x340/0x340 [ 2727.425236] ? lock_downgrade+0x8f0/0x8f0 [ 2727.429407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2727.434959] ? rcu_note_context_switch+0x730/0x730 03:40:49 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x20}) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2727.439907] __should_failslab+0x124/0x180 [ 2727.444165] should_failslab+0x9/0x14 [ 2727.447984] kmem_cache_alloc_node_trace+0x26f/0x770 [ 2727.453106] ? kasan_kmalloc+0xc4/0xe0 [ 2727.457011] __kmalloc_node_track_caller+0x33/0x70 [ 2727.461961] __kmalloc_reserve.isra.41+0x3a/0xe0 [ 2727.466752] __alloc_skb+0x155/0x790 [ 2727.470474] ? skb_scrub_packet+0x490/0x490 [ 2727.474804] ? lock_release+0xa30/0xa30 [ 2727.478801] ? pointer+0x990/0x990 [ 2727.482347] ? device_get_devnode+0x2e0/0x2e0 03:40:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xdd, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:49 executing program 5: r0 = socket$inet(0x2, 0x0, 0x400001000000032) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f00000001c0)) ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f00000000c0)) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000300)={0x0, 0x3, 0x4, {0x77359400}, 0x5, 0x1}) socketpair$inet(0x2, 0xe, 0x0, &(0x7f0000000080)) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000380)={&(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1}) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000140)={r2, 0x50, &(0x7f0000000280)}, 0x10) ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f00000003c0)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000580)={{0x7, 0x0, 0x6, 0x0, '\x00', 0x7be5}, 0x2, 0x30, 0x9, r3, 0x6, 0xfffffffffffffffd, 'syz0\x00', &(0x7f0000000400)=['\x00', '/dev/snd/seq\x00', '/dev/snd/seq\x00', 'user]&^-\x00', '-\x00', 'ip_vti0\x00'], 0x2e, [], [0x0, 0x1000000000000000, 0x22490063, 0x81]}) fdatasync(r2) [ 2727.486847] ? kasan_unpoison_shadow+0x35/0x50 [ 2727.491434] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2727.496456] ? netlink_has_listeners+0x2cf/0x4a0 [ 2727.501215] ? netlink_tap_init_net+0x3e0/0x3e0 [ 2727.505897] alloc_uevent_skb+0x89/0x220 [ 2727.509969] kobject_uevent_env+0x866/0x1110 [ 2727.514383] ? internal_create_group+0x39a/0x9e0 [ 2727.519147] kobject_uevent+0x1f/0x30 [ 2727.522954] lo_ioctl+0x1385/0x1d70 [ 2727.526592] ? lo_rw_aio_complete+0x450/0x450 [ 2727.531105] blkdev_ioctl+0x9cd/0x2030 [ 2727.534995] ? lock_acquire+0x1e4/0x540 [ 2727.538975] ? blkpg_ioctl+0xc40/0xc40 [ 2727.542872] ? lock_release+0xa30/0xa30 [ 2727.546857] ? save_stack+0xa9/0xd0 [ 2727.550488] ? save_stack+0x43/0xd0 [ 2727.554129] ? __fget+0x4d5/0x740 [ 2727.557595] ? ksys_dup3+0x690/0x690 [ 2727.561316] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2727.565933] ? kasan_check_write+0x14/0x20 [ 2727.570175] ? do_raw_spin_lock+0xc1/0x200 [ 2727.574414] block_ioctl+0xee/0x130 [ 2727.578044] ? blkdev_fallocate+0x400/0x400 [ 2727.582392] do_vfs_ioctl+0x1de/0x1720 [ 2727.586285] ? ioctl_preallocate+0x300/0x300 [ 2727.590723] ? __fget_light+0x2f7/0x440 [ 2727.594700] ? fget_raw+0x20/0x20 [ 2727.598161] ? trace_hardirqs_on+0xd/0x10 [ 2727.602316] ? kmem_cache_free+0x22e/0x2d0 [ 2727.606556] ? putname+0xf7/0x130 [ 2727.610010] ? do_sys_open+0x3cb/0x720 [ 2727.613937] ? security_file_ioctl+0x94/0xc0 [ 2727.618353] ksys_ioctl+0xa9/0xd0 [ 2727.621810] __x64_sys_ioctl+0x73/0xb0 [ 2727.625707] do_syscall_64+0x1b9/0x820 [ 2727.629593] ? finish_task_switch+0x1d3/0x870 [ 2727.634099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2727.639087] ? syscall_return_slowpath+0x31d/0x5e0 [ 2727.644020] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2727.649291] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2727.654306] ? perf_trace_sys_enter+0xb10/0xb10 [ 2727.658982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2727.663838] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2727.669035] RIP: 0033:0x455c97 [ 2727.672215] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:40:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2727.691384] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2727.699079] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2727.706347] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2727.713604] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2727.720861] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2727.728122] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000013 [ 2727.741342] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:50 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa0c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x160, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:50 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:50 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000080)={'filter\x00', 0x9d, "5251fa164186094a725735e87f35b9a8916d56eeffcc5471f5ebed1e3f8e4545c57e23efda3dfac1331250934742ec171e1724ad17104988ce389a438b500438ac6137d30181996aa5f0094ce923bb1a13054a677208a5f407d014fb07d995e825096b6680f91758b6d0bef022c407e07a63bd567970013a70ae4c44d6c9f9e5941c2f4ccc3dea855ac72b6ccfa250f94603e875b54d82ce1ef45f0521"}, &(0x7f00000001c0)=0xc1) 03:40:50 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei.erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:50 executing program 4 (fault-call:0 fault-nth:20): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:50 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:50 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2728.238196] FAULT_INJECTION: forcing a failure. [ 2728.238196] name failslab, interval 1, probability 0, space 0, times 0 [ 2728.249591] CPU: 1 PID: 3516 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2728.257918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2728.267281] Call Trace: [ 2728.269882] dump_stack+0x1c9/0x2b4 [ 2728.273524] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2728.278731] ? lo_ioctl+0xe6/0x1d70 [ 2728.282371] should_fail.cold.4+0xa/0x11 03:40:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1b6, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:50 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) r2 = gettid() getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000600)={{{@in, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@broadcast}}, &(0x7f0000000700)=0xe8) fstat(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = gettid() r6 = getuid() r7 = getgid() ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000007c0)=0x0) stat(&(0x7f0000000800)="2e2f66696c6530000000000000000005b400", &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0}) r10 = getgid() getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000008c0)={0x0}, &(0x7f0000000900)=0xc) stat(&(0x7f0000000940)="2e2f66696c6530000000000000000005b400", &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001040)={0x0}, &(0x7f0000001080)=0xc) getresuid(&(0x7f00000010c0)=0x0, &(0x7f0000001100), &(0x7f0000001140)) r16 = getegid() ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000001540)=0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001580)={{{@in=@rand_addr, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @remote}}, 0x0, @in=@remote}}, &(0x7f0000001680)=0xe8) lstat(&(0x7f00000016c0)='./file0\x00', &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000001780)=0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000017c0)={{{@in6=@loopback, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@mcast2}}, &(0x7f00000018c0)=0xe8) fstat(r1, &(0x7f0000001900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000001980)=0x0) r24 = getuid() lstat(&(0x7f00000019c0)="2e2f66696c6530000000000000000005b400", &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r1, 0x10, &(0x7f0000001a80)={0x0, 0x0}) r27 = geteuid() r28 = getegid() r29 = getpgid(0xffffffffffffffff) r30 = getuid() getresgid(&(0x7f0000001d40), &(0x7f0000001d80)=0x0, &(0x7f0000001dc0)) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000029c0)=0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001e40)={{{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@remote}}, &(0x7f0000001f40)=0xe8) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000001f80)={0x0, 0x0, 0x0}, &(0x7f0000001fc0)=0xc) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002000)=0x0) r36 = geteuid() getgroups(0x8, &(0x7f0000002040)=[0x0, 0x0, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff]) r38 = getpgid(0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000002080)={{{@in=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@dev}}, &(0x7f0000002180)=0xe8) stat(&(0x7f00000021c0)="2e2f66696c6530000000000000000005b400", &(0x7f0000002200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000002280)={0x0}, &(0x7f00000022c0)=0xc) fstat(r1, &(0x7f0000002300)={0x0, 0x0, 0x0, 0x0, 0x0}) r43 = getegid() r44 = getpgid(0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000002380)={{{@in6=@dev, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000002480)=0xe8) fstat(r1, &(0x7f00000024c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r47 = getpgrp(0xffffffffffffffff) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000002540)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f0000002640)=0xe8) getresgid(&(0x7f0000002680), &(0x7f00000026c0), &(0x7f0000002700)=0x0) sendmmsg$unix(r1, &(0x7f0000002840)=[{&(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000580)=[{&(0x7f00000001c0)="9b0ca37764a21bdf999920a14ce464c027332e06e48aa81ba4c708d7f1ecda7db79a1cee52459628c8c4b543b61149788ae2c6600e7b108095bd1d515323921a5d7f40520b8a983d3c713a382239e6e5d97c1b7ac0a1637277324b1c3ad9788c16b94a2c9d6588618d87bf6e3f8323fdf93329bb920761f1251b2593dd3d82e8f5c3", 0x82}, {&(0x7f0000000100)}, {&(0x7f0000000280)="cc37c91e82921ab753040fc80a84f75081d87b593e3abf8d03b6080ec61c1aeb12ba7be69b76d7a01e91aea50af441bebab6d1dd272ea4ef93bd63f662c5cadc8522c1cee530dfaf7fd3f646779751562c40bb95c26d87d38120fbac702d99623f1b06cd8871f44ae68b68649bda009d7ac4b9c9392af1327a48c174bf35b9458dd71d211ee55e795a41739ec44713b013e4b245418e29a80d5c25847a2e3f9a73370e252d2f9aa4a506c955", 0xac}, {&(0x7f0000000140)="84c09ab06cfb", 0x6}, {&(0x7f0000000340)="1f8a91f5436fcd3506e8645a9f2b23fa698124bb28d49f11741368ae1ed697de76385f5e9f905641bca595c21c5150644ce070724dd90771a98b29be09dc0ef91ef2bde0d5b7637d3f5d42b5bfd4b907c6be6503336db5b6f265a70a6be5cc7a9110bc55035031a4ace3ca1e2bcd54557b45964e286043af9b4fa5bb4ce83d8976a3f590869a932833cf03ff7c4f001608e2ea55f17547f50d0cc89c41d9f39348eff808a12ee0ba22", 0xa9}, {&(0x7f0000000400)="64ec1ccc956e096debc5ebb6bc16bd1d592f0c17f0e3fcf0db92387897e1d93262e9c2359fabea49d2ff9232b0577e4d6d5180de755ecf7b95b222eb081edda9f979ce748d5b669292b7ecafe6fde1ea6c7e110da3e4e8277324", 0x5a}, {&(0x7f0000000480)="2727c92be88af31b4ba7c31def5b736008a69554775ea7d760e16b04bfc7cc4c03b390f202483e78e4c3daf88691ce973acc65c03a8925284251265d280d6ac85ab63fb3f283bf20c40a676a47c39b1771f950ddd872dd260d2b58d9c28374bfc0418aa2e47ca61defb478f695d11ecbf2450f56415176ea8e2ff3d2ad08728ce11424b133420b567c0c99a1efc3af55253095c1281ba1e2de548acbdf18cd8681a1d94491bbc36c0d4a9bf408d1acb3d80ba37a", 0xb4}], 0x7, &(0x7f0000000a80)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}, @rights={0x18, 0x1, 0x1, [r1, r0]}, @cred={0x20, 0x1, 0x2, r5, r6, r7}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @cred={0x20, 0x1, 0x2, r11, r12, r13}], 0x98, 0x800}, {&(0x7f0000000b40)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000fc0)=[{&(0x7f0000000bc0)="5fb3c675a54889cca18cd0361d0b0cfcd7d53f", 0x13}, {&(0x7f0000000c00)="60b654c2e7f62c277d2f704d1a51ef20ed1168404f9b5daeb791d11e5a5dab7c0496d78f8f4f140197238534d3aa38c1bb1384942713d6962628608797dbd17293a2db366ea0661f8710e4356d3de2ba0f5104756fca7a76a6262d9582734b81fdd5a9a99cb98efe4dce8378e749e4b076873dfd1e06f1f75902505fbbd6c2a5a41181d2d2b9c0e7d63d3ba3204de4c3817e54f9938693143813c56089599c0c534027f8bc79949a21115765095579e2e72fcaf9ae1de643a0bbe5dcdfbaaf09825bd2ab06cfc74b7af5e4300666", 0xce}, {&(0x7f0000000d00)="fd51f766fedea606c850577a8ef80578a7e862c9f7c7f40b7196cb00979ba1bef277f2eb0555d15f9a4a94323c", 0x2d}, {&(0x7f0000000d40)="ef73bc1627071f62ee0abbf2fab9bfac1be06d5939ab0e6a51e532569817463a7a14085c10036c8bb821179978b3afd50924dbf7b9fa930fdbcde42638c5c6ac800033f8476f209a6764bd632ded57165a97bbe42c5cccc87489506a9b74202f667930150fddda123d12be9826e65f4cbd5e23e2d402767c11720c8fc5038a2d60569476f176149cc21624f4966f1218131b8ea0b0c6a467c85a621e4fc7d18126cfd8fa6192347656c48e39f5f54b81b7ad351f7b828758ad67a892f83f4e", 0xbf}, {&(0x7f0000000e00)="a5533d1494a225b7ef5493f08059906d35d9e7f51dc645c1d782c58c5a7effd7f8804188698c7d27a2f50aad161ffc458997c2f1", 0x34}, {&(0x7f0000000e40)="74be6dca9457dd39aadef5a33617c9a7c7ac895487f37d59c34e2bafb977048eada11525053b37b6b1e622637047051f9e42117ee61c3aa52bed3d3215da320f4befd3ca31e8ac20216d86b011d1f5a70b6e67e143daff3a6bf40accd48417a63ea5746195386c8a267611ec7ecb2389f445a3f99e85ed64411d77e27064aa3a88cacee3ddf38492dc505436b3722316771435f840626f3b4be874da289e04", 0x9f}, {&(0x7f0000000f00)="c2eb77ac8b714184abb5f6c50f502dc3efd83e988b8daa8c9078d34d6a2c0dab1d7df124bb6940cc7f8c57dfbc351186a57bea20794224fe5dbce3515b1b859a7fba40b34fc642fe357fb6acb9afddad1cff1226e6da3e4181554d79d40ffca0b63b68559406b22b4f86b18f7f6a9c3996cfc4309dad561b920dc09ce434b0eb68686f3166ad2d6346a9fd5ac047ccd92796f9550ba2cfe4af381ac96f25ac25669369f87514401ed2d5", 0xaa}], 0x7, &(0x7f0000001180)=[@rights={0x30, 0x1, 0x1, [r1, r0, r1, r0, r0, r1, r0, r1]}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @rights={0x20, 0x1, 0x1, [r1, r1, r0]}, @rights={0x28, 0x1, 0x1, [r0, r1, r1, r0, r1, r0]}, @cred={0x20, 0x1, 0x2, r14, r15, r16}], 0xb0, 0x40004}, {&(0x7f0000001240)=@file={0x1, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000001300)=[{&(0x7f00000012c0)="33f145f85b30", 0x6}], 0x1, &(0x7f0000001340)=[@rights={0x20, 0x1, 0x1, [r1, r1, r0]}], 0x20, 0x4}, {&(0x7f0000001380)=@file={0x1, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000001500)=[{&(0x7f0000001400)="a14d3f43d90dacbd1106c08ee22a443f4bbedb15180b1bb5fe", 0x19}, {&(0x7f0000001440)="6f2be132b222f9b20ab024046f8454f133d4c76fb748b0a3aed62361de561ac41f67735d16a6087f1e62eeb85b65105950af0c0985536444745e4bdf886ad985a52d1207c349a03e62bd6fec948bc1e54ad531875a67dabcfc5fb1c03e9a992091f378868d8eb1aa5c85af89a2a7dd2f79a233fba2d3c85b9d170e941085a769979105ab17e588861bf6a8022e2cd3b61b9066beee7291fa3fef92dafb0d558e6b98", 0xa2}], 0x2, &(0x7f0000001ac0)=[@cred={0x20, 0x1, 0x2, r17, r18, r19}, @rights={0x38, 0x1, 0x1, [r1, r1, r1, r1, r0, r1, r0, r0, r1]}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @cred={0x20, 0x1, 0x2, r23, r24, r25}, @cred={0x20, 0x1, 0x2, r26, r27, r28}], 0xb8}, {&(0x7f0000001b80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c00)="dde4a6badb1ab5a2d0566930c78cac07f630646162238d69c58b5fdcff94ebf248a437a6f0b621d9211b6f4b26f4be73194fcc4aa25634a98dc3d04260eecb23fd2aa94db22f9c580e30b1311dc1c0600b59f916fca1e5adb54cb6b8a3ff1dc03a945200c416a956db002ba59cbf3e41b753e92bdfc54479b1a2c4724563e95937e234c3d9d76edf635650d42b0d79c9eabc8447514c9ed9ad6440dcd5568fd7ac9c4e5443aa5cb859543bbd6eef6a74c2e70ccd94b3d146a68fcc638029c911e2192f0e40d587aad640d99394ef5043005cdba4c4c35776ea83fe49abf739f9319f5003e782e9efbfb322f9", 0xec}], 0x1, &(0x7f0000002740)=[@cred={0x20, 0x1, 0x2, r29, r30, r31}, @cred={0x20, 0x1, 0x2, r32, r33, r34}, @cred={0x20, 0x1, 0x2, r35, r36, r37}, @cred={0x20, 0x1, 0x2, r38, r39, r40}, @cred={0x20, 0x1, 0x2, r41, r42, r43}, @cred={0x20, 0x1, 0x2, r44, r45, r46}, @cred={0x20, 0x1, 0x2, r47, r48, r49}], 0xe0, 0x4000000}], 0x5, 0x4000800) 03:40:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:50 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x4c4fb7feff47be88, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2728.286462] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2728.291582] ? blkpg_ioctl+0xc40/0xc40 [ 2728.295501] ? save_stack+0xa9/0xd0 [ 2728.299142] ? save_stack+0x43/0xd0 [ 2728.302895] ? __fget+0x4d5/0x740 [ 2728.306368] ? lock_acquire+0x1e4/0x540 [ 2728.310353] ? fs_reclaim_acquire+0x20/0x20 [ 2728.314688] ? lock_downgrade+0x8f0/0x8f0 [ 2728.318854] ? check_same_owner+0x340/0x340 [ 2728.323193] ? block_ioctl+0xee/0x130 [ 2728.327018] ? rcu_note_context_switch+0x730/0x730 [ 2728.331968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2728.337524] __should_failslab+0x124/0x180 [ 2728.341782] should_failslab+0x9/0x14 [ 2728.345598] kmem_cache_alloc+0x2af/0x760 [ 2728.349762] ? fget_raw+0x20/0x20 [ 2728.353231] getname_flags+0xd0/0x5a0 [ 2728.357050] do_mkdirat+0xc5/0x310 [ 2728.360624] ? __ia32_sys_mknod+0xb0/0xb0 [ 2728.364787] ? fput+0x130/0x1a0 [ 2728.368081] ? ksys_ioctl+0x81/0xd0 [ 2728.371726] __x64_sys_mkdir+0x5c/0x80 [ 2728.375728] do_syscall_64+0x1b9/0x820 [ 2728.379632] ? finish_task_switch+0x1d3/0x870 03:40:50 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2728.384160] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2728.389110] ? syscall_return_slowpath+0x31d/0x5e0 [ 2728.394092] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2728.399148] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2728.404183] ? perf_trace_sys_enter+0xb10/0xb10 [ 2728.408872] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2728.413734] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2728.418929] RIP: 0033:0x455267 03:40:50 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xb, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1fd, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:50 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x10003, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r1, 0x8250aea6, &(0x7f00000000c0)=""/129) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r2 = fcntl$dupfd(r0, 0x0, r0) fchmod(r1, 0x40) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r1, &(0x7f0000000200)={0x13, 0x10, 0xfa00, {&(0x7f00000002c0), r3, 0x1}}, 0x18) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) close(r0) 03:40:50 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2728.422114] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2728.441384] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2728.449104] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2728.456383] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2728.463661] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2728.470941] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2728.478246] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000014 03:40:51 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:51 executing program 4 (fault-call:0 fault-nth:21): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa16, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:51 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reioerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:51 executing program 5: bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000080)="2e2f66696c6530000000000000000005b400", 0x0, 0x10}, 0x10) r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x384, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf825ccfffe46f786, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2729.233642] FAULT_INJECTION: forcing a failure. [ 2729.233642] name failslab, interval 1, probability 0, space 0, times 0 [ 2729.244968] CPU: 0 PID: 3589 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2729.253339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2729.262700] Call Trace: [ 2729.265830] dump_stack+0x1c9/0x2b4 [ 2729.269480] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2729.274782] ? lock_acquire+0x1e4/0x540 [ 2729.278772] ? is_bpf_text_address+0xae/0x170 03:40:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x600000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2729.283284] should_fail.cold.4+0xa/0x11 [ 2729.287366] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2729.292491] ? rcu_is_watching+0x8c/0x150 [ 2729.296654] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2729.301342] ? is_bpf_text_address+0xd7/0x170 [ 2729.306370] ? kernel_text_address+0x79/0xf0 [ 2729.310793] ? __kernel_text_address+0xd/0x40 [ 2729.315301] ? unwind_get_return_address+0x61/0xa0 [ 2729.320248] ? __save_stack_trace+0x8d/0xf0 [ 2729.324603] ? lock_acquire+0x1e4/0x540 [ 2729.328590] ? fs_reclaim_acquire+0x20/0x20 03:40:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x88be47fffeb74f4c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2729.332932] ? lock_downgrade+0x8f0/0x8f0 [ 2729.337623] ? save_stack+0xa9/0xd0 [ 2729.341287] ? __kmalloc_reserve.isra.41+0x3a/0xe0 [ 2729.346237] ? check_same_owner+0x340/0x340 [ 2729.350568] ? blkdev_ioctl+0x9cd/0x2030 [ 2729.354657] ? block_ioctl+0xee/0x130 [ 2729.358464] ? do_vfs_ioctl+0x1de/0x1720 [ 2729.362536] ? rcu_note_context_switch+0x730/0x730 [ 2729.367478] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2729.372858] __should_failslab+0x124/0x180 [ 2729.377101] should_failslab+0x9/0x14 03:40:51 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfe80, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2729.380915] kmem_cache_alloc+0x2af/0x760 [ 2729.385076] ? lock_acquire+0x1e4/0x540 [ 2729.389063] skb_clone+0x1f5/0x500 [ 2729.392611] ? refcount_add_not_zero+0x290/0x330 [ 2729.397373] ? skb_split+0x11f0/0x11f0 [ 2729.401267] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2729.406297] ? netlink_trim+0x1ba/0x380 [ 2729.410279] ? netlink_skb_destructor+0x210/0x210 [ 2729.415129] netlink_broadcast_filtered+0x10b7/0x1620 [ 2729.420326] ? __netlink_sendskb+0xd0/0xd0 [ 2729.424564] ? pointer+0x990/0x990 [ 2729.428111] ? device_get_devnode+0x2e0/0x2e0 [ 2729.432614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2729.438159] ? refcount_inc_not_zero+0x1e5/0x2f0 [ 2729.442937] ? refcount_add_not_zero+0x330/0x330 [ 2729.447702] ? netlink_has_listeners+0x2cf/0x4a0 [ 2729.452465] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2729.457489] netlink_broadcast+0x3a/0x50 [ 2729.461549] kobject_uevent_env+0x829/0x1110 [ 2729.465940] ? internal_create_group+0x39a/0x9e0 [ 2729.470694] kobject_uevent+0x1f/0x30 [ 2729.474479] lo_ioctl+0x1385/0x1d70 [ 2729.478098] ? lo_rw_aio_complete+0x450/0x450 [ 2729.482609] blkdev_ioctl+0x9cd/0x2030 [ 2729.486494] ? lock_acquire+0x1e4/0x540 [ 2729.490451] ? blkpg_ioctl+0xc40/0xc40 [ 2729.494354] ? lock_release+0xa30/0xa30 [ 2729.498325] ? save_stack+0xa9/0xd0 [ 2729.501942] ? save_stack+0x43/0xd0 [ 2729.505569] ? __fget+0x4d5/0x740 [ 2729.509009] ? ksys_dup3+0x690/0x690 [ 2729.512722] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2729.517289] ? kasan_check_write+0x14/0x20 [ 2729.521507] ? do_raw_spin_lock+0xc1/0x200 [ 2729.525745] block_ioctl+0xee/0x130 [ 2729.529373] ? blkdev_fallocate+0x400/0x400 [ 2729.533677] do_vfs_ioctl+0x1de/0x1720 [ 2729.537546] ? ioctl_preallocate+0x300/0x300 [ 2729.541935] ? __fget_light+0x2f7/0x440 [ 2729.545907] ? fget_raw+0x20/0x20 [ 2729.549366] ? trace_hardirqs_on+0xd/0x10 [ 2729.553508] ? kmem_cache_free+0x22e/0x2d0 [ 2729.557730] ? putname+0xf7/0x130 [ 2729.561170] ? do_sys_open+0x3cb/0x720 [ 2729.565050] ? security_file_ioctl+0x94/0xc0 [ 2729.569457] ksys_ioctl+0xa9/0xd0 [ 2729.572906] __x64_sys_ioctl+0x73/0xb0 [ 2729.576786] do_syscall_64+0x1b9/0x820 [ 2729.580666] ? finish_task_switch+0x1d3/0x870 [ 2729.585165] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2729.590101] ? syscall_return_slowpath+0x31d/0x5e0 [ 2729.595036] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2729.600041] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2729.605048] ? perf_trace_sys_enter+0xb10/0xb10 [ 2729.609732] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2729.614568] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2729.619748] RIP: 0033:0x455c97 [ 2729.622923] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2729.642083] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2729.649785] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455c97 [ 2729.657048] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 2729.664305] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2729.671572] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2729.678835] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000015 [ 2729.707464] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:52 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:52 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x18aaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:52 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x26e) r1 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r1, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x339, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:52 executing program 4 (fault-call:0 fault-nth:22): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:52 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiherfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2730.193717] FAULT_INJECTION: forcing a failure. [ 2730.193717] name failslab, interval 1, probability 0, space 0, times 0 [ 2730.205747] CPU: 0 PID: 3636 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2730.214083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2730.223456] Call Trace: [ 2730.226062] dump_stack+0x1c9/0x2b4 [ 2730.229706] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2730.234931] ? lo_ioctl+0xe6/0x1d70 [ 2730.238576] should_fail.cold.4+0xa/0x11 03:40:52 executing program 5: r0 = socket$inet(0x2, 0x3, 0x32) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x33f) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x402000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x7) r2 = fcntl$dupfd(r0, 0x0, r0) sendmmsg$unix(r2, &(0x7f0000000540)=[{&(0x7f0000000000)=@file={0x0, "2e2f66696c6530000000000000000005b400"}, 0x6e, &(0x7f0000000100), 0x0, &(0x7f0000000480)}], 0x49249f6, 0x0) 03:40:52 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf03974fffee850c6, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:52 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) [ 2730.242655] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2730.247774] ? blkpg_ioctl+0xc40/0xc40 [ 2730.251692] ? save_stack+0xa9/0xd0 [ 2730.255340] ? save_stack+0x43/0xd0 [ 2730.258977] ? __fget+0x4d5/0x740 [ 2730.262445] ? lock_acquire+0x1e4/0x540 [ 2730.266433] ? fs_reclaim_acquire+0x20/0x20 [ 2730.270770] ? lock_downgrade+0x8f0/0x8f0 [ 2730.274944] ? check_same_owner+0x340/0x340 [ 2730.279282] ? block_ioctl+0xee/0x130 [ 2730.283103] ? rcu_note_context_switch+0x730/0x730 [ 2730.288056] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:40:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2d0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2730.293616] __should_failslab+0x124/0x180 [ 2730.297915] should_failslab+0x9/0x14 [ 2730.301737] kmem_cache_alloc+0x2af/0x760 [ 2730.305912] ? fget_raw+0x20/0x20 [ 2730.309414] getname_flags+0xd0/0x5a0 [ 2730.313236] do_mkdirat+0xc5/0x310 [ 2730.316790] ? __ia32_sys_mknod+0xb0/0xb0 [ 2730.320952] ? fput+0x130/0x1a0 [ 2730.324244] ? ksys_ioctl+0x81/0xd0 [ 2730.327895] __x64_sys_mkdir+0x5c/0x80 [ 2730.331807] do_syscall_64+0x1b9/0x820 [ 2730.335713] ? finish_task_switch+0x1d3/0x870 [ 2730.340228] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2730.345184] ? syscall_return_slowpath+0x31d/0x5e0 [ 2730.350139] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2730.355176] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2730.360219] ? perf_trace_sys_enter+0xb10/0xb10 [ 2730.364920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2730.369792] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2730.375014] RIP: 0033:0x455267 03:40:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xef, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2730.378206] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2730.397491] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2730.405214] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2730.412511] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2730.419789] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2730.427064] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2730.434337] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000016 03:40:52 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f0000005d80)=[{{&(0x7f0000000040)=@pppoe={0x0, 0x0, {0x0, @broadcast}}, 0x80, &(0x7f0000000480), 0x0, &(0x7f0000000580)}}, {{&(0x7f00000005c0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000780)=""/4096, 0x1000}}, {{&(0x7f0000001780)=@nfc, 0x80, &(0x7f0000002a40), 0x0, &(0x7f0000002a80)=""/183, 0xb7}}, {{&(0x7f0000002b40)=@nfc, 0x80, &(0x7f0000002f40), 0x0, &(0x7f0000002fc0)=""/70, 0x46}}, {{&(0x7f0000003040)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000004380), 0x0, &(0x7f00000043c0)=""/189, 0xbd}}, {{&(0x7f0000004480)=@alg, 0x80, &(0x7f0000005640)}}, {{&(0x7f0000005680)=@ax25, 0x80, &(0x7f0000005c00), 0x0, &(0x7f0000005cc0)=""/153, 0x99}}], 0x7, 0x0, &(0x7f0000005f40)={0x0, 0x1c9c380}) ioctl$KVM_RUN(r2, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f00000000c0)={0x0, 0xaa, "5d8a466cf8f9c300deb5b27d9753b95843a4a10fcbc032eb3fc0d4638065758c06d63bb0c83be24c52df8606c890b61fd6e78987900f8322178c420e0414819b044b3eb37d88022f2d262e9b529c08d39701cb3b77c1afddcadb591eb7c4b62a08f8987ffc206e74402239043ea466aec2038a569c86f407d0377f593bc77cffd214945788268fa7fe773344804ed0d478d3d00e4efcdc40023a7b756f9115d18c1cfe87adde6e3ca2b4"}, &(0x7f0000000000)=0xb2) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000180)={r4, 0x1ff}, 0x8) 03:40:52 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa0563cfffed24bfa, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:52 executing program 4 (fault-call:0 fault-nth:23): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:52 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) [ 2730.541740] FAULT_INJECTION: forcing a failure. [ 2730.541740] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2730.553596] CPU: 0 PID: 3676 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2730.561923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2730.571276] Call Trace: [ 2730.573863] dump_stack+0x1c9/0x2b4 [ 2730.577482] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2730.582664] ? trace_hardirqs_off+0xd/0x10 [ 2730.586894] should_fail.cold.4+0xa/0x11 [ 2730.590946] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2730.596036] ? trace_hardirqs_off+0xd/0x10 [ 2730.600259] ? wait_for_completion+0x8d0/0x8d0 [ 2730.604835] ? __kasan_slab_free+0x131/0x170 [ 2730.609243] ? trace_hardirqs_on+0x10/0x10 [ 2730.613464] ? kobject_uevent_env+0x288/0x1110 [ 2730.618040] ? internal_create_group+0x39a/0x9e0 [ 2730.622789] ? mutex_unlock+0xd/0x10 [ 2730.626490] ? lo_ioctl+0xe6/0x1d70 [ 2730.630348] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2730.635878] ? should_fail+0x246/0xd86 [ 2730.639757] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2730.645101] ? blkpg_ioctl+0xc40/0xc40 [ 2730.648990] __alloc_pages_nodemask+0x36e/0xdb0 [ 2730.653668] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 2730.658677] ? save_stack+0xa9/0xd0 [ 2730.662518] ? save_stack+0x43/0xd0 [ 2730.666139] ? __fget+0x4d5/0x740 [ 2730.669598] ? lock_acquire+0x1e4/0x540 [ 2730.673578] ? fs_reclaim_acquire+0x20/0x20 [ 2730.677887] ? lock_downgrade+0x8f0/0x8f0 [ 2730.682038] ? lock_release+0xa30/0xa30 [ 2730.686016] ? check_same_owner+0x340/0x340 [ 2730.690330] cache_grow_begin+0x91/0x710 [ 2730.694384] kmem_cache_alloc+0x689/0x760 [ 2730.698518] ? fget_raw+0x20/0x20 [ 2730.701960] getname_flags+0xd0/0x5a0 [ 2730.705749] do_mkdirat+0xc5/0x310 [ 2730.709278] ? __ia32_sys_mknod+0xb0/0xb0 [ 2730.713410] ? fput+0x130/0x1a0 [ 2730.716676] ? ksys_ioctl+0x81/0xd0 [ 2730.720291] __x64_sys_mkdir+0x5c/0x80 [ 2730.724163] do_syscall_64+0x1b9/0x820 [ 2730.728037] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2730.732956] ? syscall_return_slowpath+0x31d/0x5e0 [ 2730.737876] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2730.742906] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2730.747907] ? perf_trace_sys_enter+0xb10/0xb10 [ 2730.752561] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2730.757411] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2730.762584] RIP: 0033:0x455267 [ 2730.765751] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2730.784942] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 03:40:52 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiterfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fc], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x36b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2730.792634] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2730.799889] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2730.807142] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2730.814394] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2730.821648] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000017 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:52 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x70d220fffe2eb430, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:52 executing program 4 (fault-call:0 fault-nth:24): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2730.855512] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x61, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:52 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xdb3d1ffeff341908, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2730.964658] FAULT_INJECTION: forcing a failure. [ 2730.964658] name failslab, interval 1, probability 0, space 0, times 0 [ 2730.975945] CPU: 1 PID: 3702 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2730.984267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2730.993625] Call Trace: [ 2730.996222] dump_stack+0x1c9/0x2b4 [ 2730.999855] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2731.005054] ? trace_hardirqs_on+0x10/0x10 [ 2731.009377] ? save_stack+0xa9/0xd0 [ 2731.013007] should_fail.cold.4+0xa/0x11 [ 2731.017065] ? block_ioctl+0xee/0x130 [ 2731.020865] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2731.025972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2731.031508] ? walk_component+0x3fe/0x2630 [ 2731.035755] ? lock_downgrade+0x8f0/0x8f0 [ 2731.039901] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2731.044484] ? kasan_check_write+0x14/0x20 [ 2731.048742] ? trace_hardirqs_on+0x10/0x10 [ 2731.052982] ? path_parentat.isra.43+0x20/0x160 [ 2731.057655] ? lock_downgrade+0x8f0/0x8f0 [ 2731.061814] ? lock_acquire+0x1e4/0x540 [ 2731.065786] ? fs_reclaim_acquire+0x20/0x20 [ 2731.070109] ? lock_downgrade+0x8f0/0x8f0 [ 2731.074349] ? check_same_owner+0x340/0x340 [ 2731.078669] ? rcu_note_context_switch+0x730/0x730 [ 2731.083598] __should_failslab+0x124/0x180 [ 2731.087836] should_failslab+0x9/0x14 [ 2731.091637] kmem_cache_alloc+0x2af/0x760 [ 2731.095785] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2731.100369] __d_alloc+0xc8/0xd50 [ 2731.103818] ? shrink_dcache_sb+0x350/0x350 [ 2731.108138] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 2731.113154] ? d_alloc_parallel+0x1ea0/0x1ea0 [ 2731.117647] ? mntput+0x74/0xa0 [ 2731.120924] ? lock_release+0xa30/0xa30 [ 2731.124896] ? lock_acquire+0x1e4/0x540 [ 2731.128867] ? filename_create+0x1b2/0x5b0 [ 2731.133102] ? mnt_want_write+0x3f/0xc0 [ 2731.137081] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2731.142103] d_alloc+0x96/0x380 [ 2731.145384] ? __d_lookup+0x9e0/0x9e0 [ 2731.149183] ? __d_alloc+0xd50/0xd50 [ 2731.152898] __lookup_hash+0xd9/0x190 [ 2731.156699] filename_create+0x1e5/0x5b0 [ 2731.160760] ? kern_path_mountpoint+0x40/0x40 [ 2731.165249] ? fget_raw+0x20/0x20 [ 2731.168706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2731.174238] ? getname_flags+0x26e/0x5a0 [ 2731.178303] do_mkdirat+0xda/0x310 [ 2731.181848] ? __ia32_sys_mknod+0xb0/0xb0 [ 2731.186009] ? ksys_ioctl+0x81/0xd0 [ 2731.189637] __x64_sys_mkdir+0x5c/0x80 [ 2731.193540] do_syscall_64+0x1b9/0x820 [ 2731.197429] ? finish_task_switch+0x1d3/0x870 [ 2731.201924] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2731.206852] ? syscall_return_slowpath+0x31d/0x5e0 [ 2731.211780] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2731.216796] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2731.221813] ? perf_trace_sys_enter+0xb10/0xb10 [ 2731.226483] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2731.231329] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2731.236511] RIP: 0033:0x455267 [ 2731.239690] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:40:53 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiyerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f5, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:53 executing program 5: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e21, 0x0, @local={0xfe, 0x80, [], 0xaa}}}, 0x6, 0x1000}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000540)={r2, @in={{0x2, 0x4e24}}, 0x49, 0xffff}, &(0x7f0000000240)=0x90) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000010c0)={'team0\x00', 0x0}) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000001100)={@multicast1=0xe0000001, @broadcast=0xffffffff, r3}, 0xc) ftruncate(r1, 0x80000001) accept$alg(r1, 0x0, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = accept4(r4, &(0x7f0000000040)=@un=@abs, &(0x7f00000000c0)=0x80, 0x80000) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0xa, 0x8, 0x6, 0x2}, 0x2b0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r6, &(0x7f0000000000), &(0x7f0000000280)}, 0x20) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000009c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r5, &(0x7f0000001040)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001000)={&(0x7f0000000a00)={0x1c, r7, 0x72a, 0x70bd2b, 0x25dfdbff, {0x2}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48040}, 0x4000841) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000680)=ANY=[@ANYBLOB="cad1ad5d80ba604a6fb47a0400c3000600", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f00000001c0)=0x14) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000400)=@assoc_value, &(0x7f0000000440)=0x8) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r1, &(0x7f00000002c0)="016213858e", &(0x7f0000000dc0)=""/67}, 0x18) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000d00)=ANY=[@ANYBLOB="000007000000000002000000e0000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000994b988846310000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x90) syz_mount_image$xfs(&(0x7f0000000100)='xfs\x00', &(0x7f00000007c0)='./file0\x00', 0x80000001, 0x5, &(0x7f0000000c40)=[{&(0x7f0000000800)="3ec6d59b5de503b60bc2064ddd666131e0d9fdb6729de4b3fc177793baf4924456bbae286df6779297ab91e6318f5702f12a88303b8fdd68e33bc8fe9c021fde44a3ea0c01ca7da645fa5c71bd982c59e78379065030a0e2e43a9b11dbcf0099519433e6a0f4b03ed2b88c5e40eb4d58a550a69a8f8770e03654efa6d676727fdee962e47dd1c6ceb81ef2b61503bcaa12c6d9d98207715559fefff3157668485b8f41b5d07b5c01bc7919cbca432638f8a5d305fd9a6e09b88a8d703f666f", 0xbf, 0xfff}, {&(0x7f00000008c0)="eba16551f1dfa4aa7cf6ee1e879537f7b35c0be9e1967849bf20c900cc886e965b25adbcd8747e567232c461a9c89209b4aacee5bc12238c0a2d291304e9f729d52863a1c97269d157a982f8215ee03504f0c2cd1eace166df6f070f7192dddf45174d27bfd554c3e000fb7795d77af5d1e1a278af59b61d9def6d8b554a48a1d77f9d5d", 0x84, 0x1}, {&(0x7f0000000e40)="b66331958a3cf481bac1db5fd7f7086ea13159f32464c690bb6c96b440e6dabaa356744a4532fc053c8a9a99c95cff1e8308d603477005767059e8fa60b292b683953e39d3942333979b33fe45364726f2a8e70f63de6321f360431095c58ed19c816b29ab11b427515c5b0ea5389d8f259a4e1b2a4e5ae4a198be73ead9bcf8aaada2ee77a77edafe1a2f8e39d5e585ff47189ed6a470cd65e3a594543ef11a64582b41915c23ab8f98d9822eea94da8194d796304da2cc55f351f01a9d4ee58c8b2f858ed3b00307e09e6297dca8231ca6f5356ddaed06dd14fc8fee50f5e8a7a2ff7cf501a244faf96eae275313b7c05ea4f41dc59344923800618b62849dbc58f6bf5b7776f1f090601e93c6e61878cec1c844ce16cf554b914e16f0294c2a9f43bb370fdd5086bc3a7ff66538051a6939511e5406814f7fba4f40cdbc6c9e376f2e5116236b8e930370b27d7662eef6d757a8412e707ac31cf34cb6f25dbeb2937ccdf7ec114d2bcdf93837030ff2a8ba0e3e8986a040f38db8917436e6380d541ebd98ae0c3285", 0x18a, 0xfc}, {&(0x7f0000000a40)="c3f742cc0569d4ce40b2c87b32aa141ee247e9c0d13c3f2a7c1cb1dc2002f8d447edb7a470ff3bb302eb4da48756e3c4ec3827e3c0a21c83d890ebad99ee5a2500e71e305a6768be70b9f2264cffb64630a6b671b7b68ec482f1adb68714e8925bae842ffc6b3eb2f82a5487b0082eb3543a5b2e4b1f6752c016994047b788089e41c008d8e26b58a4f7d8d861dd074e268b46853c9668ccc36bc2d8c9a89623bc2af1cc4d2aa7b44366e0af53413e6ff5ea1a3ff735a1909608b679da5d3bd5df8b8d9cf8193e9421cd224e0ee5acc602215cf45f3a6b84301a4b8dede3dab9258ce517183a805788321e8325cb9625b175", 0xf2, 0x2}, {&(0x7f0000000b40)="02d10da3329eb8804e48671f479b295eb57aecb7e7c4841d073a608b2795aa8a9ebb0fca38acc3e0e9256e21b976104527178abb94aa906814ad5d008d01b54bc8476f3945eca8d5a390e2a3daafc1a4180f889f09a4d73cbb7930de5124673546df504d4bf9bc8ebbaffc29a37b17388d14fa616056faa4a57e3b8f5d257f429cef532ab013aaf825be0bb2d7cd1789b1a04b9d300984a6b57fa8a078dff1ddea82d71df0ae04c6237b4f2785370dfda33e6193b96c20467c72488ebbbbb5fdfe8c07b72ff19fe36964", 0xca, 0x80000001}], 0x200000, &(0x7f0000000cc0)={[{@nobarrier='nobarrier', 0x2c}]}) r8 = getpgid(0x0) sched_setparam(r8, &(0x7f0000000600)=0x9) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000480)=ANY=[@ANYBLOB="200000000000000002004e23ac141418000000000000000000000000000000000000296d7552eee9e4359c00000000000000000000000000000000000000000000000000002a887b070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0xfffffffffffffccd) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000280)='xfs\x00') ioctl$TCFLSH(r1, 0x540b, 0x4) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f00000006c0)) setsockopt$inet_sctp_SCTP_NODELAY(r5, 0x84, 0x3, &(0x7f0000000640)=0x3, 0x4) [ 2731.258961] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2731.266668] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2731.273937] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2731.281217] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2731.288484] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2731.295751] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000018 03:40:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:53 executing program 4 (fault-call:0 fault-nth:25): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2731.380994] XFS (loop5): nobarrier option is deprecated, ignoring. [ 2731.405436] FAULT_INJECTION: forcing a failure. [ 2731.405436] name failslab, interval 1, probability 0, space 0, times 0 [ 2731.416783] CPU: 0 PID: 3730 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2731.425121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2731.434475] Call Trace: [ 2731.437075] dump_stack+0x1c9/0x2b4 [ 2731.440721] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2731.445926] ? zap_class+0x740/0x740 [ 2731.449660] should_fail.cold.4+0xa/0x11 [ 2731.453744] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2731.458863] ? trace_hardirqs_on+0x10/0x10 [ 2731.463101] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2731.468121] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2731.472883] ? lock_acquire+0x1e4/0x540 [ 2731.476858] ? is_bpf_text_address+0xae/0x170 [ 2731.481354] ? perf_trace_lock+0xde/0x920 [ 2731.485504] ? lock_release+0xa30/0xa30 [ 2731.489479] ? zap_class+0x740/0x740 [ 2731.493198] ? rcu_is_watching+0x8c/0x150 [ 2731.497348] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2731.501737] XFS (loop5): Invalid superblock magic number [ 2731.502027] ? is_bpf_text_address+0xd7/0x170 [ 2731.502054] ? kernel_text_address+0x79/0xf0 [ 2731.516388] __should_failslab+0x124/0x180 [ 2731.520628] should_failslab+0x9/0x14 [ 2731.524430] kmem_cache_alloc+0x47/0x760 [ 2731.528493] ? __es_tree_search.isra.13+0x1ba/0x220 [ 2731.533511] __es_insert_extent+0x305/0x1140 [ 2731.537925] ? ext4_es_insert_extent+0x21c/0x7e0 [ 2731.542706] ? ext4_es_free_extent+0x820/0x820 [ 2731.547307] ? lock_release+0xa30/0xa30 [ 2731.551282] ? __x64_sys_mkdir+0x5c/0x80 [ 2731.555342] ? do_syscall_64+0x1b9/0x820 [ 2731.559404] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2731.564773] ? kasan_check_write+0x14/0x20 [ 2731.569013] ? do_raw_write_lock+0xbd/0x1b0 [ 2731.573341] ext4_es_insert_extent+0x2ea/0x7e0 [ 2731.577926] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 2731.583733] ? kasan_unpoison_shadow+0x35/0x50 [ 2731.588318] ? kasan_kmalloc+0xc4/0xe0 [ 2731.592204] ? __kmalloc+0x315/0x760 [ 2731.595939] ext4_ext_put_gap_in_cache+0x158/0x1f0 [ 2731.600868] ? ext4_zeroout_es+0x160/0x160 [ 2731.605103] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2731.610647] ext4_ext_map_blocks+0x2453/0x62e0 [ 2731.615249] ? unregister_lsm_notifier+0x20/0x20 [ 2731.620001] ? ext4_init_acl+0x1d6/0x300 [ 2731.624062] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 2731.629092] ? lock_acquire+0x1e4/0x540 [ 2731.633066] ? ext4_es_lookup_extent+0x42c/0xde0 [ 2731.637823] ? lock_downgrade+0x8f0/0x8f0 [ 2731.641972] ? lock_release+0xa30/0xa30 [ 2731.645949] ? lock_acquire+0x1e4/0x540 [ 2731.649925] ? ext4_map_blocks+0x480/0x1b60 [ 2731.654247] ? lock_release+0xa30/0xa30 [ 2731.658223] ? check_same_owner+0x340/0x340 [ 2731.662549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2731.668103] ? ext4_es_lookup_extent+0x465/0xde0 [ 2731.672859] ? rcu_note_context_switch+0x730/0x730 [ 2731.677798] ? down_read+0xb5/0x1d0 [ 2731.681425] ? ext4_map_blocks+0x480/0x1b60 [ 2731.685746] ? __down_interruptible+0x700/0x700 [ 2731.690426] ? kernel_text_address+0x79/0xf0 [ 2731.694848] ext4_map_blocks+0xe31/0x1b60 [ 2731.699002] ? __save_stack_trace+0x8d/0xf0 [ 2731.703341] ? ext4_issue_zeroout+0x190/0x190 [ 2731.707846] ? save_stack+0x43/0xd0 [ 2731.711475] ? __kasan_slab_free+0x11a/0x170 [ 2731.715885] ? kasan_slab_free+0xe/0x10 [ 2731.719858] ? kmem_cache_free+0x86/0x2d0 [ 2731.724011] ext4_getblk+0x10e/0x630 [ 2731.727734] ? ext4_iomap_begin+0x1350/0x1350 [ 2731.732233] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2731.737771] ? __dquot_initialize+0x61d/0xde0 [ 2731.742275] ext4_bread+0x95/0x2b0 [ 2731.745817] ? ext4_getblk+0x630/0x630 [ 2731.751441] ? dquot_get_next_dqblk+0x180/0x180 [ 2731.756115] ? debug_check_no_obj_freed+0x30b/0x595 [ 2731.761142] ? kasan_check_write+0x14/0x20 [ 2731.765418] ext4_append+0x14e/0x370 [ 2731.769130] ext4_mkdir+0x532/0xe60 [ 2731.772764] ? ext4_init_dot_dotdot+0x510/0x510 [ 2731.777445] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:40:53 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:53 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1000000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:53 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reicerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x38b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2731.782988] ? security_inode_permission+0xd2/0x100 [ 2731.788016] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2731.793565] ? security_inode_mkdir+0xe8/0x120 [ 2731.798155] vfs_mkdir+0x42e/0x6b0 [ 2731.801706] do_mkdirat+0x27b/0x310 [ 2731.805344] ? __ia32_sys_mknod+0xb0/0xb0 [ 2731.809494] ? ksys_ioctl+0x81/0xd0 [ 2731.813127] __x64_sys_mkdir+0x5c/0x80 [ 2731.817018] do_syscall_64+0x1b9/0x820 [ 2731.820909] ? syscall_slow_exit_work+0x500/0x500 [ 2731.825760] ? syscall_return_slowpath+0x5e0/0x5e0 03:40:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2f9, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2731.830703] ? syscall_return_slowpath+0x31d/0x5e0 [ 2731.835641] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2731.840664] ? perf_trace_sys_enter+0xb10/0xb10 [ 2731.845337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2731.850197] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2731.855385] RIP: 0033:0x455267 [ 2731.858566] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:40:53 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x19aaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc03], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2731.877880] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2731.885602] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2731.892880] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2731.900158] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2731.907435] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2731.914716] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000019 03:40:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x352, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:53 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1600000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2731.935124] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 [ 2731.954804] XFS (loop5): nobarrier option is deprecated, ignoring. 03:40:54 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6_sctp(0xa, 0x200000000000005, 0x84) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x2, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={0x0, r2, 0x9, 0x3}, 0x14) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x12, &(0x7f0000ad2000), &(0x7f0000000080)=0x23c) 03:40:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x2c0, [], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:54 executing program 4 (fault-call:0 fault-nth:26): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2732.101915] FAULT_INJECTION: forcing a failure. [ 2732.101915] name failslab, interval 1, probability 0, space 0, times 0 [ 2732.113227] CPU: 0 PID: 3789 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2732.121540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2732.130891] Call Trace: [ 2732.133484] dump_stack+0x1c9/0x2b4 [ 2732.137110] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2732.142300] ? rcu_note_context_switch+0x730/0x730 [ 2732.147232] ? kasan_check_write+0x14/0x20 [ 2732.151472] should_fail.cold.4+0xa/0x11 [ 2732.155532] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2732.160636] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.166001] ? trace_hardirqs_on+0x10/0x10 [ 2732.170233] ? __find_get_block+0xe60/0xe60 [ 2732.174552] ? memcg_kmem_get_cache+0x3a9/0x9d0 [ 2732.179221] ? mem_cgroup_handle_over_high+0x130/0x130 [ 2732.184494] ? __isolate_free_page+0x690/0x690 [ 2732.189073] ? percpu_ref_put_many+0x131/0x240 [ 2732.193657] ? __lockdep_init_map+0x105/0x590 [ 2732.198170] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2732.203187] ? ext4_get_group_desc+0x1cd/0x2d0 [ 2732.207777] ? check_same_owner+0x340/0x340 [ 2732.212100] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2732.217112] ? rcu_note_context_switch+0x730/0x730 [ 2732.222040] __should_failslab+0x124/0x180 [ 2732.226277] should_failslab+0x9/0x14 [ 2732.230075] kmem_cache_alloc+0x2af/0x760 [ 2732.234222] ? ext4fs_dirhash+0x1090/0x1090 [ 2732.238546] jbd2__journal_start+0x1e7/0xa80 [ 2732.242954] ? jbd2_write_access_granted.part.9+0x430/0x430 [ 2732.248660] ? rcu_note_context_switch+0x730/0x730 [ 2732.253590] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2732.259132] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2732.264667] __ext4_journal_start_sb+0x182/0x600 [ 2732.269419] ? __ext4_new_inode+0x388f/0x6620 [ 2732.273912] ? ext4_journal_abort_handle.isra.5+0x260/0x260 [ 2732.279620] ? find_next_zero_bit+0x111/0x140 [ 2732.284117] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2732.289132] ? find_inode_bit.isra.17+0x36f/0x510 [ 2732.293992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2732.299531] __ext4_new_inode+0x388f/0x6620 [ 2732.303861] ? ext4_free_inode+0x1aa0/0x1aa0 [ 2732.308267] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2732.313280] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2732.318035] ? lock_acquire+0x1e4/0x540 [ 2732.322004] ? is_bpf_text_address+0xae/0x170 [ 2732.326504] ? lock_downgrade+0x8f0/0x8f0 [ 2732.330652] ? lock_release+0xa30/0xa30 [ 2732.334628] ? kasan_check_read+0x11/0x20 [ 2732.338774] ? rcu_is_watching+0x8c/0x150 [ 2732.342920] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2732.347587] ? is_bpf_text_address+0xd7/0x170 [ 2732.352079] ? kernel_text_address+0x79/0xf0 [ 2732.356486] ? __kernel_text_address+0xd/0x40 [ 2732.360979] ? unwind_get_return_address+0x61/0xa0 [ 2732.365930] ? __save_stack_trace+0x8d/0xf0 [ 2732.370256] ? save_stack+0xa9/0xd0 [ 2732.373902] ? save_stack+0x43/0xd0 [ 2732.377529] ? __kasan_slab_free+0x11a/0x170 [ 2732.381929] ? kasan_slab_free+0xe/0x10 [ 2732.385898] ? kmem_cache_free+0x86/0x2d0 [ 2732.390127] ? putname+0xf2/0x130 [ 2732.393575] ? filename_create+0x2b2/0x5b0 [ 2732.397818] ? do_mkdirat+0xda/0x310 [ 2732.401529] ? __x64_sys_mkdir+0x5c/0x80 [ 2732.405599] ? do_syscall_64+0x1b9/0x820 [ 2732.409657] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.415025] ? kasan_check_read+0x11/0x20 [ 2732.419173] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2732.423588] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2732.428170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2732.433716] ? __dquot_initialize+0x61d/0xde0 [ 2732.438217] ? do_raw_spin_lock+0xc1/0x200 [ 2732.442451] ? trace_hardirqs_off+0xd/0x10 [ 2732.446683] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 2732.451779] ? dquot_get_next_dqblk+0x180/0x180 [ 2732.456441] ? debug_check_no_obj_freed+0x30b/0x595 [ 2732.461452] ? kasan_check_write+0x14/0x20 [ 2732.465686] ? trace_hardirqs_off+0xd/0x10 [ 2732.469924] ext4_mkdir+0x2e1/0xe60 [ 2732.473553] ? ext4_init_dot_dotdot+0x510/0x510 [ 2732.478219] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2732.483753] ? security_inode_permission+0xd2/0x100 [ 2732.488768] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2732.494298] ? security_inode_mkdir+0xe8/0x120 [ 2732.498878] vfs_mkdir+0x42e/0x6b0 [ 2732.502417] do_mkdirat+0x27b/0x310 [ 2732.506043] ? __ia32_sys_mknod+0xb0/0xb0 [ 2732.510212] ? syscall_slow_exit_work+0x500/0x500 [ 2732.515059] ? ksys_ioctl+0x81/0xd0 [ 2732.518685] __x64_sys_mkdir+0x5c/0x80 [ 2732.522573] do_syscall_64+0x1b9/0x820 [ 2732.526468] ? finish_task_switch+0x1d3/0x870 [ 2732.530963] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2732.535889] ? syscall_return_slowpath+0x31d/0x5e0 [ 2732.540988] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2732.546002] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2732.551012] ? perf_trace_sys_enter+0xb10/0xb10 [ 2732.555681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2732.560528] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.565711] RIP: 0033:0x455267 [ 2732.568889] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2732.588160] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2732.595862] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2732.603125] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2732.610390] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2732.617657] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2732.624919] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001a [ 2732.632398] EXT4-fs error (device sda1) in __ext4_new_inode:930: Out of memory 03:40:54 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:54 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiuerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x6f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:54 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfec0000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:54 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000001cc0)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_TXQLEN={0x8, 0xd}, @IFLA_GROUP={0x8, 0x1b}]}, 0x30}, 0x1}, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getneightbl={0x14, 0x42, 0x300, 0x70bd27, 0x25dfdbfb, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000801}, 0x44) 03:40:54 executing program 4 (fault-call:0 fault-nth:27): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:54 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa19, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2732.789913] FAULT_INJECTION: forcing a failure. [ 2732.789913] name failslab, interval 1, probability 0, space 0, times 0 [ 2732.801230] CPU: 0 PID: 3808 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2732.809550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2732.818905] Call Trace: [ 2732.821509] dump_stack+0x1c9/0x2b4 [ 2732.825149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2732.830348] ? trace_hardirqs_on+0x10/0x10 [ 2732.834595] should_fail.cold.4+0xa/0x11 03:40:54 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xc4dbdbfffea9c6d9, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2732.838669] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2732.843789] ? trace_hardirqs_on+0x10/0x10 [ 2732.848030] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2732.853055] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2732.857822] ? lock_acquire+0x1e4/0x540 [ 2732.862154] ? is_bpf_text_address+0xae/0x170 [ 2732.866659] ? lock_downgrade+0x8f0/0x8f0 [ 2732.871082] ? lock_release+0xa30/0xa30 [ 2732.875068] ? rcu_is_watching+0x8c/0x150 [ 2732.879229] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2732.883903] ? is_bpf_text_address+0xd7/0x170 [ 2732.888402] ? kernel_text_address+0x79/0xf0 [ 2732.892813] __should_failslab+0x124/0x180 [ 2732.897055] should_failslab+0x9/0x14 [ 2732.900854] kmem_cache_alloc+0x47/0x760 [ 2732.904917] ? __es_tree_search.isra.13+0x1ba/0x220 [ 2732.909936] __es_insert_extent+0x305/0x1140 [ 2732.914354] ? ext4_es_insert_extent+0x21c/0x7e0 [ 2732.919112] ? ext4_es_free_extent+0x820/0x820 [ 2732.923705] ? lock_release+0xa30/0xa30 [ 2732.927688] ? __x64_sys_mkdir+0x5c/0x80 [ 2732.931751] ? do_syscall_64+0x1b9/0x820 [ 2732.935813] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2732.941178] ? kasan_check_write+0x14/0x20 [ 2732.945414] ? do_raw_write_lock+0xbd/0x1b0 [ 2732.949738] ext4_es_insert_extent+0x2ea/0x7e0 [ 2732.954322] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 2732.960126] ? kasan_unpoison_shadow+0x35/0x50 [ 2732.964712] ? kasan_kmalloc+0xc4/0xe0 [ 2732.968602] ? __kmalloc+0x315/0x760 [ 2732.972313] ext4_ext_put_gap_in_cache+0x158/0x1f0 [ 2732.977239] ? ext4_zeroout_es+0x160/0x160 [ 2732.981473] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2732.987207] ext4_ext_map_blocks+0x2453/0x62e0 [ 2732.991794] ? unregister_lsm_notifier+0x20/0x20 [ 2732.996545] ? ext4_init_acl+0x1d6/0x300 [ 2733.000605] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 2733.005618] ? block_commit_write+0x30/0x30 [ 2733.009940] ? __ext4_new_inode+0xb0d/0x6620 [ 2733.014358] ? lock_acquire+0x1e4/0x540 [ 2733.018340] ? ext4_es_lookup_extent+0x42c/0xde0 [ 2733.023095] ? lock_downgrade+0x8f0/0x8f0 [ 2733.027243] ? lock_release+0xa30/0xa30 [ 2733.031217] ? lock_acquire+0x1e4/0x540 [ 2733.035196] ? ext4_map_blocks+0x480/0x1b60 [ 2733.039520] ? lock_release+0xa30/0xa30 [ 2733.043493] ? check_same_owner+0x340/0x340 [ 2733.047818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.053366] ? ext4_es_lookup_extent+0x465/0xde0 [ 2733.058118] ? rcu_note_context_switch+0x730/0x730 [ 2733.063050] ? down_read+0xb5/0x1d0 [ 2733.066695] ? ext4_map_blocks+0x480/0x1b60 [ 2733.071011] ? __down_interruptible+0x700/0x700 [ 2733.075698] ? kernel_text_address+0x79/0xf0 [ 2733.080107] ext4_map_blocks+0xe31/0x1b60 [ 2733.084251] ? __save_stack_trace+0x8d/0xf0 [ 2733.088576] ? ext4_issue_zeroout+0x190/0x190 [ 2733.093070] ? save_stack+0x43/0xd0 [ 2733.096695] ? __kasan_slab_free+0x11a/0x170 [ 2733.101099] ? kasan_slab_free+0xe/0x10 [ 2733.105069] ? kmem_cache_free+0x86/0x2d0 [ 2733.109215] ext4_getblk+0x10e/0x630 [ 2733.112928] ? ext4_iomap_begin+0x1350/0x1350 [ 2733.117424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.122958] ? __dquot_initialize+0x61d/0xde0 [ 2733.127458] ext4_bread+0x95/0x2b0 [ 2733.130997] ? ext4_getblk+0x630/0x630 [ 2733.134881] ? dquot_get_next_dqblk+0x180/0x180 [ 2733.139544] ? debug_check_no_obj_freed+0x30b/0x595 [ 2733.144555] ? kasan_check_write+0x14/0x20 [ 2733.148788] ext4_append+0x14e/0x370 [ 2733.152505] ext4_mkdir+0x532/0xe60 [ 2733.156912] ? ext4_init_dot_dotdot+0x510/0x510 [ 2733.161598] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.167133] ? security_inode_permission+0xd2/0x100 [ 2733.172146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.177697] ? security_inode_mkdir+0xe8/0x120 [ 2733.182280] vfs_mkdir+0x42e/0x6b0 [ 2733.185836] do_mkdirat+0x27b/0x310 [ 2733.189462] ? __ia32_sys_mknod+0xb0/0xb0 [ 2733.193605] ? ksys_ioctl+0x81/0xd0 [ 2733.197230] __x64_sys_mkdir+0x5c/0x80 [ 2733.201122] do_syscall_64+0x1b9/0x820 [ 2733.205007] ? finish_task_switch+0x1d3/0x870 [ 2733.209500] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2733.214425] ? syscall_return_slowpath+0x31d/0x5e0 [ 2733.219350] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2733.224363] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2733.229378] ? perf_trace_sys_enter+0xb10/0xb10 [ 2733.234042] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2733.238885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2733.244068] RIP: 0033:0x455267 [ 2733.247245] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2733.266514] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2733.274660] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2733.281924] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 03:40:55 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x600, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2733.289186] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2733.296450] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2733.303714] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001b [ 2733.324879] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:55 executing program 4 (fault-call:0 fault-nth:28): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2733.336260] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 03:40:55 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:55 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei*erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2733.391991] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 2733.431363] FAULT_INJECTION: forcing a failure. [ 2733.431363] name failslab, interval 1, probability 0, space 0, times 0 [ 2733.442709] CPU: 0 PID: 3831 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2733.451032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2733.460400] Call Trace: [ 2733.463003] dump_stack+0x1c9/0x2b4 [ 2733.466643] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2733.471843] should_fail.cold.4+0xa/0x11 [ 2733.475903] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2733.481020] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2733.485442] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2733.490031] ? kasan_check_write+0x14/0x20 [ 2733.494264] ? do_raw_spin_lock+0xc1/0x200 [ 2733.498506] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2733.504048] ? __mark_inode_dirty+0x495/0x1550 [ 2733.508640] ? __inode_attach_wb+0x13e0/0x13e0 [ 2733.513222] ? kasan_check_read+0x11/0x20 [ 2733.517376] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2733.521782] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2733.526365] ? kasan_check_write+0x14/0x20 [ 2733.530604] ? check_same_owner+0x340/0x340 [ 2733.534930] ? __dquot_alloc_space+0x4b6/0x8c0 [ 2733.539514] ? rcu_note_context_switch+0x730/0x730 [ 2733.544457] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2733.549476] __should_failslab+0x124/0x180 [ 2733.553713] should_failslab+0x9/0x14 [ 2733.557513] kmem_cache_alloc+0x2af/0x760 [ 2733.561660] ? percpu_counter_add_batch+0xf2/0x150 [ 2733.566595] ext4_mb_new_blocks+0x774/0x4740 [ 2733.571008] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2733.576026] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2733.580790] ? ext4_discard_preallocations+0x13d0/0x13d0 [ 2733.586242] ? lock_release+0xa30/0xa30 [ 2733.590216] ? kasan_check_read+0x11/0x20 [ 2733.594362] ? rcu_is_watching+0x8c/0x150 [ 2733.598509] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2733.603184] ? is_bpf_text_address+0xd7/0x170 [ 2733.607680] ? kernel_text_address+0x79/0xf0 [ 2733.612089] ? __kernel_text_address+0xd/0x40 [ 2733.616583] ? unwind_get_return_address+0x61/0xa0 [ 2733.621520] ? __save_stack_trace+0x8d/0xf0 [ 2733.625853] ? save_stack+0xa9/0xd0 [ 2733.629479] ? save_stack+0x43/0xd0 [ 2733.633106] ? kasan_kmalloc+0xc4/0xe0 [ 2733.636988] ? __kmalloc+0x14e/0x760 [ 2733.640697] ? ext4_find_extent+0x775/0xa10 [ 2733.645016] ? ext4_ext_map_blocks+0x293/0x62e0 [ 2733.649679] ? ext4_map_blocks+0x8f3/0x1b60 [ 2733.653996] ? ext4_getblk+0x10e/0x630 [ 2733.657881] ? ext4_bread+0x95/0x2b0 [ 2733.661591] ? ext4_append+0x14e/0x370 [ 2733.665484] ? ext4_mkdir+0x532/0xe60 [ 2733.669298] ? vfs_mkdir+0x42e/0x6b0 [ 2733.673029] ? do_mkdirat+0x27b/0x310 [ 2733.676826] ? __x64_sys_mkdir+0x5c/0x80 [ 2733.680886] ? do_syscall_64+0x1b9/0x820 [ 2733.684946] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2733.690316] ? save_stack+0xa9/0xd0 [ 2733.693952] ? save_stack+0x43/0xd0 [ 2733.697575] ? __kasan_slab_free+0x11a/0x170 [ 2733.701977] ? kasan_slab_free+0xe/0x10 [ 2733.705948] ? kfree+0xd9/0x260 [ 2733.709224] ? ext4_ext_map_blocks+0xede/0x62e0 [ 2733.713892] ? ext4_map_blocks+0xe31/0x1b60 [ 2733.718221] ? ext4_getblk+0x10e/0x630 [ 2733.722107] ? ext4_bread+0x95/0x2b0 [ 2733.725813] ? ext4_append+0x14e/0x370 [ 2733.729706] ? ext4_mkdir+0x532/0xe60 [ 2733.733508] ? vfs_mkdir+0x42e/0x6b0 [ 2733.737222] ? do_mkdirat+0x27b/0x310 [ 2733.741020] ? __x64_sys_mkdir+0x5c/0x80 [ 2733.745077] ? do_syscall_64+0x1b9/0x820 [ 2733.749144] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2733.754507] ? kasan_check_read+0x11/0x20 [ 2733.758654] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2733.763059] ? check_same_owner+0x340/0x340 [ 2733.767382] ? kasan_check_write+0x14/0x20 [ 2733.771623] ? kasan_unpoison_shadow+0x35/0x50 [ 2733.776201] ? kasan_kmalloc+0xc4/0xe0 [ 2733.780088] ? __kmalloc+0x315/0x760 [ 2733.783803] ? trace_hardirqs_off+0xd/0x10 [ 2733.788037] ? ext4_find_extent+0x775/0xa10 [ 2733.792374] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.797912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.803450] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 2733.808467] ext4_ext_map_blocks+0x2dc0/0x62e0 [ 2733.813058] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 2733.818075] ? block_commit_write+0x30/0x30 [ 2733.822398] ? __ext4_new_inode+0xb0d/0x6620 [ 2733.826804] ? lock_acquire+0x1e4/0x540 [ 2733.830773] ? ext4_es_lookup_extent+0x42c/0xde0 [ 2733.835523] ? lock_downgrade+0x8f0/0x8f0 [ 2733.839675] ? lock_acquire+0x1e4/0x540 [ 2733.843648] ? ext4_map_blocks+0x480/0x1b60 [ 2733.847966] ? lock_acquire+0x1e4/0x540 [ 2733.851937] ? ext4_map_blocks+0x88b/0x1b60 [ 2733.856258] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.861822] ? lock_release+0xa30/0xa30 [ 2733.865809] ? check_same_owner+0x340/0x340 [ 2733.870129] ? ext4_map_blocks+0x66a/0x1b60 [ 2733.874447] ? rcu_note_context_switch+0x730/0x730 [ 2733.879509] ? down_write+0x8f/0x130 [ 2733.883307] ? ext4_map_blocks+0x88b/0x1b60 [ 2733.887641] ? down_read+0x1d0/0x1d0 [ 2733.891356] ext4_map_blocks+0x8f3/0x1b60 [ 2733.895500] ? __save_stack_trace+0x8d/0xf0 [ 2733.899983] ? ext4_issue_zeroout+0x190/0x190 [ 2733.904484] ? save_stack+0x43/0xd0 [ 2733.908107] ? __kasan_slab_free+0x11a/0x170 [ 2733.912522] ? kasan_slab_free+0xe/0x10 [ 2733.916488] ? kmem_cache_free+0x86/0x2d0 [ 2733.920633] ext4_getblk+0x10e/0x630 [ 2733.924344] ? ext4_iomap_begin+0x1350/0x1350 [ 2733.928840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.934374] ? __dquot_initialize+0x61d/0xde0 [ 2733.938872] ext4_bread+0x95/0x2b0 [ 2733.942413] ? ext4_getblk+0x630/0x630 [ 2733.946296] ? dquot_get_next_dqblk+0x180/0x180 [ 2733.950959] ? debug_check_no_obj_freed+0x30b/0x595 [ 2733.955980] ? kasan_check_write+0x14/0x20 [ 2733.960213] ext4_append+0x14e/0x370 [ 2733.963929] ext4_mkdir+0x532/0xe60 [ 2733.967557] ? ext4_init_dot_dotdot+0x510/0x510 [ 2733.972229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.977763] ? security_inode_permission+0xd2/0x100 [ 2733.982778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2733.988313] ? security_inode_mkdir+0xe8/0x120 [ 2733.992895] vfs_mkdir+0x42e/0x6b0 [ 2733.996438] do_mkdirat+0x27b/0x310 [ 2734.000078] ? __ia32_sys_mknod+0xb0/0xb0 [ 2734.004235] ? syscall_slow_exit_work+0x500/0x500 [ 2734.009074] ? ksys_ioctl+0x81/0xd0 [ 2734.012701] __x64_sys_mkdir+0x5c/0x80 [ 2734.016588] do_syscall_64+0x1b9/0x820 [ 2734.020479] ? finish_task_switch+0x1d3/0x870 [ 2734.024975] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2734.029902] ? syscall_return_slowpath+0x31d/0x5e0 [ 2734.034828] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2734.039843] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2734.045354] ? perf_trace_sys_enter+0xb10/0xb10 [ 2734.050024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2734.054872] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2734.060055] RIP: 0033:0x455267 [ 2734.063229] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2734.082500] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 03:40:56 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1ad, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:56 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xff00, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:56 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:56 executing program 5: r0 = socket$inet6(0xa, 0x3, 0x2f) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in=@remote={0xac, 0x14, 0x14, 0xbb}, @in6=@loopback={0x0, 0x1}, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0xff}, 0xfffffffffffffffd, @in6=@loopback={0x0, 0x1}}}, 0xe8) connect$inet6(r0, &(0x7f00000000c0)={0xa}, 0x1c) [ 2734.090208] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2734.097470] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2734.104732] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2734.111995] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2734.119269] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001c 03:40:56 executing program 5: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000fd7ff0)={0x77359400}, &(0x7f0000048000), 0x0) nanosleep(&(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000080)) futex(&(0x7f000000cffc)=0x4, 0xb, 0x4, &(0x7f000000b000)={0x77359400}, &(0x7f0000048000), 0x0) futex(&(0x7f0000000000), 0xc, 0x1, &(0x7f000000d000)={0x0, 0x7f}, &(0x7f0000048000)=0x1c0000000, 0xfffffffffffffffd) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x20000, 0x0) ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000180)={"608b21fffbe944f4f9281a17fdf49c6b225335770b5455376974278aa2c8950416ae6ae3d9011edc209743fc6bf43255ff58a201871755f5cd5f639bdc4f4819e81dc46cb927ed049d18d8cbebb91b8b9ab537001a16e124c762796b03c48895cdab818d64ca3f2ccd70617301a1267ab20c8bf93a3412a53f5ccd46c166d24fc8cf73a92b9714157cafdc514c54f458b2349547889ffa42dd1c7b275aaa1a4ea83639b408e3601251d19e5c8f6246859a7fc70ce0929b4a825e1ac403fcaf2ddf7ff6ec9be234e1f9404e5079a12a05217184ee73a359c7db7b7c46ae45f7fd4de6737612156710303d6daa1d2ce4dcaf56d182865476d2404262be80177f7e1bdc7a614ecfccfa200399f7f9c317230408ddc0d68f72b1c0ecd8aa7af3ce2f9bde93373b501a7f7bdf9df43681c21bca0a70aad2c85ecf89647be5c509180c1c29c11d289b07d272e4f7cd9b7e8ca0a34ce5af6b77d9ef2c0d2ebd0cd3e40fa873eae7e6831a72a5bcb00210ec76ded46ff32688945b3e9647ad6b127b1feb451c6355ac63ac7eb8ea1e8041f6c264e4affac7e52c2e4c50e603b8c4b3d2039b7de1d23ba68848beb931eebb06cf23d1baa50251f0b5d70516abed6f5354f46ca09c368c423fbe176f36c134c762fa03cb52974156e66dcc5bfc42253e8e7882f02b612071b26073ae8a9512e6fd04ebd74f131bee575b5e06109571ac612b9ea1cd2acbb182cd6bb4c6a41e6d2841086940ed67deb3e9dde1e938b14c6712450385a9c2f52abfe4b1afad27b424c0565bfe4bdf99eddb202e0fb98be7631fb4158db42efc4e92f3be5ef22450983bf60941aab21567edaed02faeb2396eec2cc54ce198af6bd21746242bb1a93f0662deebf63b3bba83e7cd4752cba5f18d8d3f52cc27a7707bd6da44196045d11f43e71eea6c02597add1b85facf8a0fab82a91cb4eed331cc6428b2ef72df3e6cb8d27efbe91cca4fab372434b2449b9cce534709cc901d8348668aac8e95ce0701f89ad66a9fe87f1be5b6f82707162bca76747e2f566c631da8ad48961a9741ad1837b4001ab48f7ceed5e4402d35a63a248c58f77c01a82cfd62a0f8b732fcab65aeaebc67fc052b8578caa0ce9b07c0fe56dccf9cc0ac2a2c3162dadb528884c9f2f94c1cbc063b60f75ef21fb271a6cad2116047aa1d198ed92de570c4127586971309a4cf8fd4557ddf09a4ceb318716b907a7f0f87f148c82971c95d73f50a8522710a612cbef0f09e1e80d8dae4f615274655bb366284c17dd38dc1bb98fdea24958676fae052bf0a227851ed490505468574d5cb5fd4e920795c2bb3f76859872bc7c35dd992e5bfc356eee7e0a3b9657f038f700c5b3a34212922700bc179d09e28cfb3caf5d19c28ae811324644d4639171da0693a65f8eeea6cfbdbc53e5aaa5da2bc4a206171fc681d32"}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x2, 0x0) ioctl$TCSBRKP(r1, 0x5425, 0x3c4a) 03:40:56 executing program 4 (fault-call:0 fault-nth:29): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:56 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:56 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa00, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:56 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei-erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2d3, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2734.243883] FAULT_INJECTION: forcing a failure. [ 2734.243883] name failslab, interval 1, probability 0, space 0, times 0 [ 2734.255192] CPU: 0 PID: 3862 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2734.263516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2734.272876] Call Trace: [ 2734.275482] dump_stack+0x1c9/0x2b4 [ 2734.279119] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2734.284328] ? kasan_check_read+0x11/0x20 [ 2734.288490] ? rcu_is_watching+0x8c/0x150 03:40:56 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1d00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xed, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2734.292654] should_fail.cold.4+0xa/0x11 [ 2734.296727] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2734.301842] ? kernel_text_address+0x79/0xf0 [ 2734.306263] ? __kernel_text_address+0xd/0x40 [ 2734.310768] ? unwind_get_return_address+0x61/0xa0 [ 2734.315709] ? __save_stack_trace+0x8d/0xf0 [ 2734.320051] ? save_stack+0xa9/0xd0 [ 2734.323692] ? save_stack+0x43/0xd0 [ 2734.327328] ? __kasan_slab_free+0x11a/0x170 [ 2734.331743] ? kasan_slab_free+0xe/0x10 [ 2734.335725] ? kfree+0xd9/0x260 [ 2734.339008] ? ext4_ext_map_blocks+0xede/0x62e0 03:40:56 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xcaaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2734.343686] ? ext4_map_blocks+0xe31/0x1b60 [ 2734.348017] ? ext4_getblk+0x10e/0x630 [ 2734.351914] ? ext4_bread+0x95/0x2b0 [ 2734.355639] ? ext4_append+0x14e/0x370 [ 2734.359539] ? ext4_mkdir+0x532/0xe60 [ 2734.363350] ? vfs_mkdir+0x42e/0x6b0 [ 2734.367070] ? __x64_sys_mkdir+0x5c/0x80 [ 2734.371139] ? do_syscall_64+0x1b9/0x820 [ 2734.375203] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2734.380581] ? kasan_check_read+0x11/0x20 [ 2734.384736] ? check_same_owner+0x340/0x340 [ 2734.389063] ? kasan_check_write+0x14/0x20 [ 2734.393304] ? rcu_note_context_switch+0x730/0x730 [ 2734.398242] __should_failslab+0x124/0x180 [ 2734.402481] should_failslab+0x9/0x14 [ 2734.406289] __kmalloc+0x2c8/0x760 [ 2734.409838] ? trace_hardirqs_off+0xd/0x10 [ 2734.414070] ? ext4_find_extent+0x775/0xa10 [ 2734.418393] ext4_find_extent+0x775/0xa10 [ 2734.422539] ? trace_hardirqs_on+0xd/0x10 [ 2734.426687] ext4_ext_map_blocks+0x293/0x62e0 [ 2734.431183] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 2734.436194] ? block_commit_write+0x30/0x30 [ 2734.440517] ? __ext4_new_inode+0xb0d/0x6620 [ 2734.444924] ? lock_acquire+0x1e4/0x540 [ 2734.448892] ? ext4_es_lookup_extent+0x42c/0xde0 [ 2734.453646] ? lock_downgrade+0x8f0/0x8f0 [ 2734.457791] ? lock_release+0xa30/0xa30 [ 2734.461766] ? lock_acquire+0x1e4/0x540 [ 2734.465737] ? ext4_map_blocks+0x480/0x1b60 [ 2734.470056] ? lock_acquire+0x1e4/0x540 [ 2734.474024] ? ext4_map_blocks+0x88b/0x1b60 [ 2734.478344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2734.483877] ? lock_release+0xa30/0xa30 [ 2734.487848] ? check_same_owner+0x340/0x340 [ 2734.492165] ? ext4_map_blocks+0x66a/0x1b60 [ 2734.496481] ? rcu_note_context_switch+0x730/0x730 [ 2734.501409] ? down_write+0x8f/0x130 [ 2734.505117] ? ext4_map_blocks+0x88b/0x1b60 [ 2734.509435] ? down_read+0x1d0/0x1d0 [ 2734.513147] ext4_map_blocks+0x8f3/0x1b60 [ 2734.517293] ? __save_stack_trace+0x8d/0xf0 [ 2734.521622] ? ext4_issue_zeroout+0x190/0x190 [ 2734.526120] ? save_stack+0x43/0xd0 [ 2734.529741] ? __kasan_slab_free+0x11a/0x170 [ 2734.534317] ? kasan_slab_free+0xe/0x10 [ 2734.538284] ? kmem_cache_free+0x86/0x2d0 [ 2734.542429] ext4_getblk+0x10e/0x630 [ 2734.546140] ? ext4_iomap_begin+0x1350/0x1350 [ 2734.550645] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2734.556175] ? __dquot_initialize+0x61d/0xde0 [ 2734.560668] ext4_bread+0x95/0x2b0 [ 2734.564204] ? ext4_getblk+0x630/0x630 [ 2734.568085] ? dquot_get_next_dqblk+0x180/0x180 [ 2734.572746] ? debug_check_no_obj_freed+0x30b/0x595 [ 2734.577754] ? kasan_check_write+0x14/0x20 [ 2734.581986] ext4_append+0x14e/0x370 [ 2734.585698] ext4_mkdir+0x532/0xe60 [ 2734.589326] ? ext4_init_dot_dotdot+0x510/0x510 [ 2734.593998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2734.599534] ? security_inode_permission+0xd2/0x100 [ 2734.604555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2734.610085] ? security_inode_mkdir+0xe8/0x120 [ 2734.614665] vfs_mkdir+0x42e/0x6b0 [ 2734.618205] do_mkdirat+0x27b/0x310 [ 2734.621841] ? __ia32_sys_mknod+0xb0/0xb0 [ 2734.625986] ? ksys_ioctl+0x81/0xd0 [ 2734.629610] __x64_sys_mkdir+0x5c/0x80 [ 2734.633495] do_syscall_64+0x1b9/0x820 [ 2734.637376] ? finish_task_switch+0x1d3/0x870 [ 2734.641866] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2734.646789] ? syscall_return_slowpath+0x31d/0x5e0 [ 2734.651712] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2734.656724] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2734.661736] ? perf_trace_sys_enter+0xb10/0xb10 [ 2734.666404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2734.671249] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2734.676430] RIP: 0033:0x455267 [ 2734.679603] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2734.698870] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2734.706587] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2734.713850] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2734.721122] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2734.728386] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2734.735650] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001d 03:40:57 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x135, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:57 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x200000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:57 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:57 executing program 4 (fault-call:0 fault-nth:30): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2735.106135] FAULT_INJECTION: forcing a failure. [ 2735.106135] name failslab, interval 1, probability 0, space 0, times 0 [ 2735.117545] CPU: 0 PID: 3894 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2735.125864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2735.135221] Call Trace: [ 2735.137821] dump_stack+0x1c9/0x2b4 [ 2735.141457] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2735.146666] should_fail.cold.4+0xa/0x11 [ 2735.150739] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2735.155855] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2735.160267] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2735.164848] ? kasan_check_write+0x14/0x20 [ 2735.169079] ? do_raw_spin_lock+0xc1/0x200 [ 2735.173313] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2735.178847] ? __mark_inode_dirty+0x495/0x1550 [ 2735.183428] ? __inode_attach_wb+0x13e0/0x13e0 [ 2735.188007] ? kasan_check_read+0x11/0x20 [ 2735.192150] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2735.196569] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2735.201165] ? kasan_check_write+0x14/0x20 [ 2735.205415] ? check_same_owner+0x340/0x340 [ 2735.209741] ? __dquot_alloc_space+0x4b6/0x8c0 [ 2735.214322] ? rcu_note_context_switch+0x730/0x730 [ 2735.219295] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2735.224314] __should_failslab+0x124/0x180 [ 2735.228555] should_failslab+0x9/0x14 [ 2735.232369] kmem_cache_alloc+0x2af/0x760 [ 2735.232391] ? percpu_counter_add_batch+0xf2/0x150 [ 2735.241452] ext4_mb_new_blocks+0x774/0x4740 [ 2735.245868] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2735.250887] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2735.255650] ? ext4_discard_preallocations+0x13d0/0x13d0 [ 2735.261106] ? lock_release+0xa30/0xa30 [ 2735.265081] ? kasan_check_read+0x11/0x20 [ 2735.269224] ? rcu_is_watching+0x8c/0x150 [ 2735.273371] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2735.278039] ? is_bpf_text_address+0xd7/0x170 [ 2735.282536] ? kernel_text_address+0x79/0xf0 [ 2735.286939] ? __kernel_text_address+0xd/0x40 [ 2735.291434] ? unwind_get_return_address+0x61/0xa0 [ 2735.296364] ? __save_stack_trace+0x8d/0xf0 [ 2735.300688] ? save_stack+0xa9/0xd0 [ 2735.304309] ? save_stack+0x43/0xd0 [ 2735.307935] ? kasan_kmalloc+0xc4/0xe0 [ 2735.311816] ? __kmalloc+0x14e/0x760 [ 2735.315525] ? ext4_find_extent+0x775/0xa10 [ 2735.319842] ? ext4_ext_map_blocks+0x293/0x62e0 [ 2735.324522] ? ext4_map_blocks+0x8f3/0x1b60 [ 2735.328845] ? ext4_getblk+0x10e/0x630 [ 2735.332727] ? ext4_bread+0x95/0x2b0 [ 2735.336438] ? ext4_append+0x14e/0x370 [ 2735.340320] ? ext4_mkdir+0x532/0xe60 [ 2735.344117] ? vfs_mkdir+0x42e/0x6b0 [ 2735.347829] ? do_mkdirat+0x27b/0x310 [ 2735.351624] ? __x64_sys_mkdir+0x5c/0x80 [ 2735.355680] ? do_syscall_64+0x1b9/0x820 [ 2735.359739] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2735.365101] ? save_stack+0xa9/0xd0 [ 2735.368816] ? save_stack+0x43/0xd0 [ 2735.372439] ? __kasan_slab_free+0x11a/0x170 [ 2735.376844] ? kasan_slab_free+0xe/0x10 [ 2735.380820] ? kfree+0xd9/0x260 [ 2735.384101] ? ext4_ext_map_blocks+0xede/0x62e0 [ 2735.388780] ? ext4_map_blocks+0xe31/0x1b60 [ 2735.393105] ? ext4_getblk+0x10e/0x630 [ 2735.396991] ? ext4_bread+0x95/0x2b0 [ 2735.400703] ? ext4_append+0x14e/0x370 [ 2735.404587] ? ext4_mkdir+0x532/0xe60 [ 2735.408387] ? vfs_mkdir+0x42e/0x6b0 [ 2735.412101] ? do_mkdirat+0x27b/0x310 [ 2735.415914] ? __x64_sys_mkdir+0x5c/0x80 [ 2735.415934] ? do_syscall_64+0x1b9/0x820 [ 2735.424037] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2735.429406] ? kasan_check_read+0x11/0x20 [ 2735.433555] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2735.437964] ? check_same_owner+0x340/0x340 [ 2735.442285] ? kasan_check_write+0x14/0x20 [ 2735.446518] ? kasan_unpoison_shadow+0x35/0x50 [ 2735.451099] ? kasan_kmalloc+0xc4/0xe0 [ 2735.454982] ? __kmalloc+0x315/0x760 [ 2735.458694] ? trace_hardirqs_off+0xd/0x10 [ 2735.462925] ? ext4_find_extent+0x775/0xa10 [ 2735.467251] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2735.472782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2735.478320] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 2735.483336] ext4_ext_map_blocks+0x2dc0/0x62e0 [ 2735.487924] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 2735.492940] ? block_commit_write+0x30/0x30 [ 2735.497265] ? __ext4_new_inode+0xb0d/0x6620 [ 2735.501676] ? lock_acquire+0x1e4/0x540 03:40:57 executing program 5: r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, @loopback}, &(0x7f00000001c0)=0x10, 0x80800) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) bind(r0, &(0x7f0000000200)=@generic={0x2, "ca1c020c4448c862f26dcbc1909ec1bc669a69e739a7d573352e6f2fda931a9a3c5a55c962616c6874ff65d4a205a6d4cc913706b4e7f909f5a23c6b524a6a3e9f23be284a23fc6839bbbdf072edbe361e4d88286eccb9611a2a366c7453cc64b8f465b75b3d62fe67bafc99c359cb949cdc1741dd4147dbf3e04a5c70e9"}, 0x80) r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, @mcast1}, &(0x7f0000000040)=0x1c, 0x0) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000080)="08276f57a06854d579af2b126afe7c2fb4c5f60a44f0249e49f6ddeeffb7a208242a244bda479c62b443b063c58b723b439bf99b4c31e6d61d585ed36f2d68ed69da807976d9dca2767ab348179bca45dd6e9e185342402f36e341f5c13431dc65723d4d6437ad76d026b21821e31969b93e44e45abab447f68ab0b75ced61849c8e829b5ae84858794449f137979adba3fdbd9768025c51c5cc99f4a03a86763e53ae05da12b7afaf5e8ea1770fa3a68d0e0e32e2f9cdc5fb424eba499391fabcef343582fe95eea5f7792c2edc2a06e4fc10d3513bd5d6043e8ad39026d80faa6de38fd586ac1f5ba8eaf46f66309b6c49847968c154ad97361e07d9d97b41") mmap(&(0x7f0000000000/0x237000)=nil, 0x237000, 0x0, 0x100010, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x80001, 0x0) msgget$private(0x0, 0x2) getsockopt$bt_hci(r2, 0x0, 0x63, &(0x7f00001e3000)=""/30, &(0x7f0000d23000)=0x1e) close(r0) 03:40:57 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2735.505646] ? ext4_es_lookup_extent+0x42c/0xde0 [ 2735.510398] ? lock_downgrade+0x8f0/0x8f0 [ 2735.514551] ? lock_acquire+0x1e4/0x540 [ 2735.518521] ? ext4_map_blocks+0x480/0x1b60 [ 2735.522843] ? lock_acquire+0x1e4/0x540 [ 2735.526813] ? ext4_map_blocks+0x88b/0x1b60 [ 2735.531174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2735.536722] ? lock_release+0xa30/0xa30 [ 2735.540702] ? check_same_owner+0x340/0x340 [ 2735.545029] ? ext4_map_blocks+0x66a/0x1b60 [ 2735.549348] ? rcu_note_context_switch+0x730/0x730 [ 2735.554543] ? down_write+0x8f/0x130 03:40:57 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiperfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfffffdfd], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x24e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:57 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x11, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2735.558266] ? ext4_map_blocks+0x88b/0x1b60 [ 2735.562832] ? down_read+0x1d0/0x1d0 [ 2735.566557] ext4_map_blocks+0x8f3/0x1b60 [ 2735.570722] ? __save_stack_trace+0x8d/0xf0 [ 2735.575064] ? ext4_issue_zeroout+0x190/0x190 [ 2735.579564] ? save_stack+0x43/0xd0 [ 2735.583199] ? __kasan_slab_free+0x11a/0x170 [ 2735.587609] ? kasan_slab_free+0xe/0x10 [ 2735.591592] ? kmem_cache_free+0x86/0x2d0 [ 2735.595752] ext4_getblk+0x10e/0x630 [ 2735.599478] ? ext4_iomap_begin+0x1350/0x1350 03:40:57 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x14, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x27e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2735.603980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2735.609517] ? __dquot_initialize+0x61d/0xde0 [ 2735.614026] ext4_bread+0x95/0x2b0 [ 2735.617573] ? ext4_getblk+0x630/0x630 [ 2735.621466] ? dquot_get_next_dqblk+0x180/0x180 [ 2735.626133] ? debug_check_no_obj_freed+0x30b/0x595 [ 2735.631148] ? kasan_check_write+0x14/0x20 [ 2735.635389] ext4_append+0x14e/0x370 [ 2735.639107] ext4_mkdir+0x532/0xe60 [ 2735.642741] ? ext4_init_dot_dotdot+0x510/0x510 [ 2735.647418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:40:57 executing program 5: r0 = socket$inet6(0xa, 0x1000000000000, 0x9) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") clone(0x400000200, &(0x7f0000000380)="7811e57d581ef679e57b5e23485921a40a5953a23c24905b644896276c6e8e6a6890d724bfb59192d6a7fb1b95468882f73fe9b49782be071fa6f159bd68aeace190649ce369f1d50500086af79e3286", &(0x7f00000000c0), &(0x7f0000000240), &(0x7f0000000000)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000578fe8), &(0x7f0000775000)) r1 = syz_open_procfs(0x0, &(0x7f0000000180)='syscall\x00') read$eventfd(r1, &(0x7f0000000140), 0x8) ioctl$SG_IO(r1, 0x2285, &(0x7f0000000640)={0x0, 0xffffffffffffffff, 0xde, 0x200, @buffer={0x0, 0x2e, &(0x7f00000001c0)=""/46}, &(0x7f0000000400)="2ece425ad1b815477f56c6dfa0c769acf01f5870132589d0b4147b38d65c374d35b941129f755fb3a4074057c3c23c3173ec5e7bdda17bb8e5c190a3fb7f52406b96d9062bd2a0efb73d8ecddc01566224d68690e88213b243445d95d53819eb7c1770a7a6167076f098bfe5a809a070c8a6f6aed0ba60a0c7ebb0f135d4b093a647ee104902d37fd0184e973f61586978a844656fa61baab4e58ea03c448a8bf01cf2a7dda029dd24feb25974692b6ac17fbc5c4418ae6b75bce433ce315b771fa0cdc69b544b32f907ffa1f0982a8f63156cab8b8c74c4a8fd8cdb22e1", &(0x7f0000000500)=""/211, 0x80000001, 0x10, 0x3, &(0x7f0000000600)}) lseek(r1, 0x0, 0x0) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000000), &(0x7f0000000100)=0x4) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f00000002c0)) lseek(r1, 0x0, 0x0) clone(0x4, &(0x7f0000000100), &(0x7f0000000200), &(0x7f0000000280), &(0x7f00000001c0)) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27e, 0x0) 03:40:57 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x500000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2735.652961] ? security_inode_permission+0xd2/0x100 [ 2735.659318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2735.664860] ? security_inode_mkdir+0xe8/0x120 [ 2735.669453] vfs_mkdir+0x42e/0x6b0 [ 2735.673011] do_mkdirat+0x27b/0x310 [ 2735.676646] ? __ia32_sys_mknod+0xb0/0xb0 [ 2735.680799] ? ksys_ioctl+0x81/0xd0 [ 2735.684428] __x64_sys_mkdir+0x5c/0x80 [ 2735.688321] do_syscall_64+0x1b9/0x820 [ 2735.692215] ? finish_task_switch+0x1d3/0x870 [ 2735.696721] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2735.701655] ? syscall_return_slowpath+0x31d/0x5e0 [ 2735.706585] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2735.711602] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2735.716621] ? perf_trace_sys_enter+0xb10/0xb10 [ 2735.721292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2735.726138] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2735.731323] RIP: 0033:0x455267 [ 2735.734503] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2735.753755] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2735.761470] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2735.768739] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2735.776010] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2735.783280] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2735.790552] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001e 03:40:58 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x114, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:58 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x4000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:58 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:58 executing program 4 (fault-call:0 fault-nth:31): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:58 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:58 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei\nerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2736.252341] FAULT_INJECTION: forcing a failure. [ 2736.252341] name failslab, interval 1, probability 0, space 0, times 0 [ 2736.263726] CPU: 0 PID: 3941 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2736.272051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2736.281406] Call Trace: [ 2736.284004] dump_stack+0x1c9/0x2b4 [ 2736.287642] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2736.292845] ? ext4_getblk+0x10e/0x630 [ 2736.296740] ? ext4_bread+0x95/0x2b0 03:40:58 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:58 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xd, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:58 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3fc], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2736.300463] ? ext4_append+0x14e/0x370 [ 2736.304355] ? ext4_mkdir+0x532/0xe60 [ 2736.308164] ? do_mkdirat+0x27b/0x310 [ 2736.311977] should_fail.cold.4+0xa/0x11 [ 2736.316055] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2736.321165] ? kasan_check_write+0x14/0x20 [ 2736.325411] ? do_raw_spin_lock+0xc1/0x200 [ 2736.329653] ? trace_hardirqs_on+0x10/0x10 [ 2736.333892] ? debug_check_no_obj_freed+0x30b/0x595 [ 2736.338920] ? trace_hardirqs_off+0xd/0x10 [ 2736.343165] ? quarantine_put+0x10d/0x1b0 [ 2736.347324] ? __kasan_slab_free+0x131/0x170 [ 2736.351739] ? trace_hardirqs_on+0xd/0x10 [ 2736.355897] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2736.361445] ? ext4_ext_map_blocks+0xfb2/0x62e0 [ 2736.366141] __should_failslab+0x124/0x180 [ 2736.370395] should_failslab+0x9/0x14 [ 2736.374209] kmem_cache_alloc+0x47/0x760 [ 2736.378280] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2736.383306] ? ext4_es_can_be_merged+0x238/0x2a0 [ 2736.388076] __es_insert_extent+0x305/0x1140 [ 2736.392492] ? ext4_es_free_extent+0x820/0x820 [ 2736.397078] ? lock_release+0xa30/0xa30 03:40:58 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:58 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x400000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x39e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2736.401057] ? lock_acquire+0x1e4/0x540 [ 2736.405036] ? ext4_map_blocks+0x480/0x1b60 [ 2736.409371] ? kasan_check_write+0x14/0x20 [ 2736.413611] ? do_raw_write_lock+0xbd/0x1b0 [ 2736.417943] ext4_es_insert_extent+0x2ea/0x7e0 [ 2736.422534] ? lock_release+0xa30/0xa30 [ 2736.426515] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 2736.432312] ? rcu_note_context_switch+0x730/0x730 [ 2736.437247] ? down_write+0x8f/0x130 [ 2736.440961] ? ext4_map_blocks+0x88b/0x1b60 [ 2736.445286] ? down_read+0x1d0/0x1d0 [ 2736.449005] ext4_map_blocks+0xb08/0x1b60 [ 2736.453154] ? __save_stack_trace+0x8d/0xf0 [ 2736.457483] ? ext4_issue_zeroout+0x190/0x190 [ 2736.461978] ? save_stack+0x43/0xd0 [ 2736.465604] ? __kasan_slab_free+0x11a/0x170 [ 2736.470011] ? kasan_slab_free+0xe/0x10 [ 2736.473986] ? kmem_cache_free+0x86/0x2d0 [ 2736.478137] ext4_getblk+0x10e/0x630 [ 2736.481856] ? ext4_iomap_begin+0x1350/0x1350 [ 2736.486358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2736.491894] ? __dquot_initialize+0x61d/0xde0 [ 2736.496397] ext4_bread+0x95/0x2b0 [ 2736.499941] ? ext4_getblk+0x630/0x630 [ 2736.503826] ? dquot_get_next_dqblk+0x180/0x180 [ 2736.508492] ? debug_check_no_obj_freed+0x30b/0x595 [ 2736.513509] ? kasan_check_write+0x14/0x20 [ 2736.517744] ext4_append+0x14e/0x370 [ 2736.521458] ext4_mkdir+0x532/0xe60 [ 2736.525095] ? ext4_init_dot_dotdot+0x510/0x510 [ 2736.529765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2736.535306] ? security_inode_permission+0xd2/0x100 [ 2736.540329] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2736.545866] ? security_inode_mkdir+0xe8/0x120 [ 2736.550450] vfs_mkdir+0x42e/0x6b0 [ 2736.553996] do_mkdirat+0x27b/0x310 [ 2736.557625] ? __ia32_sys_mknod+0xb0/0xb0 [ 2736.561771] ? ksys_ioctl+0x81/0xd0 [ 2736.565404] __x64_sys_mkdir+0x5c/0x80 [ 2736.569296] do_syscall_64+0x1b9/0x820 [ 2736.573180] ? finish_task_switch+0x1d3/0x870 [ 2736.577676] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2736.582606] ? syscall_return_slowpath+0x31d/0x5e0 [ 2736.587535] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2736.592548] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2736.597564] ? perf_trace_sys_enter+0xb10/0xb10 03:40:58 executing program 5: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000080)="1f000000520007f20000b2fef5000f430a0000e80000001ab4a5eaffffb92b", 0x1f) readv(r0, &(0x7f00000001c0), 0x0) 03:40:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xb9, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2736.602234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2736.607080] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2736.612265] RIP: 0033:0x455267 [ 2736.615790] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2736.635078] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2736.642798] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2736.650070] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2736.657342] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a [ 2736.664611] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2736.671880] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000001f [ 2736.718942] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:59 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x4000, 0x0) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f00000000c0)=0x80) creat(&(0x7f00006e9ff8)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000faffe7)=@known='security.capability\x00', &(0x7f00002b2fec)="0000000201000000000000010400000000000000", 0x14, 0x0) getxattr(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000b29f57)=@known="73656375726974792e6361706162696c69747900c9bd3012983e02155960196a2a84585f19c1c826172982a8de1ccc4cdc6987ffc9715cef22cee4c673d4388d5e5604a0b838afb35bd352e4c9ee649a771208309ca436bf919fd9636bfa255ff4b31f40f88ecc9c2d812171c412624f0c142fc54f65f49239f27686c17d489e925da19bf31e30ec75cd92237957661ce8a1568418e6d3d428174f89a11cc821fbf64122a36f6b411c", &(0x7f0000227f74)=""/140, 0x0) 03:40:59 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x85, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:59 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x40000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:59 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei%erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:59 executing program 4 (fault-call:0 fault-nth:32): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:59 executing program 0 (fault-call:5 fault-nth:0): open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:40:59 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2737.244274] FAULT_INJECTION: forcing a failure. [ 2737.244274] name failslab, interval 1, probability 0, space 0, times 0 [ 2737.255669] CPU: 0 PID: 3991 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2737.263990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2737.273345] Call Trace: [ 2737.275942] dump_stack+0x1c9/0x2b4 [ 2737.279580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2737.284791] should_fail.cold.4+0xa/0x11 [ 2737.288865] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:40:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xe3, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2737.293982] ? kasan_check_read+0x11/0x20 [ 2737.298136] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2737.302645] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2737.307241] ? kasan_check_write+0x14/0x20 [ 2737.311484] ? do_raw_spin_lock+0xc1/0x200 [ 2737.315729] ? trace_hardirqs_on+0xd/0x10 [ 2737.319887] ? __find_get_block+0x36d/0xe60 [ 2737.324226] ? block_invalidatepage+0x520/0x520 [ 2737.328902] ? do_raw_write_trylock+0x1c0/0x1c0 [ 2737.333585] ? check_same_owner+0x340/0x340 [ 2737.337919] ? lock_downgrade+0x8f0/0x8f0 03:40:59 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:40:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x106, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2737.342082] ? check_same_owner+0x340/0x340 [ 2737.346409] ? rcu_note_context_switch+0x730/0x730 [ 2737.351356] __should_failslab+0x124/0x180 [ 2737.355603] should_failslab+0x9/0x14 [ 2737.359412] kmem_cache_alloc+0x2af/0x760 [ 2737.363569] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2737.368597] ? __find_get_block+0xe60/0xe60 [ 2737.372932] jbd2_journal_add_journal_head+0x1ef/0x5d0 [ 2737.378224] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2737.383780] ? jbd2_journal_write_metadata_buffer+0xf00/0xf00 [ 2737.389689] jbd2_journal_get_create_access+0x42/0x600 03:40:59 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfdfdffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2737.394985] ? rcu_note_context_switch+0x730/0x730 [ 2737.399932] __ext4_journal_get_create_access+0x46/0x90 [ 2737.405328] ext4_getblk+0x2be/0x630 [ 2737.409062] ? ext4_iomap_begin+0x1350/0x1350 [ 2737.413572] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2737.419119] ? __dquot_initialize+0x61d/0xde0 [ 2737.423630] ext4_bread+0x95/0x2b0 [ 2737.427181] ? ext4_getblk+0x630/0x630 [ 2737.431072] ? dquot_get_next_dqblk+0x180/0x180 [ 2737.435749] ? debug_check_no_obj_freed+0x30b/0x595 [ 2737.440776] ? kasan_check_write+0x14/0x20 [ 2737.445023] ext4_append+0x14e/0x370 [ 2737.448747] ext4_mkdir+0x532/0xe60 [ 2737.452384] ? ext4_init_dot_dotdot+0x510/0x510 [ 2737.457065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2737.462610] ? security_inode_permission+0xd2/0x100 [ 2737.467727] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2737.473276] ? security_inode_mkdir+0xe8/0x120 [ 2737.477873] vfs_mkdir+0x42e/0x6b0 [ 2737.481430] do_mkdirat+0x27b/0x310 [ 2737.485067] ? __ia32_sys_mknod+0xb0/0xb0 [ 2737.489223] ? ksys_ioctl+0x81/0xd0 [ 2737.492859] __x64_sys_mkdir+0x5c/0x80 [ 2737.496761] do_syscall_64+0x1b9/0x820 [ 2737.500654] ? finish_task_switch+0x1d3/0x870 [ 2737.505162] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2737.510103] ? syscall_return_slowpath+0x31d/0x5e0 [ 2737.515038] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2737.520048] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2737.525052] ? perf_trace_sys_enter+0xb10/0xb10 [ 2737.529708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2737.534540] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2737.539710] RIP: 0033:0x455267 [ 2737.542881] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2737.562172] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 2737.569870] RAX: ffffffffffffffda RBX: 0000000020000490 RCX: 0000000000455267 [ 2737.577121] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 2737.584371] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000000a 03:40:59 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000600)={"00ac730000000000ec973f820f7c4000", 0xc201}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x339) socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x1, &(0x7f00000000c0)="295ee1311f16f477671070") close(r0) 03:40:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x24f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:40:59 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa18, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:40:59 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:40:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2737.591622] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 2737.598874] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000020 [ 2737.606270] ENOMEM in journal_alloc_journal_head, retrying. [ 2737.615744] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:40:59 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='rei0erfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:40:59 executing program 4 (fault-call:0 fault-nth:33): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2737.716926] FAULT_INJECTION: forcing a failure. [ 2737.716926] name failslab, interval 1, probability 0, space 0, times 0 [ 2737.728270] CPU: 0 PID: 4046 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2737.736627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2737.746333] Call Trace: [ 2737.748927] dump_stack+0x1c9/0x2b4 [ 2737.752571] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2737.757768] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2737.762355] should_fail.cold.4+0xa/0x11 [ 2737.766420] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2737.771568] ? _raw_spin_unlock+0x22/0x30 [ 2737.775722] ? lock_acquire+0x1e4/0x540 [ 2737.779696] ? handle_mm_fault+0x417/0xc80 [ 2737.783932] ? lock_release+0xa30/0xa30 [ 2737.787909] ? lock_acquire+0x1e4/0x540 [ 2737.791970] ? fs_reclaim_acquire+0x20/0x20 [ 2737.796305] ? lock_downgrade+0x8f0/0x8f0 [ 2737.800460] ? check_same_owner+0x340/0x340 [ 2737.804784] ? rcu_note_context_switch+0x730/0x730 [ 2737.809718] __should_failslab+0x124/0x180 [ 2737.813961] should_failslab+0x9/0x14 [ 2737.817762] __kmalloc_track_caller+0x2c4/0x760 [ 2737.822440] ? strncpy_from_user+0x510/0x510 [ 2737.826848] ? strndup_user+0x77/0xd0 [ 2737.830651] memdup_user+0x2c/0xa0 [ 2737.834205] strndup_user+0x77/0xd0 [ 2737.837836] ksys_mount+0x3c/0x140 [ 2737.841381] __x64_sys_mount+0xbe/0x150 [ 2737.845359] do_syscall_64+0x1b9/0x820 [ 2737.849269] ? finish_task_switch+0x1d3/0x870 [ 2737.853803] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2737.858736] ? syscall_return_slowpath+0x31d/0x5e0 [ 2737.863670] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2737.868686] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2737.874220] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2737.879248] ? perf_trace_sys_enter+0xb10/0xb10 [ 2737.883933] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2737.888778] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2737.893965] RIP: 0033:0x45885a [ 2737.897143] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2737.916450] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2737.924160] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2737.931423] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2737.938688] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2737.945961] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2737.953224] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000021 [ 2738.172452] FAULT_INJECTION: forcing a failure. [ 2738.172452] name fail_futex, interval 1, probability 0, space 0, times 0 [ 2738.183897] CPU: 0 PID: 4008 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2738.192204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2738.201548] Call Trace: [ 2738.204132] dump_stack+0x1c9/0x2b4 [ 2738.207752] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2738.212949] ? trace_hardirqs_on+0x10/0x10 [ 2738.217177] ? __isolate_free_page+0x690/0x690 [ 2738.221757] should_fail.cold.4+0xa/0x11 [ 2738.225814] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2738.230917] ? trace_hardirqs_on+0x10/0x10 [ 2738.235152] ? trace_hardirqs_on+0x10/0x10 [ 2738.239385] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2738.244925] ? pmd_huge+0x9a/0x150 [ 2738.248457] ? rbt_memtype_check_insert.cold.8+0x20a/0x20a [ 2738.254077] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 2738.258910] ? trace_hardirqs_on+0x10/0x10 [ 2738.263136] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2738.268147] ? gup_pgd_range+0x40f/0x3410 [ 2738.272290] ? lock_acquire+0x1e4/0x540 [ 2738.276267] get_futex_key+0x119a/0x2000 [ 2738.280322] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.284727] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2738.289303] ? futex_lock_pi_atomic+0x3a0/0x3a0 [ 2738.293967] ? lock_acquire+0x1e4/0x540 [ 2738.297935] ? __free_pages_ok+0x10ce/0x2a60 [ 2738.302339] ? lock_downgrade+0x8f0/0x8f0 [ 2738.306484] ? kasan_check_read+0x11/0x20 [ 2738.310625] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.315024] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2738.319600] ? trace_hardirqs_on+0x10/0x10 [ 2738.323824] ? do_raw_spin_lock+0xc1/0x200 [ 2738.328054] ? trace_hardirqs_on+0xd/0x10 [ 2738.332205] ? task_fork_fair+0x680/0x680 [ 2738.336347] ? trace_hardirqs_on+0x10/0x10 [ 2738.340575] ? trace_hardirqs_on+0x10/0x10 [ 2738.344806] ? update_curr+0x4c8/0xc00 [ 2738.348684] ? lock_downgrade+0x8f0/0x8f0 [ 2738.352824] ? lock_release+0xa30/0xa30 [ 2738.356790] ? cpuacct_charge+0x30a/0x5d0 [ 2738.360940] ? trace_hardirqs_on+0x10/0x10 [ 2738.365168] ? percpu_ref_put_many+0x119/0x240 [ 2738.369746] ? __debug_object_init+0x581/0x12e0 [ 2738.374407] ? lock_downgrade+0x8f0/0x8f0 [ 2738.378550] ? lock_downgrade+0x8f0/0x8f0 [ 2738.382696] ? kasan_check_read+0x11/0x20 [ 2738.386836] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.391246] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2738.396262] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2738.401013] ? lock_acquire+0x1e4/0x540 [ 2738.404978] ? is_bpf_text_address+0xae/0x170 [ 2738.409464] ? lock_downgrade+0x8f0/0x8f0 [ 2738.413606] futex_wake+0x1ac/0x760 [ 2738.417227] ? kasan_check_read+0x11/0x20 [ 2738.421376] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.425778] ? get_futex_key+0x2000/0x2000 [ 2738.430004] ? is_bpf_text_address+0xd7/0x170 [ 2738.434494] ? __kernel_text_address+0xd/0x40 [ 2738.438982] ? trace_hardirqs_on+0x10/0x10 [ 2738.443215] do_futex+0x300/0x27d0 [ 2738.446753] ? trace_hardirqs_on+0x10/0x10 [ 2738.450979] ? trace_hardirqs_on+0x10/0x10 [ 2738.455205] ? save_stack+0x43/0xd0 [ 2738.458824] ? kasan_slab_free+0xe/0x10 [ 2738.462790] ? exit_robust_list+0x290/0x290 [ 2738.467120] ? __dentry_kill+0x44c/0x7a0 [ 2738.471177] ? dput.part.26+0x66b/0x7a0 [ 2738.475144] ? trace_hardirqs_on+0x10/0x10 [ 2738.479373] ? trace_hardirqs_on+0x10/0x10 [ 2738.483601] ? kasan_check_write+0x14/0x20 [ 2738.487826] ? do_raw_spin_lock+0xc1/0x200 [ 2738.492054] ? trace_hardirqs_off+0xd/0x10 [ 2738.496281] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 2738.501376] ? debug_check_no_obj_freed+0x30b/0x595 [ 2738.506386] ? integrity_inode_free+0x5d/0x320 [ 2738.510965] ? lock_acquire+0x1e4/0x540 [ 2738.514956] ? __delayacct_add_tsk+0x54b/0x650 [ 2738.519535] ? lock_acquire+0x1e4/0x540 [ 2738.523501] ? __might_fault+0x12b/0x1e0 [ 2738.527570] ? lock_acquire+0x1e4/0x540 [ 2738.531542] ? __might_fault+0x12b/0x1e0 [ 2738.535601] ? lock_downgrade+0x8f0/0x8f0 [ 2738.539747] ? trace_hardirqs_off+0xd/0x10 [ 2738.544000] ? lock_release+0xa30/0xa30 [ 2738.547968] ? check_same_owner+0x340/0x340 [ 2738.552290] mm_release+0x46a/0x5f0 [ 2738.555912] ? mm_access+0x160/0x160 [ 2738.559623] ? kasan_check_write+0x14/0x20 [ 2738.563854] ? do_raw_spin_lock+0xc1/0x200 [ 2738.568086] ? trace_hardirqs_on+0xd/0x10 [ 2738.572236] ? _raw_spin_unlock_irq+0x27/0x70 [ 2738.576722] ? acct_collect+0x70c/0x860 [ 2738.580688] do_exit+0x567/0x2750 [ 2738.584133] ? save_stack+0x43/0xd0 [ 2738.587752] ? __kasan_slab_free+0x11a/0x170 [ 2738.592150] ? kasan_slab_free+0xe/0x10 [ 2738.596119] ? kmem_cache_free+0x86/0x2d0 [ 2738.600261] ? __dentry_kill+0x527/0x7a0 [ 2738.604312] ? dentry_kill+0xc9/0x5a0 [ 2738.608109] ? __fput+0x530/0x930 [ 2738.611555] ? mm_update_next_owner+0x9a0/0x9a0 [ 2738.616225] ? do_signal+0x9c/0x21c0 [ 2738.619932] ? exit_to_usermode_loop+0x2e5/0x380 [ 2738.624680] ? do_syscall_64+0x6be/0x820 [ 2738.628733] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2738.634093] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.638497] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2738.643072] ? kasan_check_write+0x14/0x20 [ 2738.647299] ? do_raw_spin_lock+0xc1/0x200 [ 2738.651528] ? trace_hardirqs_off+0xd/0x10 [ 2738.655758] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 2738.660855] ? trace_hardirqs_on+0x10/0x10 [ 2738.665087] ? trace_hardirqs_off+0xd/0x10 [ 2738.669315] ? quarantine_put+0x10d/0x1b0 [ 2738.673458] ? trace_hardirqs_on+0x10/0x10 [ 2738.677685] ? mntput_no_expire+0x7be/0xbc0 [ 2738.681998] ? lock_downgrade+0x8f0/0x8f0 [ 2738.686141] ? lock_downgrade+0x8f0/0x8f0 [ 2738.690287] ? kasan_check_read+0x11/0x20 [ 2738.694426] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2738.698824] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2738.703408] ? cpumask_next+0x24/0x30 [ 2738.707201] ? mnt_get_count+0xf4/0x150 [ 2738.711168] ? do_raw_spin_lock+0xc1/0x200 [ 2738.715396] ? _raw_spin_unlock+0x22/0x30 [ 2738.719536] ? mntput_no_expire+0x18e/0xbc0 [ 2738.723858] ? dentry_kill+0xce/0x5a0 [ 2738.727651] ? mnt_get_count+0x150/0x150 [ 2738.731703] ? dput.part.26+0x276/0x7a0 [ 2738.735674] ? shrink_dcache_sb+0x350/0x350 [ 2738.740012] ? memset+0x31/0x40 [ 2738.743288] ? __dequeue_signal+0xf9/0x7d0 [ 2738.747522] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2738.753055] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2738.758583] ? recalc_sigpending_tsk+0x180/0x180 [ 2738.763331] ? get_signal+0x918/0x1970 [ 2738.767220] ? lock_downgrade+0x8f0/0x8f0 [ 2738.771364] ? do_raw_spin_lock+0xc1/0x200 [ 2738.775592] do_group_exit+0x177/0x440 [ 2738.779475] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2738.784046] ? __ia32_sys_exit+0x50/0x50 [ 2738.788100] ? kasan_check_write+0x14/0x20 [ 2738.792326] ? do_raw_spin_lock+0xc1/0x200 [ 2738.796557] get_signal+0x88e/0x1970 [ 2738.800265] ? ptrace_notify+0x130/0x130 [ 2738.804320] ? rcu_note_context_switch+0x730/0x730 [ 2738.809240] ? check_same_owner+0x340/0x340 [ 2738.813556] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2738.819088] ? fput+0x130/0x1a0 [ 2738.822364] ? __sys_recvmmsg+0x63c/0xba0 [ 2738.826516] do_signal+0x9c/0x21c0 [ 2738.830060] ? lock_acquire+0x1e4/0x540 [ 2738.834031] ? setup_sigcontext+0x7d0/0x7d0 [ 2738.838347] ? lock_release+0xa30/0xa30 [ 2738.842315] ? check_same_owner+0x340/0x340 [ 2738.846644] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2738.852180] exit_to_usermode_loop+0x2e5/0x380 [ 2738.856760] ? syscall_slow_exit_work+0x500/0x500 [ 2738.861603] do_syscall_64+0x6be/0x820 [ 2738.865486] ? finish_task_switch+0x1d3/0x870 [ 2738.869978] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2738.874904] ? syscall_return_slowpath+0x31d/0x5e0 [ 2738.879833] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2738.884845] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2738.889852] ? perf_trace_sys_enter+0xb10/0xb10 [ 2738.894514] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2738.899443] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2738.904622] RIP: 0033:0x455e29 03:41:00 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:00 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1f1, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:00 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1a, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:00 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:00 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:00 executing program 4 (fault-call:0 fault-nth:34): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:00 executing program 5: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000600)={"00ac730000000000ec973f820f7c4000", 0xc201}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x339) socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x1, &(0x7f00000000c0)="295ee1311f16f477671070") close(r0) 03:41:00 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reizerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2738.907804] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2738.927144] RSP: 002b:00007f2c06902c68 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2738.934846] RAX: 0000000000000001 RBX: 00007f2c069036d4 RCX: 0000000000455e29 [ 2738.942106] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000016 [ 2738.949366] RBP: 000000000072bea0 R08: 00000000200000c0 R09: 0000000000000000 [ 2738.956625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 2738.963885] R13: 00000000004c0e87 R14: 00000000004d1090 R15: 0000000000000000 [ 2739.003110] FAULT_INJECTION: forcing a failure. [ 2739.003110] name failslab, interval 1, probability 0, space 0, times 0 [ 2739.014439] CPU: 0 PID: 4060 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2739.022756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2739.032108] Call Trace: [ 2739.034709] dump_stack+0x1c9/0x2b4 [ 2739.038349] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2739.043550] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2739.048148] should_fail.cold.4+0xa/0x11 [ 2739.052227] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2739.057344] ? lock_repin_lock+0x430/0x430 [ 2739.061594] ? kasan_check_write+0x14/0x20 [ 2739.065857] ? lock_acquire+0x1e4/0x540 [ 2739.069842] ? handle_mm_fault+0x417/0xc80 [ 2739.074079] ? lock_release+0xa30/0xa30 [ 2739.078055] ? lock_acquire+0x1e4/0x540 [ 2739.082027] ? fs_reclaim_acquire+0x20/0x20 [ 2739.086349] ? lock_downgrade+0x8f0/0x8f0 [ 2739.090502] ? check_same_owner+0x340/0x340 [ 2739.094822] ? rcu_note_context_switch+0x730/0x730 03:41:01 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:01 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:01 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2739.099750] __should_failslab+0x124/0x180 [ 2739.103986] should_failslab+0x9/0x14 [ 2739.107786] __kmalloc_track_caller+0x2c4/0x760 [ 2739.112469] ? strncpy_from_user+0x510/0x510 [ 2739.116893] ? strndup_user+0x77/0xd0 [ 2739.120719] memdup_user+0x2c/0xa0 [ 2739.124274] strndup_user+0x77/0xd0 [ 2739.127911] ksys_mount+0x3c/0x140 [ 2739.131460] __x64_sys_mount+0xbe/0x150 [ 2739.135444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2739.141017] do_syscall_64+0x1b9/0x820 [ 2739.144935] ? syscall_slow_exit_work+0x500/0x500 03:41:01 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x300000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2739.149792] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2739.154733] ? syscall_return_slowpath+0x31d/0x5e0 [ 2739.159672] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2739.165217] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2739.170242] ? perf_trace_sys_enter+0xb10/0xb10 [ 2739.174916] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2739.179777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2739.184966] RIP: 0033:0x45885a 03:41:01 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xff00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:01 executing program 4 (fault-call:0 fault-nth:35): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2739.188151] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2739.207427] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2739.215164] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2739.222454] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2739.229724] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2739.236994] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2739.244269] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000022 03:41:01 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x81934fffe1f3ddb, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:01 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2a2, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2739.349708] FAULT_INJECTION: forcing a failure. [ 2739.349708] name failslab, interval 1, probability 0, space 0, times 0 [ 2739.361020] CPU: 0 PID: 4094 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2739.369348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2739.378705] Call Trace: [ 2739.381304] dump_stack+0x1c9/0x2b4 [ 2739.384948] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2739.390153] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2739.394753] should_fail.cold.4+0xa/0x11 [ 2739.398818] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2739.403924] ? _raw_spin_unlock+0x22/0x30 [ 2739.408079] ? lock_acquire+0x1e4/0x540 [ 2739.412058] ? handle_mm_fault+0x417/0xc80 [ 2739.416295] ? lock_release+0xa30/0xa30 [ 2739.420301] ? lock_acquire+0x1e4/0x540 [ 2739.424450] ? fs_reclaim_acquire+0x20/0x20 [ 2739.428772] ? lock_downgrade+0x8f0/0x8f0 [ 2739.432921] ? check_same_owner+0x340/0x340 [ 2739.437246] ? rcu_note_context_switch+0x730/0x730 [ 2739.442181] __should_failslab+0x124/0x180 [ 2739.446418] should_failslab+0x9/0x14 [ 2739.450579] __kmalloc_track_caller+0x2c4/0x760 [ 2739.455254] ? strncpy_from_user+0x510/0x510 [ 2739.459664] ? strndup_user+0x77/0xd0 [ 2739.463465] memdup_user+0x2c/0xa0 [ 2739.467007] strndup_user+0x77/0xd0 [ 2739.470642] ksys_mount+0x3c/0x140 [ 2739.474186] __x64_sys_mount+0xbe/0x150 [ 2739.478196] do_syscall_64+0x1b9/0x820 [ 2739.482087] ? finish_task_switch+0x1d3/0x870 [ 2739.486585] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2739.491523] ? syscall_return_slowpath+0x31d/0x5e0 [ 2739.496456] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2739.501474] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2739.507015] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2739.512031] ? perf_trace_sys_enter+0xb10/0xb10 [ 2739.516702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2739.521550] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2739.526736] RIP: 0033:0x45885a [ 2739.529919] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2739.549225] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2739.556935] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2739.564215] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2739.571481] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2739.578748] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2739.586026] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000023 03:41:02 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r1 = socket$inet6(0xa, 0x5000000000002, 0xffffeffffffffffd) ioctl$TCXONC(r0, 0x540a, 0x1) ioctl$RNDZAPENTCNT(r0, 0x5204, &(0x7f0000000040)=0x7f) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100)={0xffffffffffffffff}, 0x111, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0xa, 0x4, 0xfa00, {r2}}, 0xc) syz_init_net_socket$llc(0x1a, 0x3, 0x0) ioctl(r1, 0x8935, &(0x7f0000000280)="025c4cfd19345f8f762045") write$P9_RRENAMEAT(r0, &(0x7f0000000140)={0xffffffffffffff60, 0x4b, 0x1}, 0x115) r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000200)={0x0, 0x4, 0x30}, &(0x7f0000000240)=0xc) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f00000002c0)={r4, 0xf7, 0x75, "61880681d1aecaf5638c006be0f4a4ccbcfd06afb67c38598d1a95585e080fabdde2463f4f9ade73194f53b3ad593777c1e061af57fee4e07eefd495a70829e3fbbaf9d76448879c96149a25860754e162a223817786a6fef98b25cd3cc2f5d4247d2b29e7b041c4c5dc9ca866259c7721150a9929"}, 0x7d) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x80300, 0x0) 03:41:02 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:02 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:02 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiKerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:02 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x100000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:02 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000080)) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f00000000c0)={{0x3, 0x1, 0x4, 0x2, 0x800}, 0x6, 0x9, 'id1\x00', 'timer0\x00', 0x0, 0x0, 0xffffffff, 0x7, 0x8224}) 03:41:02 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x141, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:02 executing program 4 (fault-call:0 fault-nth:36): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2740.090818] FAULT_INJECTION: forcing a failure. [ 2740.090818] name failslab, interval 1, probability 0, space 0, times 0 [ 2740.102133] CPU: 1 PID: 4107 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2740.110735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2740.120097] Call Trace: [ 2740.122697] dump_stack+0x1c9/0x2b4 [ 2740.126337] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2740.131542] ? __sanitizer_cov_trace_cmp4+0x16/0x20 03:41:02 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:02 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1400000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:02 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfc030000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:02 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1bd, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:02 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x100000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f00000000c0)=ANY=[]) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0x141082, 0x0) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x18}, 'ifb0\x00'}}, 0x1e) r1 = open(&(0x7f0000000080)='./file0/file0\x00', 0x3fffa, 0x0) open_by_handle_at(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="091d00000100000009"], 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000280)={{0x2, 0x7, 0x1ff, 0x9, 'syz0\x00', 0x5}, 0x0, [0x5, 0x8, 0x100, 0x7, 0x6, 0x8001, 0xfffffffffffffc00, 0x0, 0x8000, 0x6c69, 0x3, 0x20, 0x100, 0x9, 0x4, 0x1000, 0x5, 0x7f800000000, 0x401, 0x80000001, 0x0, 0x7, 0x1, 0x80000000, 0x100000001, 0x5, 0x200, 0x6, 0x4, 0x3, 0x10000, 0x1, 0x1000, 0x6, 0x7, 0x46, 0x6, 0x5, 0x4b53233a, 0x96, 0x0, 0x7f, 0x6, 0x8, 0x1, 0xaf, 0x100000000, 0x40, 0x1, 0x0, 0x2, 0x80000000, 0xff, 0x80, 0x6, 0x52f32efa, 0x3, 0x545, 0x1, 0x8, 0xd9b, 0x2e, 0x2, 0x81, 0x4, 0x3, 0x80000000, 0x5, 0x7, 0x8, 0x3, 0x6, 0xaa95, 0x100000000, 0x2, 0x4, 0xffffffffffffff81, 0xf5, 0x4, 0xfffffffffffffffc, 0x80, 0x10000, 0xffffffffffff7fff, 0xf7, 0xfffffffffffffff8, 0x8, 0x1ef9, 0x2, 0x8, 0x1, 0x2, 0xffffffffffffffff, 0x7021, 0xff, 0x9b71, 0x400, 0x7fff, 0xfffffffffffffffb, 0x3, 0xffff, 0x8, 0x1, 0x9, 0x3a4, 0xffffffffffffffff, 0x3ff, 0x2, 0x1ff, 0x81, 0xfffffffffffffffb, 0x9, 0x80, 0x9, 0x1, 0x5, 0x5, 0xfb5, 0xfffffffffffffffe, 0x4, 0x77b4, 0x1, 0xfffffffffffeffff, 0x5, 0x2, 0x100000001, 0xee9a, 0xf18a, 0x3f], {0x77359400}}) [ 2740.136572] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2740.141355] should_fail.cold.4+0xa/0x11 [ 2740.145430] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2740.150544] ? lock_release+0xa30/0xa30 [ 2740.154538] ? kasan_check_read+0x11/0x20 [ 2740.158700] ? rcu_is_watching+0x8c/0x150 [ 2740.162861] ? is_bpf_text_address+0xd7/0x170 [ 2740.167369] ? kernel_text_address+0x79/0xf0 [ 2740.171789] ? __kernel_text_address+0xd/0x40 [ 2740.176296] ? lock_acquire+0x1e4/0x540 [ 2740.180284] ? fs_reclaim_acquire+0x20/0x20 [ 2740.184623] ? lock_downgrade+0x8f0/0x8f0 [ 2740.188786] ? check_same_owner+0x340/0x340 [ 2740.193121] ? save_stack+0xa9/0xd0 [ 2740.196765] ? rcu_note_context_switch+0x730/0x730 [ 2740.201715] ? kmem_cache_alloc_trace+0x152/0x780 [ 2740.206576] ? copy_mount_options+0x5f/0x380 [ 2740.211005] __should_failslab+0x124/0x180 [ 2740.215258] should_failslab+0x9/0x14 [ 2740.219087] kmem_cache_alloc+0x2af/0x760 [ 2740.223250] ? lock_acquire+0x1e4/0x540 [ 2740.227241] ? handle_mm_fault+0x417/0xc80 [ 2740.231491] ? lock_release+0xa30/0xa30 [ 2740.235493] getname_flags+0xd0/0x5a0 03:41:02 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:02 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1900000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:02 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfc03], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2740.239310] user_path_at_empty+0x2d/0x50 [ 2740.243466] do_mount+0x180/0x1fb0 [ 2740.247015] ? check_same_owner+0x340/0x340 [ 2740.251346] ? lock_release+0xa30/0xa30 [ 2740.255463] ? copy_mount_string+0x40/0x40 [ 2740.259712] ? retint_kernel+0x10/0x10 [ 2740.263616] ? copy_mount_options+0x1f0/0x380 [ 2740.268135] ? __sanitizer_cov_trace_pc+0x4c/0x50 [ 2740.272989] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2740.278565] ? copy_mount_options+0x285/0x380 [ 2740.283081] ksys_mount+0x12d/0x140 [ 2740.286720] __x64_sys_mount+0xbe/0x150 [ 2740.290703] do_syscall_64+0x1b9/0x820 [ 2740.294604] ? finish_task_switch+0x1d3/0x870 [ 2740.299110] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2740.304046] ? syscall_return_slowpath+0x31d/0x5e0 [ 2740.308984] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2740.314008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2740.319555] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2740.324588] ? perf_trace_sys_enter+0xb10/0xb10 [ 2740.329270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2740.334126] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2740.339317] RIP: 0033:0x45885a [ 2740.342504] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2740.361804] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2740.369519] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2740.376788] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2740.384056] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2740.391328] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2740.398603] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000024 03:41:03 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10) 03:41:03 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3a1, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:03 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfc03000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xd8fd94fffe803f29, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:03 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:03 executing program 4 (fault-call:0 fault-nth:37): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:03 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reikerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:03 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x100000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f00000000c0)=ANY=[]) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/qat_adf_ctl\x00', 0x141082, 0x0) connect$pppoe(r0, &(0x7f00000000c0)={0x18, 0x0, {0x4, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x18}, 'ifb0\x00'}}, 0x1e) r1 = open(&(0x7f0000000080)='./file0/file0\x00', 0x3fffa, 0x0) open_by_handle_at(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="091d00000100000009"], 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000280)={{0x2, 0x7, 0x1ff, 0x9, 'syz0\x00', 0x5}, 0x0, [0x5, 0x8, 0x100, 0x7, 0x6, 0x8001, 0xfffffffffffffc00, 0x0, 0x8000, 0x6c69, 0x3, 0x20, 0x100, 0x9, 0x4, 0x1000, 0x5, 0x7f800000000, 0x401, 0x80000001, 0x0, 0x7, 0x1, 0x80000000, 0x100000001, 0x5, 0x200, 0x6, 0x4, 0x3, 0x10000, 0x1, 0x1000, 0x6, 0x7, 0x46, 0x6, 0x5, 0x4b53233a, 0x96, 0x0, 0x7f, 0x6, 0x8, 0x1, 0xaf, 0x100000000, 0x40, 0x1, 0x0, 0x2, 0x80000000, 0xff, 0x80, 0x6, 0x52f32efa, 0x3, 0x545, 0x1, 0x8, 0xd9b, 0x2e, 0x2, 0x81, 0x4, 0x3, 0x80000000, 0x5, 0x7, 0x8, 0x3, 0x6, 0xaa95, 0x100000000, 0x2, 0x4, 0xffffffffffffff81, 0xf5, 0x4, 0xfffffffffffffffc, 0x80, 0x10000, 0xffffffffffff7fff, 0xf7, 0xfffffffffffffff8, 0x8, 0x1ef9, 0x2, 0x8, 0x1, 0x2, 0xffffffffffffffff, 0x7021, 0xff, 0x9b71, 0x400, 0x7fff, 0xfffffffffffffffb, 0x3, 0xffff, 0x8, 0x1, 0x9, 0x3a4, 0xffffffffffffffff, 0x3ff, 0x2, 0x1ff, 0x81, 0xfffffffffffffffb, 0x9, 0x80, 0x9, 0x1, 0x5, 0x5, 0xfb5, 0xfffffffffffffffe, 0x4, 0x77b4, 0x1, 0xfffffffffffeffff, 0x5, 0x2, 0x100000001, 0xee9a, 0xf18a, 0x3f], {0x77359400}}) [ 2741.208378] FAULT_INJECTION: forcing a failure. [ 2741.208378] name failslab, interval 1, probability 0, space 0, times 0 [ 2741.227757] CPU: 1 PID: 4163 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2741.236104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2741.245463] Call Trace: [ 2741.248068] dump_stack+0x1c9/0x2b4 [ 2741.251706] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2741.256906] ? putname+0xf2/0x130 [ 2741.260365] ? filename_lookup+0x397/0x510 [ 2741.264606] ? perf_trace_lock+0xde/0x920 [ 2741.268789] should_fail.cold.4+0xa/0x11 [ 2741.272873] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2741.278001] ? kasan_check_write+0x14/0x20 [ 2741.282238] ? do_raw_spin_lock+0xc1/0x200 [ 2741.286495] ? zap_class+0x740/0x740 [ 2741.290223] ? debug_check_no_obj_freed+0x30b/0x595 [ 2741.295263] ? path_lookupat.isra.45+0x27d/0xbf0 [ 2741.300029] ? trace_hardirqs_off+0xd/0x10 [ 2741.304265] ? quarantine_put+0x10d/0x1b0 [ 2741.308421] ? lock_acquire+0x1e4/0x540 [ 2741.312393] ? fs_reclaim_acquire+0x20/0x20 [ 2741.316719] ? lock_downgrade+0x8f0/0x8f0 [ 2741.320870] ? check_same_owner+0x340/0x340 [ 2741.325194] ? lock_downgrade+0x8f0/0x8f0 [ 2741.329342] ? rcu_note_context_switch+0x730/0x730 [ 2741.334286] __should_failslab+0x124/0x180 [ 2741.338544] should_failslab+0x9/0x14 [ 2741.342352] kmem_cache_alloc_trace+0x2cb/0x780 [ 2741.347034] ? kasan_check_write+0x14/0x20 [ 2741.353990] ? do_raw_read_unlock+0x3f/0x60 [ 2741.358316] vfs_new_fs_context+0x5a/0x700 [ 2741.362559] do_mount+0x5cf/0x1fb0 [ 2741.366099] ? check_same_owner+0x340/0x340 [ 2741.370418] ? lock_release+0xa30/0xa30 [ 2741.374395] ? copy_mount_string+0x40/0x40 [ 2741.378645] ? kasan_kmalloc+0xc4/0xe0 [ 2741.382540] ? kmem_cache_alloc_trace+0x318/0x780 [ 2741.387384] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2741.392924] ? _copy_from_user+0xdf/0x150 [ 2741.397077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2741.402618] ? copy_mount_options+0x285/0x380 [ 2741.407118] ksys_mount+0x12d/0x140 [ 2741.410801] __x64_sys_mount+0xbe/0x150 [ 2741.414786] do_syscall_64+0x1b9/0x820 [ 2741.418677] ? finish_task_switch+0x1d3/0x870 [ 2741.423175] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2741.428124] ? syscall_return_slowpath+0x31d/0x5e0 [ 2741.433058] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2741.438075] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2741.443615] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2741.448635] ? perf_trace_sys_enter+0xb10/0xb10 [ 2741.453322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2741.458174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2741.463376] RIP: 0033:0x45885a [ 2741.466558] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2741.485880] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2741.493592] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2741.500863] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 03:41:03 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x348, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa1a, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:03 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2741.508305] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2741.515572] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2741.522839] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000025 03:41:03 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:03 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:03 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x900000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:03 executing program 4 (fault-call:0 fault-nth:38): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:03 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1ce, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2741.664662] FAULT_INJECTION: forcing a failure. [ 2741.664662] name failslab, interval 1, probability 0, space 0, times 0 [ 2741.675993] CPU: 1 PID: 4187 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2741.684323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2741.693683] Call Trace: [ 2741.696289] dump_stack+0x1c9/0x2b4 [ 2741.699931] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2741.705133] ? putname+0xf2/0x130 [ 2741.708606] ? filename_lookup+0x397/0x510 [ 2741.712861] ? user_path_at_empty+0x40/0x50 [ 2741.717199] ? do_mount+0x180/0x1fb0 [ 2741.720916] ? __x64_sys_mount+0xbe/0x150 [ 2741.725080] should_fail.cold.4+0xa/0x11 [ 2741.729152] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2741.733570] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2741.738678] ? kasan_check_write+0x14/0x20 [ 2741.742913] ? do_raw_spin_lock+0xc1/0x200 [ 2741.747146] ? trace_hardirqs_off+0xd/0x10 [ 2741.751382] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 2741.756490] ? debug_check_no_obj_freed+0x30b/0x595 [ 2741.761509] ? path_lookupat.isra.45+0x27d/0xbf0 [ 2741.766270] ? trace_hardirqs_off+0xd/0x10 [ 2741.770523] ? quarantine_put+0x10d/0x1b0 [ 2741.774676] ? lock_acquire+0x1e4/0x540 [ 2741.778649] ? fs_reclaim_acquire+0x20/0x20 [ 2741.782968] ? lock_downgrade+0x8f0/0x8f0 [ 2741.787121] ? check_same_owner+0x340/0x340 [ 2741.791445] ? lock_downgrade+0x8f0/0x8f0 [ 2741.795618] ? rcu_note_context_switch+0x730/0x730 [ 2741.800549] __should_failslab+0x124/0x180 [ 2741.804786] should_failslab+0x9/0x14 [ 2741.808587] kmem_cache_alloc_trace+0x2cb/0x780 [ 2741.813257] ? kasan_check_write+0x14/0x20 [ 2741.817509] ? do_raw_read_unlock+0x3f/0x60 [ 2741.821848] vfs_new_fs_context+0x5a/0x700 [ 2741.826085] do_mount+0x5cf/0x1fb0 [ 2741.829629] ? copy_mount_string+0x40/0x40 [ 2741.833860] ? retint_kernel+0x10/0x10 [ 2741.837749] ? copy_mount_options+0x213/0x380 [ 2741.842246] ? write_comp_data+0x22/0x70 [ 2741.846306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2741.851841] ? copy_mount_options+0x285/0x380 [ 2741.856343] ksys_mount+0x12d/0x140 [ 2741.859973] __x64_sys_mount+0xbe/0x150 [ 2741.863948] do_syscall_64+0x1b9/0x820 [ 2741.867830] ? finish_task_switch+0x1d3/0x870 [ 2741.872323] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2741.877839] ? syscall_return_slowpath+0x31d/0x5e0 [ 2741.882767] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2741.887785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2741.893319] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2741.898332] ? perf_trace_sys_enter+0xb10/0xb10 [ 2741.903003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2741.907850] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2741.913034] RIP: 0033:0x45885a [ 2741.916218] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2741.935497] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2741.943206] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2741.950475] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2741.957741] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2741.965007] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2741.972275] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000026 03:41:04 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) socket$can_raw(0x1d, 0x3, 0x1) 03:41:04 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000000c0)='./control/file0\x00') ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) ptrace$pokeuser(0x6, r0, 0x467, 0x1) r3 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000000000)=""/188, 0xffffffff00000018) read(r3, &(0x7f0000000200)=""/21, 0x15) close(r1) 03:41:04 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiderfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:04 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xb0, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:04 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:04 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:04 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0xfdfdffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:04 executing program 4 (fault-call:0 fault-nth:39): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:04 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2742.188931] FAULT_INJECTION: forcing a failure. [ 2742.188931] name failslab, interval 1, probability 0, space 0, times 0 [ 2742.200288] CPU: 1 PID: 4208 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2742.208611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2742.217963] Call Trace: [ 2742.220556] dump_stack+0x1c9/0x2b4 [ 2742.224198] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2742.229424] ? kernel_text_address+0x79/0xf0 [ 2742.233848] should_fail.cold.4+0xa/0x11 [ 2742.238001] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2742.243119] ? save_stack+0xa9/0xd0 [ 2742.246750] ? save_stack+0x43/0xd0 [ 2742.250375] ? kasan_kmalloc+0xc4/0xe0 [ 2742.254259] ? vfs_new_fs_context+0x5a/0x700 [ 2742.258665] ? do_mount+0x5cf/0x1fb0 [ 2742.262375] ? ksys_mount+0x12d/0x140 [ 2742.266174] ? __x64_sys_mount+0xbe/0x150 [ 2742.270320] ? do_syscall_64+0x1b9/0x820 [ 2742.274383] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2742.279781] ? trace_hardirqs_off+0xd/0x10 [ 2742.284023] ? quarantine_put+0x10d/0x1b0 03:41:04 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1cbb1bfffe562c01, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2742.288185] ? lock_acquire+0x1e4/0x540 [ 2742.292166] ? fs_reclaim_acquire+0x20/0x20 [ 2742.296499] ? lock_downgrade+0x8f0/0x8f0 [ 2742.300652] ? fs_reclaim_acquire+0x20/0x20 [ 2742.304980] ? check_same_owner+0x340/0x340 [ 2742.309302] ? debug_mutex_init+0x2d/0x60 [ 2742.313458] ? rcu_note_context_switch+0x730/0x730 [ 2742.318413] __should_failslab+0x124/0x180 [ 2742.322662] should_failslab+0x9/0x14 [ 2742.326462] __kmalloc_track_caller+0x2c4/0x760 [ 2742.331133] ? vfs_set_fs_source+0x67/0x180 [ 2742.335460] kmemdup_nul+0x31/0xa0 03:41:04 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x41, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2742.339005] vfs_set_fs_source+0x67/0x180 [ 2742.343155] do_mount+0x61b/0x1fb0 [ 2742.346702] ? check_same_owner+0x340/0x340 [ 2742.351035] ? lock_release+0xa30/0xa30 [ 2742.355030] ? copy_mount_string+0x40/0x40 [ 2742.359278] ? kasan_kmalloc+0xc4/0xe0 [ 2742.363178] ? kmem_cache_alloc_trace+0x318/0x780 [ 2742.368030] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2742.373570] ? _copy_from_user+0xdf/0x150 [ 2742.377728] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2742.383268] ? copy_mount_options+0x285/0x380 03:41:04 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x24b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:04 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2742.387769] ksys_mount+0x12d/0x140 [ 2742.391415] __x64_sys_mount+0xbe/0x150 [ 2742.395396] do_syscall_64+0x1b9/0x820 [ 2742.399286] ? finish_task_switch+0x1d3/0x870 [ 2742.403786] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2742.408721] ? syscall_return_slowpath+0x31d/0x5e0 [ 2742.413690] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2742.418721] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2742.424266] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2742.429301] ? perf_trace_sys_enter+0xb10/0xb10 [ 2742.433989] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2742.438849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2742.444042] RIP: 0033:0x45885a [ 2742.447224] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2742.466516] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2742.474261] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2742.481536] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 03:41:04 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:04 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2dc, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:04 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3fc], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2742.488809] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2742.496080] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2742.503354] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000027 03:41:05 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x21fc, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:05 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfc00, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:05 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:05 executing program 4 (fault-call:0 fault-nth:40): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:05 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiaerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:05 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x147, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:05 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:05 executing program 5: r0 = socket$inet6(0xa, 0x4, 0x34a2fef4) r1 = accept4(r0, &(0x7f00000002c0)=@hci, &(0x7f0000000340)=0x80, 0x80800) sendmsg$nl_route_sched(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4050020}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)=@gettaction={0x1c, 0x32, 0x400, 0x70bd26, 0x25dfdbff, {0x0, 0x100000001, 0x49c912c2}, [@action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc040}, 0x40001) ioctl(r0, 0x8912, &(0x7f0000000040)="005c8f2380345f8f762070") syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000010c0), 0x0, &(0x7f0000001100)={[{@discard='discard', 0x2c}, {@statfs_quantum={'statfs_quantum', 0x3d}, 0x2c}]}) [ 2743.317852] FAULT_INJECTION: forcing a failure. [ 2743.317852] name failslab, interval 1, probability 0, space 0, times 0 [ 2743.326529] gfs2: not a GFS2 filesystem [ 2743.329125] CPU: 0 PID: 4253 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2743.341389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2743.350743] Call Trace: [ 2743.353339] dump_stack+0x1c9/0x2b4 [ 2743.356975] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2743.362170] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2743.367197] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2743.371970] should_fail.cold.4+0xa/0x11 [ 2743.376042] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2743.381155] ? should_fail+0x246/0xd86 [ 2743.385052] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2743.390165] ? kasan_check_read+0x11/0x20 [ 2743.394320] ? rcu_is_watching+0x8c/0x150 [ 2743.398474] ? is_bpf_text_address+0xd7/0x170 [ 2743.402971] ? kernel_text_address+0x79/0xf0 [ 2743.407384] ? __kernel_text_address+0xd/0x40 [ 2743.411886] ? lock_acquire+0x1e4/0x540 [ 2743.415865] ? fs_reclaim_acquire+0x20/0x20 [ 2743.420188] ? lock_downgrade+0x8f0/0x8f0 [ 2743.424333] ? fs_reclaim_acquire+0x20/0x20 [ 2743.428661] ? check_same_owner+0x340/0x340 [ 2743.432982] ? check_same_owner+0x340/0x340 [ 2743.437303] ? rcu_note_context_switch+0x730/0x730 [ 2743.442233] ? rcu_note_context_switch+0x730/0x730 [ 2743.447161] __should_failslab+0x124/0x180 [ 2743.451400] should_failslab+0x9/0x14 [ 2743.455203] kmem_cache_alloc+0x2af/0x760 [ 2743.459350] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 2743.464272] ? trace_hardirqs_off+0xd/0x10 [ 2743.468509] getname_kernel+0x54/0x370 [ 2743.472443] kern_path+0x1e/0x40 [ 2743.475810] lookup_bdev+0x10c/0x250 [ 2743.479526] ? blkdev_open+0x280/0x280 [ 2743.483411] ? check_same_owner+0x340/0x340 [ 2743.487741] ? debug_mutex_init+0x2d/0x60 [ 2743.491928] blkdev_get_by_path+0x1f/0xe0 [ 2743.496088] mount_bdev+0x61/0x3e0 [ 2743.499641] ? finish_unfinished+0x14e0/0x14e0 [ 2743.504231] get_super_block+0x3c/0x50 [ 2743.508124] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2743.512450] legacy_get_tree+0x118/0x440 03:41:05 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x15d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:05 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfc03000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:05 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfc, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:05 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:05 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:05 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x362, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2743.516517] vfs_get_tree+0x1cb/0x5c0 [ 2743.520331] ? vfs_set_fs_source+0x12c/0x180 [ 2743.524748] do_mount+0x6c1/0x1fb0 [ 2743.528295] ? check_same_owner+0x340/0x340 [ 2743.532622] ? lock_release+0xa30/0xa30 [ 2743.536610] ? copy_mount_string+0x40/0x40 [ 2743.540853] ? kasan_kmalloc+0xc4/0xe0 [ 2743.544770] ? kmem_cache_alloc_trace+0x318/0x780 [ 2743.549619] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2743.555161] ? _copy_from_user+0xdf/0x150 [ 2743.559317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:41:05 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2743.564868] ? copy_mount_options+0x285/0x380 [ 2743.569369] ksys_mount+0x12d/0x140 [ 2743.573003] __x64_sys_mount+0xbe/0x150 [ 2743.576983] do_syscall_64+0x1b9/0x820 [ 2743.580876] ? syscall_slow_exit_work+0x500/0x500 [ 2743.585725] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2743.590667] ? syscall_return_slowpath+0x31d/0x5e0 [ 2743.595613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2743.601168] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2743.606191] ? perf_trace_sys_enter+0xb10/0xb10 [ 2743.610871] ? trace_hardirqs_off_thunk+0x1a/0x1c 03:41:05 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x296, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2743.615728] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2743.620947] RIP: 0033:0x45885a [ 2743.624127] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2743.643407] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2743.651139] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2743.658417] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2743.665693] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2743.672972] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2743.680243] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000028 [ 2743.712095] gfs2: not a GFS2 filesystem 03:41:06 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) lseek(r1, 0x0, 0x3) write$P9_RREADDIR(r0, &(0x7f0000000140)={0x87, 0x29, 0x1, {0x200, [{{0x41, 0x0, 0x2}, 0x800, 0x3, 0x7, './file0'}, {{0x4, 0x4, 0x2}, 0x5, 0xab, 0x7, './file0'}, {{0x80, 0x2, 0x5}, 0x9, 0x1, 0x7, './file0'}, {{0x8a, 0x3, 0x4}, 0x4, 0x3ede, 0x7, './file0'}]}}, 0x87) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:06 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x34c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:06 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10aaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:06 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:06 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiierfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:06 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000240)='/dev/urandom\x00', 0x0, 0x0) r1 = memfd_create(&(0x7f0000000040)='\x00', 0x1) sendmsg$nl_route(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@ipv6_getanyicast={0x14, 0x3e, 0x10, 0x70bd27, 0x25dfdbfd, {0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24000000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000080)=0x5) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000280)) 03:41:06 executing program 4 (fault-call:0 fault-nth:41): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:06 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfdfdffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:06 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x17aaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:06 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2744.437669] FAULT_INJECTION: forcing a failure. [ 2744.437669] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2744.449586] CPU: 0 PID: 4310 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2744.457911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2744.467273] Call Trace: [ 2744.469882] dump_stack+0x1c9/0x2b4 [ 2744.473529] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2744.478735] ? lock_acquire+0x1e4/0x540 [ 2744.482738] should_fail.cold.4+0xa/0x11 [ 2744.486815] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2744.491929] ? kasan_check_read+0x11/0x20 [ 2744.496082] ? rcu_is_watching+0x8c/0x150 [ 2744.500237] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 2744.504908] ? is_bpf_text_address+0xd7/0x170 [ 2744.509416] ? kernel_text_address+0x79/0xf0 [ 2744.513849] ? __kernel_text_address+0xd/0x40 [ 2744.518347] ? unwind_get_return_address+0x61/0xa0 [ 2744.523281] ? lock_acquire+0x1e4/0x540 [ 2744.527258] ? fs_reclaim_acquire+0x20/0x20 [ 2744.531599] ? lock_downgrade+0x8f0/0x8f0 [ 2744.535761] ? check_same_owner+0x340/0x340 [ 2744.540088] ? save_stack+0x43/0xd0 [ 2744.543726] ? rcu_note_context_switch+0x730/0x730 [ 2744.548664] ? do_mount+0x69e/0x1fb0 [ 2744.552387] __alloc_pages_nodemask+0x36e/0xdb0 [ 2744.557062] ? trace_hardirqs_off+0xd/0x10 [ 2744.561300] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 2744.566315] ? lock_acquire+0x1e4/0x540 [ 2744.570291] ? __kmalloc_track_caller+0x549/0x760 [ 2744.575134] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2744.579542] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2744.584125] ? kasan_unpoison_shadow+0x35/0x50 [ 2744.588709] ? kasan_kmalloc+0xc4/0xe0 [ 2744.592601] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 2744.598148] alloc_pages_current+0x10c/0x210 [ 2744.602562] get_zeroed_page+0x14/0x50 [ 2744.606451] legacy_validate+0x111/0x210 [ 2744.610512] ? kmemdup+0x44/0x50 [ 2744.613878] ? legacy_get_tree+0x440/0x440 [ 2744.618112] vfs_get_tree+0x144/0x5c0 [ 2744.621913] ? vfs_set_fs_source+0x12c/0x180 [ 2744.626324] do_mount+0x6c1/0x1fb0 [ 2744.629863] ? check_same_owner+0x340/0x340 [ 2744.634183] ? lock_release+0xa30/0xa30 [ 2744.638159] ? copy_mount_string+0x40/0x40 [ 2744.642411] ? kasan_kmalloc+0xc4/0xe0 [ 2744.646298] ? kmem_cache_alloc_trace+0x318/0x780 [ 2744.651143] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2744.656679] ? _copy_from_user+0xdf/0x150 [ 2744.660844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2744.666379] ? copy_mount_options+0x285/0x380 [ 2744.670969] ksys_mount+0x12d/0x140 [ 2744.674638] __x64_sys_mount+0xbe/0x150 [ 2744.678624] do_syscall_64+0x1b9/0x820 [ 2744.682523] ? finish_task_switch+0x1d3/0x870 03:41:06 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2744.687046] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2744.692080] ? syscall_return_slowpath+0x31d/0x5e0 [ 2744.697021] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2744.702078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2744.707623] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2744.712668] ? perf_trace_sys_enter+0xb10/0xb10 [ 2744.717345] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2744.722193] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2744.727384] RIP: 0033:0x45885a 03:41:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2744.730565] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2744.749859] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2744.757583] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2744.764863] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2744.772139] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2744.779412] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 03:41:06 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:06 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfdfdffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2744.786690] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000029 03:41:07 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$sock_int(r2, 0x1, 0x2c, &(0x7f0000000000)=0x5, 0x4) ftruncate(r1, 0xffffffff00000001) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:07 executing program 5: socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000200)='net/raw\x00') read(r0, &(0x7f0000000040)=""/230, 0x20000126) openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) read(r0, &(0x7f0000000000)=""/56, 0x38) 03:41:07 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x700000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:07 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2ec, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:07 executing program 4 (fault-call:0 fault-nth:42): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:07 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reilerfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:07 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2745.486988] FAULT_INJECTION: forcing a failure. [ 2745.486988] name failslab, interval 1, probability 0, space 0, times 0 [ 2745.498396] CPU: 1 PID: 4362 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2745.506722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2745.516079] Call Trace: [ 2745.518671] dump_stack+0x1c9/0x2b4 [ 2745.522516] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2745.527717] should_fail.cold.4+0xa/0x11 [ 2745.531781] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2745.536901] ? lock_release+0xa30/0xa30 [ 2745.540881] ? check_same_owner+0x340/0x340 [ 2745.545203] ? check_same_owner+0x340/0x340 [ 2745.549561] ? trace_hardirqs_on+0x10/0x10 [ 2745.553801] ? lock_acquire+0x1e4/0x540 [ 2745.557779] ? blkdev_get+0x5f2/0xb50 [ 2745.561587] ? lo_open+0x1b/0xb0 [ 2745.564962] ? lock_acquire+0x1e4/0x540 [ 2745.568946] ? fs_reclaim_acquire+0x20/0x20 [ 2745.573281] ? lock_downgrade+0x8f0/0x8f0 [ 2745.577451] ? check_same_owner+0x340/0x340 [ 2745.581796] ? kasan_check_write+0x14/0x20 [ 2745.586047] ? rcu_note_context_switch+0x730/0x730 [ 2745.590988] __should_failslab+0x124/0x180 [ 2745.595230] should_failslab+0x9/0x14 [ 2745.599030] kmem_cache_alloc_trace+0x2cb/0x780 [ 2745.603832] ? check_same_owner+0x340/0x340 [ 2745.608167] ? m_show+0x5d0/0x5d0 [ 2745.611623] ? rcu_note_context_switch+0x730/0x730 [ 2745.616554] alloc_super+0xd4/0xb10 [ 2745.620191] ? destroy_unused_super.part.11+0x110/0x110 [ 2745.625560] ? sget_userns+0x17c/0x860 [ 2745.629470] ? lock_downgrade+0x8f0/0x8f0 [ 2745.633648] ? kasan_check_read+0x11/0x20 [ 2745.637814] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2745.642237] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2745.646850] ? kasan_check_write+0x14/0x20 [ 2745.651372] ? do_raw_spin_lock+0xc1/0x200 [ 2745.655633] sget_userns+0x276/0x860 [ 2745.659367] ? kill_litter_super+0x60/0x60 [ 2745.663618] ? test_single_super+0x10/0x10 [ 2745.667863] ? vfs_get_super+0x270/0x270 [ 2745.671932] ? kasan_check_read+0x11/0x20 [ 2745.676088] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2745.680677] ? kasan_check_write+0x14/0x20 [ 2745.684922] ? do_raw_spin_lock+0xc1/0x200 [ 2745.689186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2745.694729] ? ns_capable_common+0x13f/0x170 [ 2745.699143] ? kill_litter_super+0x60/0x60 [ 2745.703385] sget+0x10b/0x150 [ 2745.706497] ? test_single_super+0x10/0x10 [ 2745.710760] mount_bdev+0x115/0x3e0 [ 2745.714400] ? finish_unfinished+0x14e0/0x14e0 [ 2745.718998] get_super_block+0x3c/0x50 [ 2745.722893] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2745.727223] legacy_get_tree+0x118/0x440 [ 2745.731299] vfs_get_tree+0x1cb/0x5c0 03:41:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfc03], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:07 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:07 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:07 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xc, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:07 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x69, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:07 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1a00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:07 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = syz_fuse_mount(&(0x7f0000000340)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x1002000002002, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rename(&(0x7f0000000580)='./file0/file1/file0/file0\x00', &(0x7f00000002c0)='./file0/file1/file0/file0\x00') umount2(&(0x7f0000000080)='./file0\x00', 0x2) read(r0, &(0x7f0000003380)=""/4096, 0x30) r2 = add_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000000c0)="375e3c24af62fad6293dc82c538a25449af76e5712243420d8ce42bf3b9401cb27805933ac10db8105939a0ce0cf896dd11948ebd6568dbf0bdf7f531d4f88c4e487edeb28d904e21ac05ce2518934b09e364834ccb5b45f3668047d345d5f96f90c4dedee9a21e60a21595537962fef7bd21fc722eeaee9af8c799af5c3b90ac5c60445ef06c3b28bf61cfb893549bfe464024fb0d1f4876477a2c662783a", 0x9f, 0xffffffffffffffff) keyctl$describe(0x6, r2, &(0x7f00000001c0)=""/155, 0x9b) [ 2745.735113] ? vfs_set_fs_source+0x12c/0x180 [ 2745.739533] do_mount+0x6c1/0x1fb0 [ 2745.743079] ? check_same_owner+0x340/0x340 [ 2745.747410] ? lock_release+0xa30/0xa30 [ 2745.751396] ? copy_mount_string+0x40/0x40 [ 2745.755640] ? kasan_kmalloc+0xc4/0xe0 [ 2745.759544] ? kmem_cache_alloc_trace+0x318/0x780 [ 2745.764404] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2745.770039] ? _copy_from_user+0xdf/0x150 [ 2745.774199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2745.779743] ? copy_mount_options+0x285/0x380 [ 2745.784251] ksys_mount+0x12d/0x140 [ 2745.787883] __x64_sys_mount+0xbe/0x150 [ 2745.791988] do_syscall_64+0x1b9/0x820 [ 2745.795885] ? finish_task_switch+0x1d3/0x870 [ 2745.800390] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2745.805332] ? syscall_return_slowpath+0x31d/0x5e0 [ 2745.810269] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2745.815290] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2745.820832] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2745.825861] ? perf_trace_sys_enter+0xb10/0xb10 [ 2745.830538] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2745.835385] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2745.840568] RIP: 0033:0x45885a [ 2745.843747] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2745.863017] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2745.870731] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2745.878675] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2745.885943] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2745.893209] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2745.900478] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002a 03:41:08 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000200)={0x8, 0x2, 0x0, 0x2, 0x5, 0x4, 0x10000, 0xff, 0x0, 0x865b, 0x9, 0x1ff}) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x7ff, 0x30}, &(0x7f0000000140)=0xc) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000180)={r3}, &(0x7f00000001c0)=0x8) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000000)={0x3, 0x2, 0x8, 0x6, 'syz0\x00', 0x8}) 03:41:08 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:08 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x7c5ceafffea306f3, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:08 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xaa, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:08 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reislrfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:08 executing program 4 (fault-call:0 fault-nth:43): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:08 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x80000, 0x3c) connect$inet6(r1, &(0x7f00000009c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, 0x1c) creat(&(0x7f0000000000)='./file0\x00', 0x2a) sendmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="2c0271ca8b080aae3300bfa4def38003c21c104094", 0x15}], 0x1, &(0x7f0000000140)}, 0xc100) sendmsg(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001180)="b10b938636ea69df7b5a9984bb1bc72ef58d96e56e11df900a707f4946b1637e2096c584b9a1b4e017163fbdb35160a56c11dfbe74df97d36d19ad6a91c6fb4ad19581b8cf707131830f7a22b1b263c9da0e443c5e969ed6a0d3bc508bf75c3147447379f585759ceba0de5cda46291dc1b8f106a83e1cde43a862d95413ce2616b261ed9f79913ae781b3b843ea1b4429a750b8ccb1952a7b863d0bada9f61df6609fe368eaf47c0ce9e46a22b0d75b063deeaa94285d0c43353046e0a308296a76b0b0145f8af9aa0ed0e18bc50509eaef21c8e03842a97df3a462ea3f9d5f83bf1d4d2875f0d5b24e941483f863cd2ea7c769bd3e594fb173dd873c7d9a3fd20939ad1d5867881ed77a078007b4972aba36cae02004373a6a74d74cb15a52c5f8426cb6f235d38048fd91f5d6100fd58a335df10add227d804167ba191c7a035c5a2a916e7fef18a6003578820b3e0be26a22f2c149f40a0335cadcca64a5e44179e6ce4d7f7c16e8a96c5be7cdf66eef901cb8eeabc94bae30acca8c6fa02889c32311044dcbc9a2e02e0632f7f9aa96849abede543773745e4652fccc503003f10cd68ddab594969ad36cb622ed7ba22dc46a80fb63ac2c561a80ae5c10b295b9f75d9536ba1ac24b8e9ae217611ffe79cb9422158475c1a89a51547d13c03b68d75ffb5717a35f381774567871e9e4190272c97eafcfa0a07a751d0bc8eeb0c206e12b2cff1065a3d5622635fa44c0dcb0722ad4c97e6b7d5844b2e9bab9ba1d083fa2930a3ea267d7f15d817e2b2e055ccfbaf019292f6156efd3a9a13ea90ecf59fc1bf35c6626db1c6759a50ed84acefd3cdb3532da1f23a262055223e7a3a62f15eeb8060dc9cfa30e6783757ae2f0ac6ed75d3212591ccd73de4aed62fda77585403cb2d1446e86c12fc6ad1b8f954960a439a096ec3bf1dcc6e8cff12c8abe42391d75c0861ddd448b7dbf208cf748c9de", 0x2b7}], 0x1, &(0x7f0000000e00)}, 0x8000) sendmsg(r1, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000500)="d09a0e63c9476288b671afdbd53a5994e137381f62021d1951b627b8dda57a5d17d744648c81c5703ed8146ab1b0171f89091b1dd3238d03dbb686df460963245dedf2013ee555af99499e44ad420dbf65fd46fbc99a1274429e2d5783751815828ec8cb3553110cca66460215353d19f6d8bbd8fb264eddea60b18e16c31aa5e200000491634ac2fd10e2cd30bcd7fede24263a7fff16e53ea293f3551b7147c33a44ea437fb1515c3e8d4f162fdebf8ebe11ae6fcd9372c8d8f19556ae091fe94215ae9434da412f6fa4cb6561e5f78ff9707844ee5d573fb294437722d9a06dfa61748c32c73d759933a8dd344c947d3efdbe90d0eb049df5fbb0c19f6785264b619c530d97395d44b04f7e2a280d658c7871ad373b792678c49227999651ef3b2ee1bc2b8f3035db376e8e09aa3837233c8713065a8ad131d24f6c42a3220d0e07c3d3e95d59a5dd10c09716b5f874ecf53aadfa5050ff40f2c3c4a629b6445e5836100afff5a8977583653b40ca316f8f11416e5c1bd5499636ddae25fc4970b37209cf5c0bf8e432160c258d14223baa52798e09858645773dd97e68a9531072713cff077b2e73e03ed4f145e9199c126a7f235e5674a3c7f5c7129ac7c1a3319590249b6d34ef6c3d8b94c6fc7cdcbddb053243053f7bc1f230d3bc7dfc4359e33992d0a3946b914a093287a76ac4a249b5b86cc75476466e409553355fefab75e9268a8751ffc9481fcff1f49c475699595b315e2147eebe8b7291600c6b1cf7c8f24d587b9464a67e5ccec17820e711b98f4f7d5053642068a3fff704c3fe35ba862b53e2622d6e8b4a4c815fb2ea90ef63e141209dd29254e5ab5bde9c6857b3cb184586049e7741b2d8b5b1a19e99e1834a25959155720c1c0ef84d9d3c42e1ba282847d476cef0228b1422aba08e5f3c1cd279bbd1c5303c2e9c16a0da4f88f770fca118b09e92b51a33970e32ade0c74eee1b31a420d7914c9d75db25855ae32798edc1b47e0f0f88429b2b60ae63", 0x2d5}], 0x1, &(0x7f0000003b40)}, 0x0) 03:41:08 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x6, 0x1) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0xc00, 0x0) ioctl$LOOP_SET_FD(r0, 0x4c00, r1) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x29) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x0, &(0x7f0000000080)) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000000140)=""/78, 0x4e) r3 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x5, 0x20080) ioctl$LOOP_GET_STATUS(r3, 0x4c03, &(0x7f0000000440)) ioctl$SCSI_IOCTL_GET_IDLUN(r3, 0x5382, &(0x7f00000000c0)) [ 2746.894069] FAULT_INJECTION: forcing a failure. [ 2746.894069] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2746.905927] CPU: 1 PID: 4443 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2746.914253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2746.923615] Call Trace: [ 2746.926220] dump_stack+0x1c9/0x2b4 [ 2746.929884] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2746.935101] ? kasan_check_read+0x11/0x20 [ 2746.939269] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2746.944829] should_fail.cold.4+0xa/0x11 [ 2746.948911] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2746.954038] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2746.959088] ? trace_hardirqs_on+0x10/0x10 [ 2746.963360] ? trace_hardirqs_on+0x10/0x10 [ 2746.967608] ? lock_acquire+0x1e4/0x540 [ 2746.971593] ? is_bpf_text_address+0xae/0x170 [ 2746.972998] tmpfs: No value for mount option '/dev/usbmon#' [ 2746.976106] ? lock_downgrade+0x8f0/0x8f0 [ 2746.976131] ? __sanitizer_cov_trace_cmp4+0x16/0x20 03:41:09 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000004fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xab) signalfd(r0, &(0x7f0000000000)={0x8}, 0xffffffffffffff6f) ioctl(r0, 0x80984120, &(0x7f0000001f64)) setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000040)={0x0, 0x80000000, 0x60e, 0x2}, 0x10) [ 2746.976153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2746.976172] ? should_fail+0x246/0xd86 [ 2747.000483] ? is_bpf_text_address+0xae/0x170 [ 2747.004996] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2747.010110] ? should_fail+0x246/0xd86 [ 2747.014014] __alloc_pages_nodemask+0x36e/0xdb0 [ 2747.018706] ? kasan_check_read+0x11/0x20 [ 2747.022855] ? rcu_is_watching+0x8c/0x150 [ 2747.027005] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 2747.032023] ? is_bpf_text_address+0xd7/0x170 [ 2747.036528] ? kernel_text_address+0x79/0xf0 [ 2747.040935] ? __kernel_text_address+0xd/0x40 [ 2747.045433] ? lock_acquire+0x1e4/0x540 [ 2747.049407] ? fs_reclaim_acquire+0x20/0x20 [ 2747.053731] ? lock_downgrade+0x8f0/0x8f0 [ 2747.057890] ? fs_reclaim_acquire+0x20/0x20 [ 2747.062212] ? lock_release+0xa30/0xa30 [ 2747.066183] ? check_same_owner+0x340/0x340 [ 2747.070506] cache_grow_begin+0x91/0x710 [ 2747.074571] kmem_cache_alloc+0x689/0x760 [ 2747.078719] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 2747.083561] getname_kernel+0x54/0x370 [ 2747.087446] kern_path+0x1e/0x40 [ 2747.090810] lookup_bdev+0x10c/0x250 [ 2747.094523] ? blkdev_open+0x280/0x280 [ 2747.098408] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2747.103165] blkdev_get_by_path+0x1f/0xe0 [ 2747.107310] mount_bdev+0x61/0x3e0 [ 2747.110849] ? finish_unfinished+0x14e0/0x14e0 [ 2747.115429] get_super_block+0x3c/0x50 [ 2747.119315] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2747.123633] legacy_get_tree+0x118/0x440 [ 2747.127697] vfs_get_tree+0x1cb/0x5c0 [ 2747.131498] ? vfs_set_fs_source+0x12c/0x180 [ 2747.135918] do_mount+0x6c1/0x1fb0 [ 2747.139459] ? check_same_owner+0x340/0x340 [ 2747.144214] ? lock_release+0xa30/0xa30 [ 2747.148187] ? copy_mount_string+0x40/0x40 [ 2747.152421] ? kasan_kmalloc+0xc4/0xe0 [ 2747.156310] ? kmem_cache_alloc_trace+0x318/0x780 [ 2747.161151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2747.166686] ? _copy_from_user+0xdf/0x150 [ 2747.170836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2747.176371] ? copy_mount_options+0x285/0x380 [ 2747.180863] ksys_mount+0x12d/0x140 [ 2747.184488] __x64_sys_mount+0xbe/0x150 [ 2747.188465] do_syscall_64+0x1b9/0x820 [ 2747.192347] ? finish_task_switch+0x1d3/0x870 [ 2747.196840] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2747.201785] ? syscall_return_slowpath+0x31d/0x5e0 [ 2747.206724] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2747.211742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2747.217278] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2747.222290] ? perf_trace_sys_enter+0xb10/0xb10 [ 2747.226959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2747.231803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2747.236988] RIP: 0033:0x45885a [ 2747.240165] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2747.259435] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2747.267143] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2747.274429] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2747.281706] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 03:41:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:09 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x17, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:09 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2747.288968] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2747.296228] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002b 03:41:09 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xe, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:09 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = inotify_init1(0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x80000005) inotify_add_watch(r0, &(0x7f0000ac5000)='./file0\x00', 0xa400295c) r2 = open(&(0x7f0000fa3000)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000040)='./file0\x00') setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000080)={0x9}, 0x4) dup2(r0, r2) 03:41:09 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reis\nrfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2747.336607] REISERFS warning (device loop4): sh-2021 reiserfs_fill_super: can not find reiserfs on loop4 03:41:09 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) msgget(0x3, 0x2c0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000140)=0xc) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000000)=0x4, 0x4) 03:41:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:09 executing program 4 (fault-call:0 fault-nth:44): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:09 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3f00, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:09 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1a4, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:09 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000088cff6)='/dev/ptmx\x00', 0x1000000000001, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) write(r0, &(0x7f000054bfba)="4f7ad0c9edb302486f1748144523c0c253773e00d49ba39063e2432e8de58f5930fd07000000dcf50bbc54b70c0ea17b4728dde5f9eedfc811ff1f75642558334444c9fe3d13", 0x46) r1 = syz_open_pts(r0, 0x2) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="10", 0x1}], 0x1) r2 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x7ff, 0x4040) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000200)=0x3a410, 0x4) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000140)={0x1, 0x4, 0x27, 0x0, 0x1, 0x3ff, 0x4, 0x4, 0x4, 0x0, 0x101, 0x34}) r3 = gettid() getpeername$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x800) connect$netlink(r4, &(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfb, 0x200200}, 0xc) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1000000000016) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)) 03:41:09 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reis%rfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:09 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:10 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:10 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2747.997189] FAULT_INJECTION: forcing a failure. [ 2747.997189] name failslab, interval 1, probability 0, space 0, times 0 [ 2748.008528] CPU: 1 PID: 4492 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2748.016850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2748.026205] Call Trace: [ 2748.028806] dump_stack+0x1c9/0x2b4 [ 2748.032450] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2748.037686] should_fail.cold.4+0xa/0x11 [ 2748.041773] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:41:10 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x57, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2748.046890] ? lock_release+0xa30/0xa30 [ 2748.050876] ? check_same_owner+0x340/0x340 [ 2748.055208] ? check_same_owner+0x340/0x340 [ 2748.059545] ? trace_hardirqs_on+0x10/0x10 [ 2748.063807] ? lock_acquire+0x1e4/0x540 [ 2748.067785] ? blkdev_get+0x5f2/0xb50 [ 2748.071590] ? lo_open+0x1b/0xb0 [ 2748.074971] ? lock_acquire+0x1e4/0x540 [ 2748.078956] ? fs_reclaim_acquire+0x20/0x20 [ 2748.083293] ? lock_downgrade+0x8f0/0x8f0 [ 2748.087455] ? check_same_owner+0x340/0x340 [ 2748.091786] ? kasan_check_write+0x14/0x20 03:41:10 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3f00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2748.096030] ? rcu_note_context_switch+0x730/0x730 [ 2748.100977] __should_failslab+0x124/0x180 [ 2748.105225] should_failslab+0x9/0x14 [ 2748.109035] kmem_cache_alloc_trace+0x2cb/0x780 [ 2748.113714] ? check_same_owner+0x340/0x340 [ 2748.118044] ? m_show+0x5d0/0x5d0 [ 2748.121515] ? rcu_note_context_switch+0x730/0x730 [ 2748.126466] alloc_super+0xd4/0xb10 [ 2748.130114] ? destroy_unused_super.part.11+0x110/0x110 [ 2748.135489] ? sget_userns+0x17c/0x860 [ 2748.139386] ? lock_downgrade+0x8f0/0x8f0 [ 2748.143552] ? kasan_check_read+0x11/0x20 03:41:10 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:10 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x606cfafffed2a3b0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2748.147710] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2748.152125] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2748.156716] ? kasan_check_write+0x14/0x20 [ 2748.160960] ? do_raw_spin_lock+0xc1/0x200 [ 2748.165214] sget_userns+0x276/0x860 [ 2748.168943] ? kill_litter_super+0x60/0x60 [ 2748.173191] ? test_single_super+0x10/0x10 [ 2748.177433] ? vfs_get_super+0x270/0x270 [ 2748.181528] ? kasan_check_read+0x11/0x20 [ 2748.185680] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2748.190268] ? kasan_check_write+0x14/0x20 [ 2748.194505] ? do_raw_spin_lock+0xc1/0x200 [ 2748.198756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2748.204296] ? ns_capable_common+0x13f/0x170 [ 2748.208713] ? kill_litter_super+0x60/0x60 [ 2748.212953] sget+0x10b/0x150 [ 2748.216059] ? test_single_super+0x10/0x10 [ 2748.220301] mount_bdev+0x115/0x3e0 [ 2748.223934] ? finish_unfinished+0x14e0/0x14e0 [ 2748.228530] get_super_block+0x3c/0x50 [ 2748.232420] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2748.236744] legacy_get_tree+0x118/0x440 [ 2748.240807] vfs_get_tree+0x1cb/0x5c0 03:41:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2748.244606] ? vfs_set_fs_source+0x12c/0x180 [ 2748.249018] do_mount+0x6c1/0x1fb0 [ 2748.252559] ? check_same_owner+0x340/0x340 [ 2748.256880] ? lock_release+0xa30/0xa30 [ 2748.260863] ? copy_mount_string+0x40/0x40 [ 2748.265104] ? kasan_kmalloc+0xc4/0xe0 [ 2748.268996] ? kmem_cache_alloc_trace+0x318/0x780 [ 2748.273847] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2748.279391] ? _copy_from_user+0xdf/0x150 [ 2748.283546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2748.289085] ? copy_mount_options+0x285/0x380 [ 2748.293586] ksys_mount+0x12d/0x140 [ 2748.297220] __x64_sys_mount+0xbe/0x150 [ 2748.301192] do_syscall_64+0x1b9/0x820 [ 2748.305073] ? finish_task_switch+0x1d3/0x870 [ 2748.309564] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2748.314490] ? syscall_return_slowpath+0x31d/0x5e0 [ 2748.319418] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2748.324481] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2748.330035] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2748.335048] ? perf_trace_sys_enter+0xb10/0xb10 [ 2748.339714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2748.344557] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2748.349739] RIP: 0033:0x45885a [ 2748.352913] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2748.372191] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2748.379897] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2748.387163] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2748.394427] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2748.401693] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2748.408959] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002c 03:41:11 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(des3_ede-generic)\x00'}, 0x58) r4 = accept4(r3, 0x0, &(0x7f00000000c0)=0x4b0c5cad44d3c081, 0x0) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) sendmsg$can_raw(r4, &(0x7f0000000780)={&(0x7f00000002c0)={0x1d}, 0x10, &(0x7f0000000300)={&(0x7f0000000700)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "d6014fda6d53632e58c81cba3c1f5f970096fa9a24157805ad26ec730a4167a949dc59c56783d6f6ab9ca952a43c5bde20b0a8e1d40f966aaac42b39cf84aefc"}, 0x48}, 0x1}, 0x0) recvmsg$kcm(r4, &(0x7f00000006c0)={&(0x7f0000000140)=@pptp={0x0, 0x0, {0x0, @multicast1}}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000500)=""/59, 0x3b}], 0x1, &(0x7f00000005c0)=""/222, 0xde}, 0x0) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:11 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x18f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:11 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x900, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:11 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfc030000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:11 executing program 4 (fault-call:0 fault-nth:45): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:11 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reise\nfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:11 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000088cff6)='/dev/ptmx\x00', 0x1000000000001, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) write(r0, &(0x7f000054bfba)="4f7ad0c9edb302486f1748144523c0c253773e00d49ba39063e2432e8de58f5930fd07000000dcf50bbc54b70c0ea17b4728dde5f9eedfc811ff1f75642558334444c9fe3d13", 0x46) r1 = syz_open_pts(r0, 0x2) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="10", 0x1}], 0x1) r2 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x7ff, 0x4040) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000200)=0x3a410, 0x4) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000140)={0x1, 0x4, 0x27, 0x0, 0x1, 0x3ff, 0x4, 0x4, 0x4, 0x0, 0x101, 0x34}) r3 = gettid() getpeername$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x800) connect$netlink(r4, &(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfb, 0x200200}, 0xc) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1000000000016) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)) [ 2749.155519] FAULT_INJECTION: forcing a failure. [ 2749.155519] name failslab, interval 1, probability 0, space 0, times 0 [ 2749.166893] CPU: 0 PID: 4540 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2749.175214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2749.184570] Call Trace: [ 2749.187166] dump_stack+0x1c9/0x2b4 [ 2749.190790] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2749.195976] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2749.200991] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 2749.205751] should_fail.cold.4+0xa/0x11 [ 2749.209814] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2749.214914] ? should_fail+0x246/0xd86 [ 2749.218802] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2749.223904] ? kasan_check_read+0x11/0x20 [ 2749.228048] ? rcu_is_watching+0x8c/0x150 [ 2749.232201] ? is_bpf_text_address+0xd7/0x170 [ 2749.236696] ? kernel_text_address+0x79/0xf0 [ 2749.241103] ? __kernel_text_address+0xd/0x40 [ 2749.245601] ? lock_acquire+0x1e4/0x540 [ 2749.249582] ? fs_reclaim_acquire+0x20/0x20 [ 2749.253922] ? lock_downgrade+0x8f0/0x8f0 [ 2749.258077] ? fs_reclaim_acquire+0x20/0x20 [ 2749.262414] ? check_same_owner+0x340/0x340 [ 2749.266747] ? check_same_owner+0x340/0x340 [ 2749.271095] ? rcu_note_context_switch+0x730/0x730 [ 2749.276036] ? rcu_note_context_switch+0x730/0x730 [ 2749.280975] __should_failslab+0x124/0x180 [ 2749.285218] should_failslab+0x9/0x14 [ 2749.289021] kmem_cache_alloc+0x2af/0x760 [ 2749.293169] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 2749.298009] ? trace_hardirqs_off+0xd/0x10 [ 2749.302252] getname_kernel+0x54/0x370 [ 2749.306140] kern_path+0x1e/0x40 [ 2749.309509] lookup_bdev+0x10c/0x250 [ 2749.313237] ? blkdev_open+0x280/0x280 [ 2749.317136] ? check_same_owner+0x340/0x340 [ 2749.321468] ? debug_mutex_init+0x2d/0x60 [ 2749.325634] blkdev_get_by_path+0x1f/0xe0 [ 2749.329885] mount_bdev+0x61/0x3e0 [ 2749.333694] ? finish_unfinished+0x14e0/0x14e0 [ 2749.338285] get_super_block+0x3c/0x50 [ 2749.342180] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2749.346517] legacy_get_tree+0x118/0x440 [ 2749.350591] vfs_get_tree+0x1cb/0x5c0 03:41:11 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x307, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:11 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1700000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:11 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2749.354400] ? vfs_set_fs_source+0x12c/0x180 [ 2749.358822] do_mount+0x6c1/0x1fb0 [ 2749.362379] ? check_same_owner+0x340/0x340 [ 2749.366705] ? lock_release+0xa30/0xa30 [ 2749.370692] ? copy_mount_string+0x40/0x40 [ 2749.374934] ? kasan_kmalloc+0xc4/0xe0 [ 2749.378829] ? kmem_cache_alloc_trace+0x318/0x780 [ 2749.383684] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2749.389231] ? _copy_from_user+0xdf/0x150 [ 2749.393394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2749.398954] ? copy_mount_options+0x285/0x380 03:41:11 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:11 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:11 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x29c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0xfffffdfd], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2749.403459] ksys_mount+0x12d/0x140 [ 2749.407094] __x64_sys_mount+0xbe/0x150 [ 2749.411178] do_syscall_64+0x1b9/0x820 [ 2749.415066] ? finish_task_switch+0x1d3/0x870 [ 2749.419568] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2749.424503] ? syscall_return_slowpath+0x31d/0x5e0 [ 2749.429440] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2749.434465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2749.440007] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2749.445027] ? perf_trace_sys_enter+0xb10/0xb10 [ 2749.449701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2749.454556] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2749.459747] RIP: 0033:0x45885a [ 2749.462931] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2749.482174] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2749.489898] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2749.497177] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2749.504452] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2749.511725] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2749.519353] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002d 03:41:12 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000000)={0x7f}, 0x4) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:12 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:12 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1300000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xcb, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:12 executing program 4 (fault-call:0 fault-nth:46): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:12 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reise%fs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:12 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000088cff6)='/dev/ptmx\x00', 0x1000000000001, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) write(r0, &(0x7f000054bfba)="4f7ad0c9edb302486f1748144523c0c253773e00d49ba39063e2432e8de58f5930fd07000000dcf50bbc54b70c0ea17b4728dde5f9eedfc811ff1f75642558334444c9fe3d13", 0x46) r1 = syz_open_pts(r0, 0x2) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="10", 0x1}], 0x1) r2 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x7ff, 0x4040) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000200)=0x3a410, 0x4) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000140)={0x1, 0x4, 0x27, 0x0, 0x1, 0x3ff, 0x4, 0x4, 0x4, 0x0, 0x101, 0x34}) r3 = gettid() getpeername$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x800) connect$netlink(r4, &(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfb, 0x200200}, 0xc) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1000000000016) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)) [ 2750.457487] FAULT_INJECTION: forcing a failure. [ 2750.457487] name failslab, interval 1, probability 0, space 0, times 0 [ 2750.468778] CPU: 0 PID: 4592 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2750.477098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2750.486465] Call Trace: [ 2750.489057] dump_stack+0x1c9/0x2b4 [ 2750.492683] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2750.497878] should_fail.cold.4+0xa/0x11 [ 2750.501940] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2750.507047] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2750.512578] ? find_next_zero_bit+0x111/0x140 [ 2750.517071] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2750.521477] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2750.526058] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2750.531087] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 2750.536102] ? find_next_bit+0x104/0x130 [ 2750.540165] ? cpumask_next+0x24/0x30 [ 2750.543962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2750.549502] ? pcpu_alloc+0x190/0x13a0 03:41:12 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfa4bd2feff3c56a0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:12 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2750.553434] ? kmem_cache_alloc_trace+0x152/0x780 [ 2750.558286] ? lock_acquire+0x1e4/0x540 [ 2750.562263] ? fs_reclaim_acquire+0x20/0x20 [ 2750.566587] ? lock_downgrade+0x8f0/0x8f0 [ 2750.570733] ? pcpu_balance_workfn+0x1700/0x1700 [ 2750.575492] ? lo_open+0x1b/0xb0 [ 2750.578857] ? check_same_owner+0x340/0x340 [ 2750.583208] ? rcu_note_context_switch+0x730/0x730 [ 2750.588137] ? lock_acquire+0x1e4/0x540 [ 2750.592109] __should_failslab+0x124/0x180 [ 2750.596359] should_failslab+0x9/0x14 [ 2750.600175] __kmalloc+0x2c8/0x760 [ 2750.603735] ? kasan_check_write+0x14/0x20 03:41:12 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xe867b4fffef5e111, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2750.607985] ? __init_rwsem+0x1cc/0x2a0 [ 2750.611975] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 2750.617290] ? prealloc_shrinker+0x124/0x480 [ 2750.621731] ? __lockdep_init_map+0x105/0x590 [ 2750.626246] prealloc_shrinker+0x124/0x480 [ 2750.630496] ? __init_waitqueue_head+0x9e/0x150 [ 2750.635174] ? inactive_list_is_low+0x850/0x850 [ 2750.639854] ? __lockdep_init_map+0x105/0x590 [ 2750.644358] alloc_super+0x8dd/0xb10 [ 2750.648083] ? destroy_unused_super.part.11+0x110/0x110 [ 2750.653473] ? lock_downgrade+0x8f0/0x8f0 03:41:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:12 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2750.657627] ? kasan_check_read+0x11/0x20 [ 2750.661783] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2750.666370] ? kasan_check_write+0x14/0x20 [ 2750.670609] ? do_raw_spin_lock+0xc1/0x200 [ 2750.674855] sget_userns+0x276/0x860 [ 2750.678570] ? kill_litter_super+0x60/0x60 [ 2750.682806] ? test_single_super+0x10/0x10 [ 2750.687045] ? vfs_get_super+0x270/0x270 [ 2750.691109] ? kasan_check_read+0x11/0x20 [ 2750.695264] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2750.699856] ? kasan_check_write+0x14/0x20 [ 2750.704093] ? do_raw_spin_lock+0xc1/0x200 03:41:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2750.708350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2750.713894] ? ns_capable_common+0x13f/0x170 [ 2750.718307] ? kill_litter_super+0x60/0x60 [ 2750.722544] sget+0x10b/0x150 [ 2750.725652] ? test_single_super+0x10/0x10 [ 2750.730332] mount_bdev+0x115/0x3e0 [ 2750.733965] ? finish_unfinished+0x14e0/0x14e0 [ 2750.738555] get_super_block+0x3c/0x50 [ 2750.742447] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2750.746774] legacy_get_tree+0x118/0x440 [ 2750.750842] vfs_get_tree+0x1cb/0x5c0 [ 2750.754659] ? vfs_set_fs_source+0x12c/0x180 03:41:12 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2d4, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2750.759086] do_mount+0x6c1/0x1fb0 [ 2750.762641] ? kasan_check_read+0x11/0x20 [ 2750.766794] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2750.771210] ? copy_mount_string+0x40/0x40 [ 2750.775451] ? kasan_kmalloc+0xc4/0xe0 [ 2750.779347] ? kmem_cache_alloc_trace+0x318/0x780 [ 2750.784201] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2750.789744] ? copy_mount_options+0x285/0x380 [ 2750.794249] ksys_mount+0x12d/0x140 [ 2750.797910] __x64_sys_mount+0xbe/0x150 [ 2750.801892] do_syscall_64+0x1b9/0x820 [ 2750.805780] ? finish_task_switch+0x1d3/0x870 [ 2750.810280] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2750.815218] ? syscall_return_slowpath+0x31d/0x5e0 [ 2750.820160] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2750.825184] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2750.830729] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2750.835754] ? perf_trace_sys_enter+0xb10/0xb10 [ 2750.840433] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2750.845295] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2750.850485] RIP: 0033:0x45885a [ 2750.853668] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2750.872895] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2750.880628] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2750.887907] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2750.895180] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2750.902477] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2750.909745] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002e 03:41:13 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000080005, 0x80000003f) fsync(r0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x7, 0x4) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x209, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:13 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:13 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1b, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:13 executing program 4 (fault-call:0 fault-nth:47): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:13 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserls\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:13 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f000088cff6)='/dev/ptmx\x00', 0x1000000000001, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) write(r0, &(0x7f000054bfba)="4f7ad0c9edb302486f1748144523c0c253773e00d49ba39063e2432e8de58f5930fd07000000dcf50bbc54b70c0ea17b4728dde5f9eedfc811ff1f75642558334444c9fe3d13", 0x46) r1 = syz_open_pts(r0, 0x2) writev(r1, &(0x7f0000000040)=[{&(0x7f0000000180)="10", 0x1}], 0x1) r2 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x7ff, 0x4040) setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000000200)=0x3a410, 0x4) ioctl$TCSETS(r0, 0x5402, &(0x7f0000000140)={0x1, 0x4, 0x27, 0x0, 0x1, 0x3ff, 0x4, 0x4, 0x4, 0x0, 0x101, 0x34}) r3 = gettid() getpeername$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x800) connect$netlink(r4, &(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfb, 0x200200}, 0xc) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1000000000016) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)) [ 2751.714279] FAULT_INJECTION: forcing a failure. [ 2751.714279] name failslab, interval 1, probability 0, space 0, times 0 [ 2751.725601] CPU: 1 PID: 4636 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2751.733923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2751.743286] Call Trace: [ 2751.745892] dump_stack+0x1c9/0x2b4 [ 2751.749530] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2751.754862] should_fail.cold.4+0xa/0x11 [ 2751.758941] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2751.764074] ? save_stack+0xa9/0xd0 [ 2751.767711] ? save_stack+0x43/0xd0 [ 2751.771349] ? kasan_kmalloc+0xc4/0xe0 [ 2751.775245] ? __kmalloc+0x14e/0x760 [ 2751.778968] ? __list_lru_init+0x151/0x840 [ 2751.783207] ? alloc_super+0x976/0xb10 [ 2751.787102] ? sget_userns+0x276/0x860 [ 2751.790994] ? sget+0x10b/0x150 [ 2751.794280] ? mount_bdev+0x115/0x3e0 [ 2751.798156] ? get_super_block+0x3c/0x50 [ 2751.802223] ? legacy_get_tree+0x118/0x440 [ 2751.806468] ? vfs_get_tree+0x1cb/0x5c0 [ 2751.810453] ? do_mount+0x6c1/0x1fb0 03:41:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1c7, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:13 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) sendmsg$nfc_llcp(r0, &(0x7f0000001480)={&(0x7f0000000200)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "801e673bb06bc9452f0dc8d6882d81b82ba166767351b6a78dd137571501a1ccc7ee62ae266277cad1a2ec4ae55e1cb81d3cd18af5070b0af201087d25ab94"}, 0x60, &(0x7f0000001400)}, 0x0) rt_sigreturn() 03:41:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:13 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:13 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x16, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2751.814178] ? ksys_mount+0x12d/0x140 [ 2751.817994] ? __x64_sys_mount+0xbe/0x150 [ 2751.822156] ? do_syscall_64+0x1b9/0x820 [ 2751.826233] ? lock_acquire+0x1e4/0x540 [ 2751.830221] ? fs_reclaim_acquire+0x20/0x20 [ 2751.834558] ? lock_downgrade+0x8f0/0x8f0 [ 2751.838718] ? check_same_owner+0x340/0x340 [ 2751.843047] ? rcu_note_context_switch+0x730/0x730 [ 2751.848046] __should_failslab+0x124/0x180 [ 2751.852297] should_failslab+0x9/0x14 [ 2751.856110] kmem_cache_alloc_node_trace+0x26f/0x770 [ 2751.861227] ? kasan_kmalloc+0xc4/0xe0 [ 2751.865129] __kmalloc_node+0x33/0x70 [ 2751.868929] kvmalloc_node+0x65/0xf0 [ 2751.872661] __list_lru_init+0x5d9/0x840 [ 2751.877431] ? list_lru_destroy+0x500/0x500 [ 2751.881751] ? prealloc_shrinker+0x213/0x480 [ 2751.886153] ? __init_waitqueue_head+0x9e/0x150 [ 2751.890813] ? inactive_list_is_low+0x850/0x850 [ 2751.895479] ? __lockdep_init_map+0x105/0x590 [ 2751.899964] alloc_super+0x976/0xb10 [ 2751.903681] ? destroy_unused_super.part.11+0x110/0x110 [ 2751.909036] ? lock_downgrade+0x8f0/0x8f0 [ 2751.913176] ? kasan_check_read+0x11/0x20 [ 2751.917312] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2751.921888] ? kasan_check_write+0x14/0x20 [ 2751.926110] ? do_raw_spin_lock+0xc1/0x200 [ 2751.930338] sget_userns+0x276/0x860 [ 2751.934038] ? kill_litter_super+0x60/0x60 [ 2751.938261] ? test_single_super+0x10/0x10 [ 2751.942567] ? vfs_get_super+0x270/0x270 [ 2751.946614] ? kasan_check_read+0x11/0x20 [ 2751.950751] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2751.955324] ? kasan_check_write+0x14/0x20 [ 2751.959541] ? do_raw_spin_lock+0xc1/0x200 [ 2751.963779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2751.969304] ? ns_capable_common+0x13f/0x170 [ 2751.973700] ? kill_litter_super+0x60/0x60 [ 2751.977942] sget+0x10b/0x150 [ 2751.981034] ? test_single_super+0x10/0x10 [ 2751.985257] mount_bdev+0x115/0x3e0 [ 2751.988870] ? finish_unfinished+0x14e0/0x14e0 [ 2751.993441] get_super_block+0x3c/0x50 [ 2751.997318] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2752.001624] legacy_get_tree+0x118/0x440 [ 2752.005682] vfs_get_tree+0x1cb/0x5c0 [ 2752.010606] ? vfs_set_fs_source+0x12c/0x180 [ 2752.015028] do_mount+0x6c1/0x1fb0 [ 2752.018556] ? check_same_owner+0x340/0x340 [ 2752.022862] ? lock_release+0xa30/0xa30 [ 2752.026825] ? copy_mount_string+0x40/0x40 [ 2752.031049] ? kasan_kmalloc+0xc4/0xe0 [ 2752.034934] ? kmem_cache_alloc_trace+0x318/0x780 [ 2752.039768] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2752.045305] ? _copy_from_user+0xdf/0x150 [ 2752.049444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2752.054968] ? copy_mount_options+0x285/0x380 [ 2752.059460] ksys_mount+0x12d/0x140 [ 2752.063075] __x64_sys_mount+0xbe/0x150 [ 2752.067040] do_syscall_64+0x1b9/0x820 [ 2752.070913] ? syscall_slow_exit_work+0x500/0x500 [ 2752.075829] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2752.080752] ? syscall_return_slowpath+0x31d/0x5e0 [ 2752.085671] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2752.091193] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2752.096194] ? perf_trace_sys_enter+0xb10/0xb10 [ 2752.100848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2752.105686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2752.110860] RIP: 0033:0x45885a [ 2752.114032] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2752.133313] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2752.141014] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2752.148271] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2752.155523] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 03:41:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:14 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x293f80feff94fdd8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2752.162775] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2752.170031] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000002f 03:41:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfc03000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:14 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000a00)={@loopback, 0x0}, &(0x7f0000000a40)=0x14) sendto$packet(r0, &(0x7f0000000140)="45fe93236143b902f75928b01d440e4f9a54a2ad37b8926fe022262bb65bb40d115e9b5f0a32c622f65e706823e81ba4dde858ce634172ae27b626fe0b9f7f096df6023619133a6ca16bea4880df4b6a04918744e32c62408cda74115d92beecaa6be64937b4a1c197540db7c5c8aef87da296f1df01e921fa92981d3640ba2f550ea928da440889a74158cc410e4c3aa8fe34f9bd3fb1e286c164d1f94db551aeb37d39e7c9a82bd713f2a7debfc8125a4695f1d3954c7376d54368712da619ca77cde816c0c09e64de5f4a", 0xcc, 0x8080, &(0x7f0000000a80)={0x11, 0x0, r3, 0x1, 0x7f, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0xd) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) pwrite64(r0, &(0x7f0000000000)="741c9ea86cdb1695fea1d0dbb89570157d069131ff4b167ec50f646c4b03c17da3306130bbc447676592a972de", 0x2d, 0x0) 03:41:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x284, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:14 executing program 5: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000000c0)=0x0) clock_gettime(0x0, &(0x7f0000007040)={0x0, 0x0}) recvmmsg(0xffffffffffffff9c, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f0000003500)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000001180)=""/192, 0xc0}, {&(0x7f0000001240)=""/88, 0x58}, {&(0x7f00000012c0)=""/4096, 0x1000}, {&(0x7f0000000100)=""/40, 0x28}, {&(0x7f00000022c0)=""/4096, 0x1000}, {&(0x7f00000032c0)=""/145, 0x91}, {&(0x7f0000003380)=""/98, 0x62}, {&(0x7f0000003400)=""/202, 0xca}], 0x9, &(0x7f00000035c0)=""/49, 0x31, 0x7}, 0x85}, {{&(0x7f0000003600)=@nfc_llcp, 0x80, &(0x7f0000005a80)=[{&(0x7f0000003680)=""/146, 0x92}, {&(0x7f0000003740)=""/96, 0x60}, {&(0x7f00000037c0)=""/143, 0x8f}, {&(0x7f0000003880)=""/4096, 0x1000}, {&(0x7f0000004880)=""/4096, 0x1000}, {&(0x7f0000005880)=""/249, 0xf9}, {&(0x7f0000005980)=""/88, 0x58}, {&(0x7f0000005a00)=""/75, 0x4b}], 0x8, 0x0, 0x0, 0x9}, 0x4}, {{&(0x7f0000005b00)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, 0x80, &(0x7f0000005bc0)=[{&(0x7f0000005b80)=""/34, 0x22}], 0x1, &(0x7f0000005c00)=""/25, 0x19, 0x1}, 0xff}, {{&(0x7f0000005c40)=@sco, 0x80, &(0x7f0000006ec0)=[{&(0x7f0000005cc0)=""/64, 0x40}, {&(0x7f0000005d00)=""/43, 0x2b}, {&(0x7f0000005d40)=""/4096, 0x1000}, {&(0x7f0000006d40)=""/42, 0x2a}, {&(0x7f0000006d80)=""/56, 0x38}, {&(0x7f0000006dc0)=""/204, 0xcc}], 0x6, 0x0, 0x0, 0x7ab7}, 0x2}], 0x4, 0x40002100, &(0x7f0000007080)={r1, r2+10000000}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000007100)={{{@in=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in6=@mcast1}}, &(0x7f0000007200)=0xe8) r5 = accept4$inet(0xffffffffffffff9c, &(0x7f0000007240)={0x0, 0x0, @broadcast}, &(0x7f0000007280)=0x10, 0x80000) sendmsg$nl_generic(r3, &(0x7f0000008880)={&(0x7f00000070c0)={0x10, 0x0, 0x0, 0x80003010}, 0xc, &(0x7f0000008840)={&(0x7f00000072c0)={0x154c, 0x14, 0x101, 0x70bd25, 0x25dfdbfb, {0x18}, [@typed={0x8, 0x72, @ipv4=@broadcast=0xffffffff}, @nested={0x12c0, 0x80, [@generic="1beb7b172766835de1ce2992a814566f9bcd05273e88f64d357d7c52001cb2ac8fb27d3293bc5098765382d27926adbbddffc8116a88b2219b26d94f3bae96f5353ca0b902d86f5ea3801d4b57beff6e19dd63abafd9dd4d3773dfb8526bb9b6671637d8294740cc5be9fd126bdb1ecedfbfadda93e13b9287ab76be183d7f003a55a4a4d16f7596df769c68722758b69266e7f203e20437b9ff9bbcb24ee8c2bb7abdc52a69cce7c0bbe45ac9cd7491b1a7796294c9c702af2b9116d1fa2c0c629dfebcd547445839e295bb98bc17a06ea263dcb5a8c81fe29862a630e7f3782dbc04fd21238973b5e1cffc75cc387c5ca8278151ace74525b24c96f5cc45d84600e98b46f1de3c99a936914a55bd460606ac030dc85fe6a78312c2cc66e6df789ff6f20e73e9b95b2f40bb1c6872fba6120ac75a737939e5841e29c5a5c94e4b607bdf77c587ed9b6636f1bba385a4bf3510ce318588d61aba6e91e57cb57c970351eb72745fff6f359f1594e917a652c13976f4e261b18dfcd7b87dd35b51e185a5618e03dea6df91c3e73fb2cbfb97b0f6a57ab7bc42d592758a6a118970a252d33f41ca292daf1f292ca31548b31105abf773b479e57aef8325cd72f27765dbad78f43629ad91215adf5182f3ad64e4e857cd33f1f063004c540ab07c00c933c50adacf50d6bfe7d73197c21f60eaf3460d3def4f73dc560b3b343899cafdf04d1b58e0e56cbe4b9331a7abfc474de700eb9a352ab98b41b03516649970c8464d58078d1b12b639011a010749e068c3fa0d022af0f7889ab280c8f1e993a77b9589aad755ba9cb96c0166853ea643122859f4e21df3bc93445902f941a0903b4d3834b5e369a4434c17a53beb514a9d2b907468c1957dec889f314695a658d0f3cd32447bd7050fce51df2b8f3850a9960fea41257accb9e0fe95d5a70138386af97de91660c3f3ddcd486a7fa34d05fd83191e1861a18ed87c985dcbb0ca48ded53fb380d5cf7801ef00eb40d23712b5405930c9b05807e0731cd0822e030989bac742c9d066ff69be7c62670e66b025c9eddf060ad55ba489808084dadaa7b870770ad60f2fc1b0d409a9ca4a727753e1e51fe295974f61652bd3b85ee54ba4d633df8e649c21fd49f22e0408132b220300d0acfdab18e03102f57f779d6cc01c318b9ea5d85797274c016d463ccffce736921d7a6de85062ceab5d84a62d9d6e4bd21fb69cf2248faebf3f47a63c3e5a01949b8bedb606197d8b1a63f0408f3a035d221cc4bda7a408a4413bb962984e40ac7e605b243893f6a97adb98cb890dd5712ec0e103ab9ca21a7a673649079b7f05c0301b3284c249fde617a79ff070f7781e879740a36c65af031e7103bed2b7a0650dd1a6307fc35b3c2157dc73444438d6a9411cee1f25e7cc1adff9ae037184849f62dc8ad4d005d3096039f06693170db629ff87479ec83495e0869e2b24f0ef51ffb2e67e47fb212f251fef47170ecd74b6f22fb3e71f811d43cda3710924cff265e97507fa6e2ecd3bd935fdd251a66ce5824a77f42255696ae37afd0b81ff7afce393cc5fe5cb6b3689eb54c71cfedbc5001af70ecaf3ab6ca71938a4768cabf84d283bf34830088df49446e81ca751c4eed10720c66c8227eb4e9265f355aab7763e7096f138e9b74fec432595661a19c8259f19344fbeedc0257ef0f265ea53255cad95e3bb0ba283813b50626f6474684929fd354f30b4d22f64d9b90e9b731fe0d5b3fb565bee65d1f11733786b1d9ff710ab52948ccbedeb5d8569b2a362221a84f5cde9045249f32ced88e4489240a9d23e4fa9200e5ebd0985ab78ae44017c1fa46a78fedebe5bdddfa4c5bec900a2e66987ce5842db604978e1bf257b96654b83694e8426cc886bb3d3f536f1cea8f16a617c957e61a223dcd95b7cc7890bcaf879fd30112253f107e2912e3bacb89c752a2f3ee28a6ad074aab1952b276546cac629d8f7107e4c1732da29ccf5971a6af8504433aff89517941a526aa520d4fca03d09efe7087f1d03992d014e9e8a71033874b8b33622d54210d303692af44a77b9f6ec8b2f70510fa901dd78b50b6cd52a6248e1de82d0eced5c1b7b81c6b517994071430d32c2fbd6d3591bc4e979f4360fbd87b3119d9593d48f5633eeb9252d2c5854fbc1cfb42a93a60dbfbd9f70341f4d5ae57231adb9ff7a1602f2d0246750c0feceb482a3320fefe86ee2cfa888ea029d91137e44b29665fa806542a6a92634b61fa4814f8a01426ab68b3350832d7ed4d0faef387357127ca278f73d6bddce6ec7353ae98f857c4fd0a9932c0fdeb6af4d78e2f73490e1212aff989659555dd1d282de411e68875ada4d664ce36ca69a818771e724401242fc918999c68c1d69adcbe7be01ffd5b41d14f7520aa7ed6ae514001d7e9511941afe703d6f6ffea308fd3ed31ed5d41e6038be3d22259e05c3d3e6ddbba14e05b4a9539ddeb857dd28c69f773db24bed83a18d219ac02bbfd5722617a58d49978b5adbb2deee5fa9cad9a704b0ac9cb5f54c2208e31bed7ed2ebb3349e7db903ba55a05a7bd7a3cf9536d4a1122e67c340ff281f551b23ef63a86d903ea62fcfbd21dd2503774fd38fa846f6afcf365d0a2bb7d63374142014a50d33f3ed245cefab591c54d6777200be82d4800597bc4ee0c8a05e793b8b774ce0b398d487f86e75130b2bed9d128d2c1ca8b6fd918308948766ef9c30bd1a4a639e679affeca65eb6b4d109392e06345b661e160eba3467f3062e44edbf8d89a4433ac988e07f158df5821bc9415cedf6924bb942ca309028a07b51f968737da8f06849fc3a642bfee71619351c52db06c1078797e5201ea1a4e111674f733f5bb9caa8576bc18041ca2b8aa8333ef376c045a7dce721fd5d132696a195cc9f1cb7d8b316c7a940c3dbffcfa71cef23fb5c367cf66e0e272bcbbcc3b981526622c2fe2ea9e98af517c15fc65f302225a3446398c1f3b837161435c1fe03e52d3edaca3f26694bc450e5038cc90fe2e45938c699fae31a8e1b8e3ca2305ce4326b3cd4fb1c9aae1f052ff01e780a40faf013c287bcf5da3d1d9cf52d8b2e260b71cf3e1bf811e84b3b308c245250629c99ed9fa905b578d9ae39e150de0928f56dcebe3192b1332ca45ee3fdb2b5f5c77334c9b718598a12429cd339cb17b93ee42a222ddb6dcac92781f5d923cbeb52bec658efa4d787cb77e254bcb4b6a3c4c32b0119ca9477a9b86731fe7b151a5afd5cb99f5c7480b9d24c7218f48d473f10f456563bf7e5923acd82253aaa930b723a8dacd27700687de6019dd56af0d601b7fe8581ab1761c5098314a0e147f1de6075491b2c8a1716b2818b8635a3483d49d1ad2f4d4d94e9f402956bc8dd8c31ee8667f41bb66ecd3401f00b9bfb9519f8b6809cb539bae99665df72c692b9d37e6a3bbe5c99d63e5b4a130edcb2ae8b2fb9f1577917b863211345001ad66d02219e7578033ca0216fa5a14567f56fcf8cdac306f460d1f6030f59c2dfc7abcaedd456ede191fbcc02d81f892a02d57a0c0850af87cf9e1e6d8a704b5844d6e69a28b3b0e402512f161e26973e164ff0266157dc4a363e7f49eb8debbaebff2ae14210d4fefb6bb0e6ac1ebe089ebf9e38264280dc8a0eae54673c59507a3ed25cae98206c870e32b61e7c8eae273bfbdb848ae737a2ff4f940036b92846f798093f956ba2cab806a61beb631320a3aba908cdb5ddadcce2413c29bfc5281a0882f0ae95514baba7108ba32a3767f94409a29d2e9e5b7a49cc04a80dfabff7f24f74aceeabdd6486a65a1f61c42cb57bd2ac14254952b1989e21aa44300156f2eec77be50fb02dcc99e31149e6471447cc60c4dfc4c78d8625fb6eb1274b4ea89626d5a720837c5f32a640b5a61133e79ee8f0f09c00972bbd215129c924f2e83d93c4468ac5ed3a139a159e7264b5a525b621c5992f3e82bc3a7176f9daaf3d90cf660c5524e4776199ca9714b058cde812d5c1082a9fca93e35ed4b3cf12f367ef3e9c0aefcdab828e3253138f5f69f4898a06eb35ae90289042477901e60253cb29616f021ae1a450b4ed5dec09229a220929e24c822037a596007d6e1d006448654135967f19545a31b70704390e5fd82ca57be385782a35c54ebd43da34d1b674142e06d9604a6ada13fed0c1aef0d4f657060da26e0abafb00a9b60b15f01bc841af606863192aa7dfe8793ea0c39cf6c932a49921ce2e4eda26737803ce3454e0953294c28715060aadbd64465e16c38be1db6c13c5121806485fe5b152daa74d8a733ff276d12f2ddc77af21a22fea3d5e42280e4e599b3075df66d6449a2f24013950ad275e7fd86b69aa3c1754d65b6d271be887ba5ba95fbf7b46a13effb65303f7a2a2b26c89d6894a1efbb89fc56ba90d3a35f2d98b97e975fa92a83a6e083c65c5ae4e27805dc8f20c63aba87397ad8163cd313c6fd85d17ea65aaf708244efc68cc56649e9f3d0c5626a7c942cc4445d48090b3813146d796bdf7f9992c89163c97a6c37475f93eb5b95b9eabb62e556e6081240359f568caed863f9821bf134989f61d0f204c61b41ebdd1a5ee7c43aaa043e96c080282c09172314814de4baaac7259864220b782a56b62f23c107c61c6302301c9a4afb4bb0a046e694561126de473dc33fddbb85e66fff19f3b0bde132016602e33699ee81e14faee8b0ec2f160a282778a273337097af3ec8fc075a9960fa624ba114063edfcf6dfe9874e8ec87001bb92a7192f922e9bb7ea2fb5c4f3dc36aec87287b2c0ff298a59e421d54b914bef4d8f9bb0b36dd49d47bf22ff1fc5215b0d0582dccab8fd987c25e3fc97c85020312afffc3a6cff32c4188f4c2b2a176eb23074456443d43199efc762b3e4c61191afcb2047fee4cfdb193eccd9ed3d755cfb9280e2bd0dadd10ff9be156e82ef621802edf7af22e5a3df4bef1ff69b7d3e4cc6fd83ff073c6d959704d1faf1714111e199be17ad2b9a5675df72c017c91c558939198091f91670c7cba14322d18b53a088b1620b7c0cb46ccc69e41c923e13cbd326a7af52089f2408bbfffed96dd42d3adfe7479e88adddf1403ac9f5f08ef6678be910258151488bb0a0bc6388016f562779ddd14bfd4c60a6ceb861a144f9f3d7e0b80ef6dca587f320b8ad5eea14b69dfe5d6cb367327a717b072b5624d336dfd86f0eeef4e7807ff8318b054a1dd7b3262524b364ad9e5741270f9b78cc3efcf1bf032a67bb42b8b400a0b8d12c2de42aae7d3ed425b93c3e7bb0878b41735bb5072135a0c88df45a4b0567695f3d295554bb2f34dc2bfb8447df074c7eade5ffd470e10caca153be96d88a94726dc6c5cc4b81421627b8532c3748d8ced99357443642d7ee1ca2e7361007d20ee4d7c537bf4e84d148f0a49d183a554126c84a84ca8f553d62ea780569f4f23189a5cc952b95b33f68f22807005c2e659f6c27fb25ea325a4f4ac67deaad733361c97e2620a2e31878afb16a61133dbd7a5b96e223335d6a31d48301b63c59a360f2c87ff419d4f0c59d544fec17fcd332cb97ede97b7559931df3f39252895bddb0d3c5fece649d7d90261ceb9d46ae0bd3a9050fab01f3750e59fcbab7b4a75f6d98a8a932df2bae1eef63c9134083ec2c0eb407615fa9704b882ec93f223cf5e12f534ee157a0e75216b6590bea462af526eed1e0133174f44ba5780a0749b819e43299897158d7cb6b2c4808ffdad7b09af7653b48a4c90b7f64bde614f815d77827205080a3c80adf", @generic="9a53f0a1e57308cf4843e6b7", @generic="303d4338d6ea2f28a9db455d5985f644b5bbefb589ac0803c12cb71162e39a49113dc823b71953967c6012cd10618f993f36ac4de25b773c9169afb9bcd183f5b4b4c56edd6612eed7a02ad416f11640c9082dc908a21a87943eddacc59b2ebdc04537b21a1236759659679acde7e9e32048f0e6c7c0f9464f16f04e1e4c8aa5ed0c9cd584b07b510cf8619943c6ba9effb1a87f3f26a69f85d8671fcfd79cc1b327f720eb8a7b686f94d91bec52b384ed13581bcd503d4142c8d81fdf84a1bca329c2f9511b4ba1358db188b51c5b40f0d74546a9d8e75c0144b3118ccc0ce51a352cbe015f1835396002e008872feb48288853cbde995cc0180e982255e5", @generic="d87c46f6a0a23cac743e6afe529b4caeea2838ab5b1134567c991bf05e80d92829b67b55f88945d85470648e1ae322e0165b7bfb50956d6a7cb4b44672976c4e1a8312191bc6c062b19f5e59e9bd4bf6db8eb96130a2441503144c1c5a0b32fa92d2959ecdaf3ad4a6cfd4cd", @generic="26e5a4da153720a8f1a8b1604ad1965653aaba65ede19b29678e9fff89ad9de2aa87f86b67d3afaf7729361d457df6f7a2119b47bf1ac074759e04741fc3b4be875ac2b8d873f7dec927f70fdfe4060e48f009ef924e0ba6e0466845fb703f02513495a3572af7a22802bfe2b2d612f59836b2de52821a3c2cf3d200f0951f259d2259cdb6677a94e3d04d6937516f0e841d69821e2c7bb3610060afd9aef1af4297cda335c780b56e21688910775ca29667040c6a45e5828d2d470448396780b3ffda5172bb33d1eaa260efc94c01f81af6eed3a21ba1161132869411d97e31bf3fbc688621eb0f034868", @generic="1afb8f2fb178e989da7d8a725c9a426010c622b01b7f9da18fdcf2e509b26f17aec7b34a9cbe2dacb381babeb813f0e411cc02a18c16dd297204d8214a71837f6251a819645f7e56ab50d94b3f27338546fe256b1a3d6247"]}, @nested={0x1b0, 0x57, [@typed={0xc, 0x94, @u64=0x9}, @typed={0x8, 0x5e, @uid=r4}, @typed={0x14, 0x4f, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @generic="d885f107f2a34cc3a99db149471cbd0de3481ed60f6efebca01cbb3e8266a0ebbac0606f438c81dfe45095521a713ce8e9eed6fd0e67f6d785e5516734e8dc11dcf4c7462a369fba13102d539cac7201396aa7f593d4cbaae81eb49429806ec1cc6dffdcb924a955dc7ad5d5eb093c86b209285e9784", @typed={0x8, 0x1, @ipv4=@multicast1=0xe0000001}, @typed={0x8, 0x55, @fd=r5}, @typed={0xc, 0x5d, @str=':md5sum\x00'}, @typed={0xf0, 0x22, @binary="d4b6787fa45a40ca582c36d2c590219bc053ee985b813eb84190f701b80b128183a620f6313c2cc7a9df9b138a0c0ff6fbf8f6c440b08e1958fab894a5ac830306b0362eee626d8308d39793211acf57af193ae08c03934878d5396035f345657d90a8c0e26c5270d0a1de76e6563ffda036660e9c8523c98773708f7e08cb06508af4c7db548f97a44f07df3f14e678261126d9895cf747006a9aba635f0f04731d089faaa93053f0be063fb7a0e43cd9642234e1398ec21947eaf1e0f9e8b23eb985592e8a6c851882d7dfbb7a8adeccb8eccbc3dec0303b30e9c4d2a3ba7c4c5e4127d7855f44ed37"}]}, @typed={0xc, 0x93, @u64=0x42e0}, @generic="b4b0d82a50830483d804b9109fa3ef3ac71cb3ed1c1f8a72fd753c5988deafbb4f6b9e2532af88dbbc9205dbf1ac769f5a9bee7468afd36648eaf47bf37c594136c090b0b9b109b424c15a1cf987ce72ce1e87db27fba7b16dc5bf2b2137f71277c51f30fb596213", @typed={0x14, 0x4d, @ipv6=@loopback={0x0, 0x1}}, @typed={0x4, 0x28}, @generic="618f42042c44065e8a72c8b62b3b7857a7ed9c7fefa9977cb2db36cc084dfee84bd67de957ad75da32bbe518e1733f556701a8c0"]}, 0x154c}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x10800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = socket(0x18, 0x0, 0x0) r7 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x0, 0x0) dup2(r6, r7) 03:41:14 executing program 4 (fault-call:0 fault-nth:48): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:14 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiser\ns\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:14 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1c00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:14 executing program 5: r0 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @my}, 0x10) connect$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0x0, @host=0x2}, 0x10) 03:41:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2752.845008] FAULT_INJECTION: forcing a failure. [ 2752.845008] name failslab, interval 1, probability 0, space 0, times 0 [ 2752.856333] CPU: 0 PID: 4700 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2752.864655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2752.874015] Call Trace: [ 2752.876610] dump_stack+0x1c9/0x2b4 [ 2752.880252] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2752.885478] should_fail.cold.4+0xa/0x11 [ 2752.889557] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:41:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:14 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1b00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3af, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2752.894692] ? save_stack+0xa9/0xd0 [ 2752.898337] ? save_stack+0x43/0xd0 [ 2752.901975] ? kasan_kmalloc+0xc4/0xe0 [ 2752.905874] ? __kmalloc+0x14e/0x760 [ 2752.909595] ? __list_lru_init+0x151/0x840 [ 2752.913842] ? alloc_super+0x976/0xb10 [ 2752.917741] ? sget_userns+0x276/0x860 [ 2752.921646] ? sget+0x10b/0x150 [ 2752.924940] ? mount_bdev+0x115/0x3e0 [ 2752.928757] ? get_super_block+0x3c/0x50 [ 2752.932829] ? legacy_get_tree+0x118/0x440 [ 2752.937087] ? vfs_get_tree+0x1cb/0x5c0 [ 2752.941089] ? do_mount+0x6c1/0x1fb0 03:41:14 executing program 5: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000000)={0x1, 0x1, 0x1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) keyctl$dh_compute(0x17, &(0x7f0000000200), &(0x7f0000000240)=""/248, 0xf8, &(0x7f0000000380)={&(0x7f0000000340)={'ghash\x00'}, 0x0, 0x0, [0xfffffffc]}) [ 2752.944817] ? ksys_mount+0x12d/0x140 [ 2752.948636] ? __x64_sys_mount+0xbe/0x150 [ 2752.952804] ? do_syscall_64+0x1b9/0x820 [ 2752.956879] ? lock_acquire+0x1e4/0x540 [ 2752.960869] ? fs_reclaim_acquire+0x20/0x20 [ 2752.965209] ? lock_downgrade+0x8f0/0x8f0 [ 2752.969393] ? check_same_owner+0x340/0x340 [ 2752.973726] ? rcu_note_context_switch+0x730/0x730 [ 2752.978665] __should_failslab+0x124/0x180 [ 2752.982911] should_failslab+0x9/0x14 [ 2752.986725] kmem_cache_alloc_node_trace+0x26f/0x770 [ 2752.991842] ? kasan_kmalloc+0xc4/0xe0 03:41:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:15 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2752.995754] __kmalloc_node+0x33/0x70 [ 2752.999570] kvmalloc_node+0x65/0xf0 [ 2753.003301] __list_lru_init+0x5d9/0x840 [ 2753.007376] ? list_lru_destroy+0x500/0x500 [ 2753.011715] ? prealloc_shrinker+0x213/0x480 [ 2753.016138] ? __init_waitqueue_head+0x9e/0x150 [ 2753.020817] ? inactive_list_is_low+0x850/0x850 [ 2753.025496] ? __lockdep_init_map+0x105/0x590 [ 2753.030003] alloc_super+0x976/0xb10 [ 2753.033730] ? destroy_unused_super.part.11+0x110/0x110 [ 2753.039102] ? lock_downgrade+0x8f0/0x8f0 [ 2753.043261] ? kasan_check_read+0x11/0x20 [ 2753.047414] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2753.052004] ? kasan_check_write+0x14/0x20 [ 2753.056254] ? do_raw_spin_lock+0xc1/0x200 [ 2753.060500] sget_userns+0x276/0x860 [ 2753.064219] ? kill_litter_super+0x60/0x60 [ 2753.068458] ? test_single_super+0x10/0x10 [ 2753.072694] ? vfs_get_super+0x270/0x270 [ 2753.076756] ? kasan_check_read+0x11/0x20 [ 2753.080911] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2753.085498] ? kasan_check_write+0x14/0x20 [ 2753.089735] ? do_raw_spin_lock+0xc1/0x200 [ 2753.093989] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2753.099528] ? ns_capable_common+0x13f/0x170 [ 2753.103941] ? kill_litter_super+0x60/0x60 [ 2753.108182] sget+0x10b/0x150 [ 2753.111300] ? test_single_super+0x10/0x10 [ 2753.115539] mount_bdev+0x115/0x3e0 [ 2753.119169] ? finish_unfinished+0x14e0/0x14e0 [ 2753.123756] get_super_block+0x3c/0x50 [ 2753.127642] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2753.131963] legacy_get_tree+0x118/0x440 [ 2753.136023] vfs_get_tree+0x1cb/0x5c0 [ 2753.139826] ? vfs_set_fs_source+0x12c/0x180 [ 2753.144230] do_mount+0x6c1/0x1fb0 [ 2753.147767] ? check_same_owner+0x340/0x340 [ 2753.152082] ? lock_release+0xa30/0xa30 [ 2753.156059] ? copy_mount_string+0x40/0x40 [ 2753.160290] ? kasan_kmalloc+0xc4/0xe0 [ 2753.164178] ? kmem_cache_alloc_trace+0x318/0x780 [ 2753.169020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2753.174562] ? _copy_from_user+0xdf/0x150 [ 2753.178712] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2753.184245] ? copy_mount_options+0x285/0x380 [ 2753.188739] ksys_mount+0x12d/0x140 [ 2753.192371] __x64_sys_mount+0xbe/0x150 [ 2753.196346] do_syscall_64+0x1b9/0x820 [ 2753.200230] ? finish_task_switch+0x1d3/0x870 [ 2753.204726] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2753.209654] ? syscall_return_slowpath+0x31d/0x5e0 [ 2753.214581] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2753.219596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2753.225129] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2753.230144] ? perf_trace_sys_enter+0xb10/0xb10 [ 2753.234813] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2753.239661] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2753.244842] RIP: 0033:0x45885a [ 2753.248019] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2753.267292] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2753.275001] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2753.282263] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2753.289530] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2753.296881] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2753.304236] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000030 03:41:15 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) fadvise64(r1, 0x0, 0x8, 0x5) 03:41:15 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x4, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x137, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:15 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x8100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, [0x80ffff]}) 03:41:15 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:15 executing program 4 (fault-call:0 fault-nth:49): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:15 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiser%s\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2753.975578] FAULT_INJECTION: forcing a failure. [ 2753.975578] name failslab, interval 1, probability 0, space 0, times 0 [ 2753.986934] CPU: 1 PID: 4746 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2753.995252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2754.004616] Call Trace: [ 2754.007199] dump_stack+0x1c9/0x2b4 [ 2754.010813] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2754.015991] ? __kernel_text_address+0xd/0x40 [ 2754.020475] ? unwind_get_return_address+0x61/0xa0 [ 2754.025397] should_fail.cold.4+0xa/0x11 [ 2754.029446] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2754.034538] ? save_stack+0xa9/0xd0 [ 2754.038150] ? save_stack+0x43/0xd0 [ 2754.041772] ? kasan_kmalloc+0xc4/0xe0 [ 2754.045646] ? kmem_cache_alloc_trace+0x152/0x780 [ 2754.050473] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2754.055661] ? __list_lru_init+0x4d6/0x840 [ 2754.059881] ? alloc_super+0x976/0xb10 [ 2754.063798] ? sget+0x10b/0x150 [ 2754.067061] ? mount_bdev+0x115/0x3e0 [ 2754.070859] ? get_super_block+0x3c/0x50 [ 2754.074916] ? legacy_get_tree+0x118/0x440 [ 2754.079139] ? vfs_get_tree+0x1cb/0x5c0 [ 2754.083107] ? do_mount+0x6c1/0x1fb0 [ 2754.086805] ? ksys_mount+0x12d/0x140 [ 2754.090590] ? __x64_sys_mount+0xbe/0x150 [ 2754.094725] ? do_syscall_64+0x1b9/0x820 [ 2754.098774] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.104137] ? save_stack+0xa9/0xd0 [ 2754.107752] ? lock_acquire+0x1e4/0x540 [ 2754.111712] ? fs_reclaim_acquire+0x20/0x20 [ 2754.116030] ? lock_downgrade+0x8f0/0x8f0 [ 2754.120163] ? do_mount+0x6c1/0x1fb0 [ 2754.123867] ? check_same_owner+0x340/0x340 [ 2754.128174] ? rcu_note_context_switch+0x730/0x730 [ 2754.133093] __should_failslab+0x124/0x180 [ 2754.137316] should_failslab+0x9/0x14 [ 2754.141115] kmem_cache_alloc_trace+0x2cb/0x780 [ 2754.145768] ? kasan_kmalloc+0xc4/0xe0 [ 2754.149643] __memcg_init_list_lru_node+0x185/0x2d0 [ 2754.154645] ? kvfree_rcu+0x20/0x20 [ 2754.158256] ? __kmalloc_node+0x47/0x70 [ 2754.162214] __list_lru_init+0x4d6/0x840 [ 2754.166269] ? list_lru_destroy+0x500/0x500 [ 2754.170578] ? prealloc_shrinker+0x213/0x480 [ 2754.174968] ? __init_waitqueue_head+0x9e/0x150 [ 2754.179621] ? inactive_list_is_low+0x850/0x850 [ 2754.184276] ? __lockdep_init_map+0x105/0x590 [ 2754.188764] alloc_super+0x976/0xb10 [ 2754.192465] ? destroy_unused_super.part.11+0x110/0x110 [ 2754.197823] ? lock_downgrade+0x8f0/0x8f0 [ 2754.201958] ? kasan_check_read+0x11/0x20 [ 2754.206089] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2754.210667] ? kasan_check_write+0x14/0x20 [ 2754.214887] ? do_raw_spin_lock+0xc1/0x200 [ 2754.219109] sget_userns+0x276/0x860 [ 2754.222806] ? kill_litter_super+0x60/0x60 [ 2754.227029] ? test_single_super+0x10/0x10 [ 2754.231250] ? vfs_get_super+0x270/0x270 [ 2754.235304] ? kasan_check_read+0x11/0x20 [ 2754.239434] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2754.244000] ? kasan_check_write+0x14/0x20 [ 2754.248220] ? do_raw_spin_lock+0xc1/0x200 [ 2754.252459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.257990] ? ns_capable_common+0x13f/0x170 [ 2754.262385] ? kill_litter_super+0x60/0x60 [ 2754.266614] sget+0x10b/0x150 [ 2754.269703] ? test_single_super+0x10/0x10 [ 2754.273925] mount_bdev+0x115/0x3e0 [ 2754.277536] ? finish_unfinished+0x14e0/0x14e0 [ 2754.282105] get_super_block+0x3c/0x50 [ 2754.285978] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2754.290282] legacy_get_tree+0x118/0x440 [ 2754.294327] vfs_get_tree+0x1cb/0x5c0 [ 2754.298117] ? vfs_set_fs_source+0x12c/0x180 [ 2754.302511] do_mount+0x6c1/0x1fb0 [ 2754.306036] ? check_same_owner+0x340/0x340 [ 2754.310339] ? lock_release+0xa30/0xa30 [ 2754.314300] ? copy_mount_string+0x40/0x40 [ 2754.318517] ? kasan_kmalloc+0xc4/0xe0 [ 2754.322387] ? kmem_cache_alloc_trace+0x318/0x780 [ 2754.327213] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2754.332746] ? _copy_from_user+0xdf/0x150 [ 2754.336878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.342398] ? copy_mount_options+0x285/0x380 [ 2754.346876] ksys_mount+0x12d/0x140 [ 2754.350498] __x64_sys_mount+0xbe/0x150 [ 2754.354461] do_syscall_64+0x1b9/0x820 [ 2754.358332] ? finish_task_switch+0x1d3/0x870 [ 2754.362820] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2754.367733] ? syscall_return_slowpath+0x31d/0x5e0 [ 2754.372647] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2754.379825] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.385346] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2754.390345] ? perf_trace_sys_enter+0xb10/0xb10 [ 2754.395010] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2754.399844] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.405137] RIP: 0033:0x45885a [ 2754.408313] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:41:16 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:16 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xf306a3feffea5c7c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x175, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2754.427499] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2754.435201] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2754.442456] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2754.449718] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2754.457046] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2754.464306] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000031 03:41:16 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x80000, 0x10) timerfd_settime(r0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000140)) r1 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0x1bae}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r1, 0x1) get_mempolicy(&(0x7f0000000080), &(0x7f0000000100), 0x1000000, &(0x7f0000002000/0x2000)=nil, 0x2) 03:41:16 executing program 4 (fault-call:0 fault-nth:50): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:16 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2754.567504] FAULT_INJECTION: forcing a failure. [ 2754.567504] name failslab, interval 1, probability 0, space 0, times 0 [ 2754.578928] CPU: 1 PID: 4766 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2754.587255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2754.596615] Call Trace: [ 2754.599221] dump_stack+0x1c9/0x2b4 [ 2754.602875] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2754.608084] ? perf_trace_lock+0xde/0x920 [ 2754.612251] should_fail.cold.4+0xa/0x11 [ 2754.616330] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2754.621456] ? save_stack+0xa9/0xd0 [ 2754.625097] ? save_stack+0x43/0xd0 [ 2754.628741] ? kasan_kmalloc+0xc4/0xe0 [ 2754.632640] ? kmem_cache_alloc_trace+0x152/0x780 [ 2754.637498] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2754.642698] ? __list_lru_init+0x4d6/0x840 [ 2754.646943] ? alloc_super+0x976/0xb10 [ 2754.650845] ? sget+0x10b/0x150 [ 2754.654135] ? mount_bdev+0x115/0x3e0 [ 2754.657951] ? legacy_get_tree+0x118/0x440 [ 2754.662201] ? vfs_get_tree+0x1cb/0x5c0 03:41:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x54, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2754.666187] ? do_mount+0x6c1/0x1fb0 [ 2754.669936] ? ksys_mount+0x12d/0x140 [ 2754.673772] ? __x64_sys_mount+0xbe/0x150 [ 2754.677936] ? do_syscall_64+0x1b9/0x820 [ 2754.682013] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.687389] ? lock_acquire+0x1e4/0x540 [ 2754.691377] ? fs_reclaim_acquire+0x20/0x20 [ 2754.695717] ? lock_downgrade+0x8f0/0x8f0 [ 2754.699878] ? do_mount+0x6c1/0x1fb0 [ 2754.703593] ? check_same_owner+0x340/0x340 [ 2754.707916] ? rcu_note_context_switch+0x730/0x730 [ 2754.712849] __should_failslab+0x124/0x180 [ 2754.717095] should_failslab+0x9/0x14 [ 2754.720897] kmem_cache_alloc_trace+0x2cb/0x780 [ 2754.725568] ? kasan_kmalloc+0xc4/0xe0 [ 2754.729461] __memcg_init_list_lru_node+0x185/0x2d0 [ 2754.734477] ? kvfree_rcu+0x20/0x20 [ 2754.738104] ? __kmalloc_node+0x47/0x70 [ 2754.742078] __list_lru_init+0x4d6/0x840 [ 2754.746138] ? list_lru_destroy+0x500/0x500 [ 2754.750481] ? prealloc_shrinker+0x213/0x480 [ 2754.754887] ? __init_waitqueue_head+0x9e/0x150 [ 2754.759552] ? inactive_list_is_low+0x850/0x850 [ 2754.764220] ? __lockdep_init_map+0x105/0x590 [ 2754.768715] alloc_super+0x976/0xb10 [ 2754.772435] ? destroy_unused_super.part.11+0x110/0x110 [ 2754.777800] ? lock_downgrade+0x8f0/0x8f0 [ 2754.781948] ? kasan_check_read+0x11/0x20 [ 2754.786098] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2754.790677] ? kasan_check_write+0x14/0x20 [ 2754.794908] ? do_raw_spin_lock+0xc1/0x200 [ 2754.799145] sget_userns+0x276/0x860 [ 2754.802853] ? kill_litter_super+0x60/0x60 [ 2754.807098] ? test_single_super+0x10/0x10 [ 2754.811850] ? vfs_get_super+0x270/0x270 [ 2754.815909] ? kasan_check_read+0x11/0x20 [ 2754.820052] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2754.824646] ? kasan_check_write+0x14/0x20 [ 2754.828876] ? do_raw_spin_lock+0xc1/0x200 [ 2754.833124] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.838657] ? ns_capable_common+0x13f/0x170 [ 2754.843062] ? kill_litter_super+0x60/0x60 [ 2754.847289] sget+0x10b/0x150 [ 2754.850391] ? test_single_super+0x10/0x10 [ 2754.854626] mount_bdev+0x115/0x3e0 [ 2754.858248] ? finish_unfinished+0x14e0/0x14e0 [ 2754.862829] get_super_block+0x3c/0x50 [ 2754.866715] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2754.871034] legacy_get_tree+0x118/0x440 [ 2754.875094] vfs_get_tree+0x1cb/0x5c0 [ 2754.878892] ? vfs_set_fs_source+0x12c/0x180 [ 2754.883302] do_mount+0x6c1/0x1fb0 [ 2754.886841] ? check_same_owner+0x340/0x340 [ 2754.891158] ? lock_release+0xa30/0xa30 [ 2754.895129] ? copy_mount_string+0x40/0x40 [ 2754.899361] ? kasan_kmalloc+0xc4/0xe0 [ 2754.903248] ? kmem_cache_alloc_trace+0x318/0x780 [ 2754.908087] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2754.913621] ? _copy_from_user+0xdf/0x150 [ 2754.917766] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.923298] ? copy_mount_options+0x285/0x380 [ 2754.927792] ksys_mount+0x12d/0x140 [ 2754.931448] __x64_sys_mount+0xbe/0x150 [ 2754.935425] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.940957] do_syscall_64+0x1b9/0x820 [ 2754.944845] ? syscall_slow_exit_work+0x500/0x500 [ 2754.949687] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2754.954614] ? syscall_return_slowpath+0x31d/0x5e0 [ 2754.959545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2754.965077] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2754.970092] ? perf_trace_sys_enter+0xb10/0xb10 [ 2754.974762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2754.979607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2754.984788] RIP: 0033:0x45885a [ 2754.987966] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2755.007236] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2755.014940] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2755.022203] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2755.029466] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2755.036731] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2755.043996] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000032 03:41:17 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setitimer(0x2, &(0x7f0000000180)={{0x0, 0x2710}}, 0x0) write$P9_RLCREATE(r0, &(0x7f0000000000)={0x18, 0xf, 0x1, {{0x4, 0x2, 0x5}, 0x7fffffff}}, 0x18) r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000140)=0x4) 03:41:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:17 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x19, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:17 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiser.s\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x219, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:17 executing program 4 (fault-call:0 fault-nth:51): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="0220f73d6d345f8f742070") r1 = socket(0x200000000000011, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'gre0\x00', 0x0}) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6}, 0x14) sendmmsg$inet_sctp(r1, &(0x7f0000871fc8)=[{&(0x7f000086c000)=@in6={0xa, 0x0, 0x2}, 0x14f, &(0x7f0000d1e000), 0x0, &(0x7f0000dda000)}], 0x492492492492510, 0x0) [ 2755.438176] FAULT_INJECTION: forcing a failure. [ 2755.438176] name failslab, interval 1, probability 0, space 0, times 0 [ 2755.449594] CPU: 1 PID: 4791 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2755.457922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2755.467282] Call Trace: [ 2755.469882] dump_stack+0x1c9/0x2b4 [ 2755.473517] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2755.478835] ? __kernel_text_address+0xd/0x40 [ 2755.483345] ? unwind_get_return_address+0x61/0xa0 03:41:17 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2755.488329] should_fail.cold.4+0xa/0x11 [ 2755.492408] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2755.497528] ? save_stack+0xa9/0xd0 [ 2755.501160] ? save_stack+0x43/0xd0 [ 2755.504797] ? kasan_kmalloc+0xc4/0xe0 [ 2755.508690] ? kmem_cache_alloc_trace+0x152/0x780 [ 2755.513538] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2755.518739] ? __list_lru_init+0x4d6/0x840 [ 2755.522978] ? alloc_super+0x976/0xb10 [ 2755.526875] ? sget+0x10b/0x150 [ 2755.530161] ? mount_bdev+0x115/0x3e0 [ 2755.533966] ? get_super_block+0x3c/0x50 03:41:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x92, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2755.538051] ? legacy_get_tree+0x118/0x440 [ 2755.542308] ? vfs_get_tree+0x1cb/0x5c0 [ 2755.546299] ? do_mount+0x6c1/0x1fb0 [ 2755.550022] ? ksys_mount+0x12d/0x140 [ 2755.553835] ? __x64_sys_mount+0xbe/0x150 [ 2755.557990] ? do_syscall_64+0x1b9/0x820 [ 2755.562062] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2755.567441] ? __sched_text_start+0x8/0x8 [ 2755.571598] ? lock_acquire+0x1e4/0x540 [ 2755.575586] ? fs_reclaim_acquire+0x20/0x20 [ 2755.579921] ? lock_downgrade+0x8f0/0x8f0 [ 2755.584082] ? do_mount+0x6c1/0x1fb0 [ 2755.587827] ? check_same_owner+0x340/0x340 [ 2755.592160] ? rcu_note_context_switch+0x730/0x730 [ 2755.597107] __should_failslab+0x124/0x180 [ 2755.601358] should_failslab+0x9/0x14 [ 2755.605174] kmem_cache_alloc_trace+0x2cb/0x780 [ 2755.609853] ? kasan_kmalloc+0xc4/0xe0 [ 2755.613756] __memcg_init_list_lru_node+0x185/0x2d0 [ 2755.618780] ? kvfree_rcu+0x20/0x20 [ 2755.622411] ? __kmalloc_node+0x47/0x70 [ 2755.626392] __list_lru_init+0x4d6/0x840 [ 2755.630458] ? list_lru_destroy+0x500/0x500 [ 2755.634794] ? prealloc_shrinker+0x213/0x480 03:41:17 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xb00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:17 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfc030000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2755.639206] ? __init_waitqueue_head+0x9e/0x150 [ 2755.643889] ? inactive_list_is_low+0x850/0x850 [ 2755.648563] ? __lockdep_init_map+0x105/0x590 [ 2755.653069] alloc_super+0x976/0xb10 [ 2755.656795] ? destroy_unused_super.part.11+0x110/0x110 [ 2755.662163] ? lock_downgrade+0x8f0/0x8f0 [ 2755.666323] ? kasan_check_read+0x11/0x20 [ 2755.670480] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2755.675067] ? kasan_check_write+0x14/0x20 [ 2755.679305] ? do_raw_spin_lock+0xc1/0x200 [ 2755.683551] sget_userns+0x276/0x860 03:41:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x16f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2755.687269] ? kill_litter_super+0x60/0x60 [ 2755.691509] ? test_single_super+0x10/0x10 [ 2755.695750] ? vfs_get_super+0x270/0x270 [ 2755.699819] ? kasan_check_read+0x11/0x20 [ 2755.703968] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2755.708554] ? kasan_check_write+0x14/0x20 [ 2755.712795] ? do_raw_spin_lock+0xc1/0x200 [ 2755.717046] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2755.722590] ? ns_capable_common+0x13f/0x170 [ 2755.727027] ? kill_litter_super+0x60/0x60 [ 2755.731270] sget+0x10b/0x150 [ 2755.734381] ? test_single_super+0x10/0x10 [ 2755.738624] mount_bdev+0x115/0x3e0 [ 2755.742258] ? finish_unfinished+0x14e0/0x14e0 [ 2755.746847] get_super_block+0x3c/0x50 [ 2755.750742] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2755.755068] legacy_get_tree+0x118/0x440 [ 2755.759134] vfs_get_tree+0x1cb/0x5c0 [ 2755.762935] ? vfs_set_fs_source+0x12c/0x180 [ 2755.767356] do_mount+0x6c1/0x1fb0 [ 2755.770901] ? check_same_owner+0x340/0x340 [ 2755.775241] ? lock_release+0xa30/0xa30 [ 2755.779221] ? copy_mount_string+0x40/0x40 [ 2755.783465] ? retint_kernel+0x10/0x10 [ 2755.787367] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 2755.792915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2755.798459] ? copy_mount_options+0x285/0x380 [ 2755.802960] ksys_mount+0x12d/0x140 [ 2755.806589] __x64_sys_mount+0xbe/0x150 [ 2755.810649] do_syscall_64+0x1b9/0x820 [ 2755.814531] ? finish_task_switch+0x1d3/0x870 [ 2755.819112] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2755.824037] ? syscall_return_slowpath+0x31d/0x5e0 [ 2755.828976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2755.833988] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2755.839523] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2755.844536] ? perf_trace_sys_enter+0xb10/0xb10 [ 2755.849201] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2755.854045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2755.859226] RIP: 0033:0x45885a [ 2755.862405] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2755.882325] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2755.890059] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2755.897433] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2755.904696] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2755.912046] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2755.919308] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000033 03:41:18 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x700, 0x0) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:18 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:18 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1aaaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:18 executing program 5: 03:41:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x37d, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:18 executing program 4 (fault-call:0 fault-nth:52): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:18 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiser/s\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:18 executing program 5: 03:41:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xae, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:18 executing program 5: [ 2756.446337] FAULT_INJECTION: forcing a failure. [ 2756.446337] name failslab, interval 1, probability 0, space 0, times 0 [ 2756.457682] CPU: 1 PID: 4827 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2756.466009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2756.475372] Call Trace: [ 2756.477983] dump_stack+0x1c9/0x2b4 [ 2756.481619] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2756.486829] ? __kernel_text_address+0xd/0x40 [ 2756.491338] ? unwind_get_return_address+0x61/0xa0 03:41:18 executing program 5: 03:41:18 executing program 5: [ 2756.496291] should_fail.cold.4+0xa/0x11 [ 2756.500369] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2756.505494] ? save_stack+0xa9/0xd0 [ 2756.509134] ? save_stack+0x43/0xd0 [ 2756.512782] ? kasan_kmalloc+0xc4/0xe0 [ 2756.516709] ? kmem_cache_alloc_trace+0x152/0x780 [ 2756.521577] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2756.526789] ? __list_lru_init+0x4d6/0x840 [ 2756.531042] ? alloc_super+0x976/0xb10 [ 2756.534943] ? sget+0x10b/0x150 [ 2756.538234] ? mount_bdev+0x115/0x3e0 [ 2756.542052] ? get_super_block+0x3c/0x50 03:41:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2ae, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:18 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x0, 0x4, 0x0, 0x400000000002f}, 0x2c) [ 2756.546136] ? legacy_get_tree+0x118/0x440 [ 2756.550391] ? vfs_get_tree+0x1cb/0x5c0 [ 2756.554384] ? do_mount+0x6c1/0x1fb0 [ 2756.558128] ? ksys_mount+0x12d/0x140 [ 2756.561952] ? __x64_sys_mount+0xbe/0x150 [ 2756.566116] ? do_syscall_64+0x1b9/0x820 [ 2756.570287] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2756.575673] ? __sched_text_start+0x8/0x8 [ 2756.579847] ? lock_acquire+0x1e4/0x540 [ 2756.583843] ? fs_reclaim_acquire+0x20/0x20 [ 2756.588189] ? lock_downgrade+0x8f0/0x8f0 [ 2756.592371] ? do_mount+0x6c1/0x1fb0 [ 2756.596086] ? check_same_owner+0x340/0x340 [ 2756.601190] ? rcu_note_context_switch+0x730/0x730 [ 2756.606128] __should_failslab+0x124/0x180 [ 2756.610359] should_failslab+0x9/0x14 [ 2756.614146] kmem_cache_alloc_trace+0x2cb/0x780 [ 2756.618800] ? kasan_kmalloc+0xc4/0xe0 [ 2756.622698] __memcg_init_list_lru_node+0x185/0x2d0 [ 2756.627700] ? kvfree_rcu+0x20/0x20 [ 2756.631313] ? __kmalloc_node+0x47/0x70 [ 2756.635279] __list_lru_init+0x4d6/0x840 [ 2756.639326] ? list_lru_destroy+0x500/0x500 [ 2756.643636] ? prealloc_shrinker+0x213/0x480 [ 2756.648028] ? __init_waitqueue_head+0x9e/0x150 [ 2756.652685] ? inactive_list_is_low+0x850/0x850 [ 2756.657350] ? __lockdep_init_map+0x105/0x590 [ 2756.661833] alloc_super+0x976/0xb10 [ 2756.665539] ? destroy_unused_super.part.11+0x110/0x110 [ 2756.670901] ? lock_downgrade+0x8f0/0x8f0 [ 2756.675038] ? kasan_check_read+0x11/0x20 [ 2756.679171] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2756.683741] ? kasan_check_write+0x14/0x20 [ 2756.687962] ? do_raw_spin_lock+0xc1/0x200 [ 2756.692194] sget_userns+0x276/0x860 [ 2756.695893] ? kill_litter_super+0x60/0x60 [ 2756.700114] ? test_single_super+0x10/0x10 [ 2756.704335] ? vfs_get_super+0x270/0x270 [ 2756.708381] ? kasan_check_read+0x11/0x20 [ 2756.712515] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2756.717092] ? kasan_check_write+0x14/0x20 [ 2756.721317] ? do_raw_spin_lock+0xc1/0x200 [ 2756.725549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2756.731078] ? ns_capable_common+0x13f/0x170 [ 2756.735472] ? kill_litter_super+0x60/0x60 [ 2756.739694] sget+0x10b/0x150 [ 2756.742786] ? test_single_super+0x10/0x10 [ 2756.747020] mount_bdev+0x115/0x3e0 [ 2756.750636] ? finish_unfinished+0x14e0/0x14e0 [ 2756.755204] get_super_block+0x3c/0x50 [ 2756.759086] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2756.763404] legacy_get_tree+0x118/0x440 [ 2756.767461] vfs_get_tree+0x1cb/0x5c0 [ 2756.771246] ? vfs_set_fs_source+0x12c/0x180 [ 2756.775643] do_mount+0x6c1/0x1fb0 [ 2756.779175] ? check_same_owner+0x340/0x340 [ 2756.783482] ? lock_release+0xa30/0xa30 [ 2756.787455] ? copy_mount_string+0x40/0x40 [ 2756.791676] ? retint_kernel+0x10/0x10 [ 2756.795552] ? copy_mount_options+0x1f0/0x380 [ 2756.800034] ? copy_mount_options+0x202/0x380 [ 2756.804518] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2756.810039] ? copy_mount_options+0x285/0x380 [ 2756.814534] ksys_mount+0x12d/0x140 [ 2756.818144] __x64_sys_mount+0xbe/0x150 [ 2756.822102] do_syscall_64+0x1b9/0x820 [ 2756.825973] ? finish_task_switch+0x1d3/0x870 [ 2756.830459] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2756.835384] ? syscall_return_slowpath+0x31d/0x5e0 [ 2756.840309] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2756.845325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2756.850855] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2756.855883] ? perf_trace_sys_enter+0xb10/0xb10 [ 2756.860542] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2756.865373] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2756.870544] RIP: 0033:0x45885a [ 2756.873712] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:41:18 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2756.892893] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2756.900588] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2756.907854] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2756.915106] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2756.922357] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2756.930390] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000034 03:41:19 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f00000029c0)="02f72768e82a87f9638fff") recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) fcntl$addseals(r0, 0x409, 0x8) ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000001880)={0x15, 0x1, 0x8}) signalfd(r2, &(0x7f0000000240)={0x3}, 0x8) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000280)=0x0) rt_sigqueueinfo(r3, 0xd, &(0x7f0000001840)={0x3a, 0x0, 0x7f, 0x10001}) sendmsg$alg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000000)="088c23bbdcdfb924449f3cdac52c16cbd00a70603f21e44f3ffd67ad91fe52dd5095352a67e466", 0x27}, {&(0x7f0000000140)="53d1a5855fe02ba364cbc855c9a59430438072a86ede608c88873f28be3657fac32bcc576d010f7db7c821a05248171434cc371a52d5cdbd554e58e882e8dcc428cb5227a1aa5418e62c1df49584dc", 0x4f}, {&(0x7f00000002c0)="aec411c2fc937b28b901fede9d1f6acbee7207fb4c8a927327bc85f8e0f8f77dcb23bbd802e9560d811bea0fa94d4fcc18484cad71d93892c920d7e1465fd9a37b7fcbb3c49ddc3107a5def34b5e84303e26cf4368fac6cb87d7e87b745d1768ef2d6e968d4533dbf7110bf7ac67fe514dcacf5a6f760d76d6b5c533b17391fc391a2d7aed9120a5da4f5808f2e912ddc25874b3460cda86c50a84850b903836471a9a8e3f711166fc44f68c945b248265d8db37181c551e7d4cea2882ca8fae9ea07e0850c3081493be630eb3b836f643b0adc56f9d384be10f7482bef4755651235340708e4ccc0b6b5c532ee42e36d99ebcc9417aae94c49b2b25309bb11b1b6a9fbb226b778129dc202a9aadc6e53fbf3f8c35290798c7626ddaf5321d0c9bc92a9d6c6207980459bcd10e5ebd06e2386fbe99808d876eb2d7ae5710b2e2758a265bc7c4e2f342a5a2bceed35d8071302cc4da4ba9a77753d31e3af02140dc866549783fc2791eba95e91480c0173cad8c7a0442f8ec85930d319152813afe7b323b9cfe0a143a7d8f83a16aa68fe7a275c6c69753e1576b5a2ab2ae17db1b48d4c50e2b4a7aba9fbd4a4866c9a0dd2faf621f847644700acf62f84e8bb8120418fc36e5ca309fa873b678253869cdcc536729c1a49b2eeacec65f2ca9961d42a60aec77295c07beef2da60394b1311750690b4199bd2c4a8d41a26de295e36a9d0ea69210e3bf2b7f91d580ee83c1a0c97fe6c5d0434a7fa6c5bfcbf04758e82d1dedc2b18fd7ef20a432eff649d9f3372cace91ad0b9a5ac04e82292893dfd8a458c57d5dcdf5734bf8b1c397e349d2cd0afdfab0f11373a279855880b4483f32858567462a87631703da5bb10b2e381b2d30ab3ea36a4b275e10bfe8b3bf7858e645a507a0770a3b77fe01f99824b28a315d491d335125fd5e37a0e220fb2553a63a3c85b87365ea68936de5501eb8c3dbfd5f7d152a21a31a75fcfb8ce4bc53da753606e567c027ccaf69fd882e15f8773435ca1e565dc252a09217184fa4640f949667eeb86f3c1b0710a6cef92f5ec16c7feef678b43fabede3adbcccba58fda1da8950122d7229cc7f0476dbfa1b62bfbb08e2fa954025c652f8d233fa91942efda6301ad8d597ef5c133f805ad9dba260d939f4b71df98a846476d2c33a8baf9b5253c16f8dae917596c28fac6ccbf3aec9a770a7d655a3d3755e9d4584e3b2760d5eb3162d4d45f3ac7ca830f28515fee3bc5165027a35bb157dadd81ee14dba3b843f275c1d49f12e1c4abb61f0ef1e2bf2cdf1ffac831c29524a9a6f068f7c8d479d7ce4ea840fa7f523b7730850c4a3fae5b549996ab77badb6634047d824e168be78c2fb268770b655ac6c980a03fe50263ae93cf4b319e53b51dfb867d58971f74e87d8fd0980914f9c00dd74d2bbeea46b0a56fc74d25b5c45804186041b88f24d68b61877f170a7c2dc5145161189fd185d070287f024c86bcd89bf52b5037a360cc2894cefc5976a7d3dae68a084ed074ed86278cdf759e109914e48215518e7818e32c5a775ebd963fe953b6e270c9589b48cbac3cd7c6086c5ed01eabc6f79c53e549c0f8f5b2533f140b6aab5491f721a0c4a793aff7a1fdea03eec52be6ba831699a48a4a11092ed82fab5d5deff65ee4672950de4ef04377e4cec117619eaa1602b0f732517956cf1306d90bb3fe67a3304b3f024563cf86f96ff3b5e0cc923f52bb299e5d18080f306d84ba3e5d6e3ab1f4b303ebe92a24d01b4755a51b2d74eee5b4e97c5833cf17518da97e4acbf89df3a8bc693324b09fa8b3f549ec3adb4e1d4e10410118da0f32945aaa567eeb303f4d63d0b9d51974bfb795a24d4fc70f0002e4ab0e2f1bf79711b513c88ad5490652f7a0b7a01d4165758e4191255f90947b726b8b276012d3e9a0948936f61d072643044c705c91e9b80548ebf46238121afc797c33670f5e4d551af9f9b815d7e3389fcc962eee6f6c58e2eb751761f89f985d945b23f8968d109dc6532b5de011b77eb9c4278e54e77456cae0753dd3514aa41ab07d637e45cc94c6f9e74e5799cb8ba0b57e30e9f20a6d88d2c7def815c2126eb52f7535350906076fedf0a995061f4c2de3b3e8b1772fff310d4d92b85eb90bf71c068f482674a0e35f36840a5d906cc12b97ecca6577ccf20bf31c46e3339ab930fbdf560f49e383e55308f9b445467e9a2925bd7ce6d909e7633ba5a829993975595ac11b43361d9bf9ae54b702a694ac738fb6869d91575b6e531a4cb7ad8eed48ff50bb3fe601edacb5493fca70a387a2ca620d7720eabd763512a370ca61c2beaa888a8b185c1de13b5fa0b8511729935f95f1b5e7218d8711305adf72a77db8f7bd3dcdd0729da3416e3ea9f6a93fa50de71c89b5a97f85d43fcf4dbea318de70c4b1ccf112ab227aaa18521179809b0e443d69e7ac43a7464d4c1fcab4c1e8db3d84028e28976e71a80d640f58b81e3a611bc4891e08927bf4a6104d245c8f1146a06e8de498369d71074ffc82dceac8a6a9c51fb7e5102eb65bd6e73cd53271f77e64de702357321f8c460320b3a0ee9437dbdc22d5a07ca756cd4d55af07addffbd95413badb163e909154be0a90a0af673671ab0c80ad98d1103576acfe013835d0698af54f160f8480db5e2e96fcf49aa87ac24f0bfbc68b40e24ab2ba37250c64f50b1bfdc498e25d46e3d58176402bd7dbe06c1de4200baee76c0fc1a414a9b940bd6b94d908d011808fe8e32e86ffcef32f02311eb3d9c9d057bc128eae7ca5c0acc787ac17441cbd1a350196760c9dc1544bbe3c762394867988dfe9635f37629fc11a8b7fec19b6f8a3315534207077a68a8f0d0a05a2bf33504eac4bfee217b57be9a432735fd575b2b177859c6b4e02216c88e71621ff7ae55b30953b6fbf06053daaf941fb8c656dbe247c640636a54e1b6df531fafb3296e9d5f89b3f4ac9137f3683c7a3fb310997b8240ffb0b61604d9375f89b8970c59ad8c724071ad0e1908a0a283ed1610e98c866af01c2757d1295fa431e390c5a0ded0b3e7d2c5f155804b00bd1bf7d73d877b30be56ddc6e56a26cc27c96bb3c3043918462f576d91a729b23b24394e09e782bb23b119c2cbfaf25c07ea06ed8e834eac5e5d0e0dcb87b5e7d4a6c58fa87759c259c907e22fc994f880e7d80d9df8a210225f9de36871edd2e75acb00de775da194659f026d34be65f5ec033b19aef9202f0e21449cbfd4cb4fc4cffd85d36c8d5b48b973a502973803102ed53237629528e7df9249c16a13a279a8015f49f6efe221b02ae4c8af6190bb04e4e49fba97ef32ece14c0c47b594152b450d04af1bd255d535c8e74dd9315c758c11add59939cdfa398febf9bc4f41e655a8e41828c43be00e01046e6e1107ba6937f9046ca8e71e6cdaf312140473fedad49a224e71aa0010092ff5b7d58276e8421b8738d5ff928b8859533fd163aa14cdde0aac8f50d01f786b244ac5828f092e1d7adfb1cc506eb43cf33a69cddce04d4dcce9340a820ebd77e069e60941f1231ac82011ba7ab7be6957caccef253014f20b6f8dd0666fc1aa7298c16e2bc72b1fc1f935a03c58400dc1bf8dfeda817df21ee61f520e546687ed71584540912670bb26e9560531fe6686d8f3e4c37eeea9a82c613e3c9b761123a35c1a1235ffe58ffa560c1dc1d3acb760fcf04547fa37e1c19f599b85d22cac91e1974a302fc1c48d3d5dad93c00c1e73c698a7a09389f7ac4e19f010f21e5d5bcc36f04c18b237cf14b4ac33d8a0a88e16d75e865b8fbf44d0134c0013aa5621c3c79d5d682423d6331e4b3813715c6fe798a30053d46c76e98c15a764cfa8ecf8787ff3b25a404b1e3c6ef918190db837eba36895b4887aebe924318813d1352dfa837dcf2e01b4cbf9fbe78f0878ad75edd08f78ae5b8676ef816021e5357f8438a2f8345e1a418ee53df806fb6cadbd0aac25beaddaf5aa5f6308534269c9a984ec6914bcae7d431d6fc9dc1c6fc2181dd4e908704314efe13834fb936f07c0cbe2517790b9ca8c0f21950d53f41afe272ae0bd4d97246ff50e8b068212ad5d002b5ef6e35800cfc0ae3845b6e7ec66a184d0138c5f2fc5f6c1429657341193f56de9d7f61f20842dac49e26c220fd574484f860f9219e0d4ef910c881239492bcc332616179e87bcf4880c5b6fea46ef0caa62074ff62c1854042f514a9dbc5d24b4ae397d9644e3c5a5835e7bf83edece28e7ca7314870e3a7ffd86872ebfe254db619a2131520a45ff24aa37d5a92cc56807e16c736ecc0a050774b05e2ffcc6229b0fd72186197b09b9752506e32e5d60c63efa99a25ef4b6533b4632304c03da43297d8cb20ace2735467cc387767539a6d1a5d277c51c2d41cc8655db5a1ef803d09054cf5aa8f6ae435e3bf6e5fc074382f0479ae26ee34f8ffcb57919ee46007f46dcc4ac4d5e98c84190ac3781a95105c96762ce1504b033283031a742ab50dea33875db28cfb92d30280657745c838022805eb0b9226b061f8e19f7ba38351609e8260ea6b33db3f91f298e63b66b07d7b6f81342d6b4b8fd4171812f3c7c36948d43c9bc24103dc51126640db84ea5d5cba04504c7c3e0ba483f2f2ad6db1f8997d93342132096149e060e78a05b20def144ae1a69a98adbfbad468a3d8c2bc7af91aa042d7663e497f6d2fd2a06f776b0adabc0dfc962621d7f53220fcb168a18d611580cdf60e37e1dd3b4998edb946965d63c563b067baace1af43457b89661cc73bcab25ba6a0c33abe997965f67174440cacadbd3c2d27499de20555dc47f2cd8ea65eebc2db9c0254f9ce3db74e12c37a490910281eb258890a655ff730c84c297e1212ff5305e06805b2b93e39329be0024632834f0f3e8a8fbed4d4abe8f8055c6865f211da534d86785cc3a69ed3499ad455061461f54ed5a99c3189777a64b888d9ca553f3065132b8cb566a74151c527b445f5906944dd5be5dc659f95c8ee723e5f08fbc776eb0e66d397a6cc8c44e9b42cf5dc9c2419eb672cf66be493616b5096512eaa9e0fc34dc21f3c7e5be237eb0f1a0f51b87ab53749dcba46351442e455a90fc4d7c09da3e3b011700815593569f935062bf2623b00cf663bbd560f062ec24d79382fc25c42bf53dd678c41fd61899f909ce74977d80ed20bf5a844ff0eaa600c20a946f4ff776de118f4d9124ee6df5c40f92c6515826fbea5ed9e71dc61961aab247780bd1ead1a0efd9adb775d09a6d0e942bbbf8b2fdc2a4be67b1542bd6efeffc7edd94e5a0ee63954673149a37938ae8e6cca90f062a83226586e10d8da0fe4e50633a7b658cbb0bbbb5dcd6fb35a1a2016c03dc35ace4d57fbb7c65b08ae0d155e0ee251ab28ee9ed43741a7776bfa3c6f0556f79138c02028451f8ec3d78aca68e29b779f11feadfb24ae69409e66d32d95965cd7409ce6143c22804f2d3c64139403e00a92b1534d88d99b01724572963c604345923b1eba7f495a1d9130a4702a151a48e157eebcc6e896b51c11f27ed73cdaf41f3ff28046e0f6ce623c57c1e3e2e88e18f13e6a21e69f932d1c5bae958cd88362e6ebe84930c31ba6d9e6e5abace0d384099d062c8943455ef1a001e7d9e5e9e4c059407b3b97c7404a4e392d33cf3b89d80822a93d8c5a510455a435cc1be8b545241743cd4cf77206eb45bbdc536aacb2424f77216962e47444dd36fbf3e0d7ddc2bb0e63aed8b80cd45e4ff3d8a45c147fda4ac604e6976de2ea09f6da5607905490e511", 0x1000}, {&(0x7f0000001300)="fde3570015a329412b0c15263da714dd988127fbf25915dc589ad8775063decf53c9f289933dd8ad9d68512c0acd8bc42d882241783399a8f805f0b25684a012ed81ab452de32dd0897bef4bb05be67e377c98d06695f9ada94da7850df49335c5e05eb49e13ba36d6572a029a5632ae491874a19d9d291da35bd6941331ab7754cac03e5ea6fde198bc1b54e17f37ef0d0914e6b412e79d2a9310ccc879027b75204de2c13ab74d7526bdbbca1bcb34af89c12747003fc5e3cdd816cd0a49ad0497f8551ca3ae34dc8f5773fd23298cf09e6b01c82b9bf9584b231fb00d3c15875cf401fbe41502de72b93918180a7ec1fbc893e9", 0xf5}, {&(0x7f0000001400)="03ef4390951d073503e55f5bbb386305c1905bf885da888acda38c5021910606d27352648437168123c17e875aa3a9b2e08c14553545c01739ea73e0b3c75797a6faf46308f266d63ad143e73023cadec19796da27f3fefb0b0d29f1b09b25746590a9a4346a3e1ebd0902e57a6cde350bac5748cc347634319b980df34bfaebfbd3bd6c67241aa55febad2b08a57ea7bccff7a95e6dae331dbcc661fd9fa2ec8f1cb7769a9e3c9dc820b1793efbcf5ac9f4184fd6b55f2f1e8c679f241e9b2fd68c67a6049cc0ea2e71074ba40a30", 0xcf}, {&(0x7f00000001c0)="b72238f9fd6d9d77c95f458ee1f426101ac778a0a3c13ed065d78416aea8fe1f02f5514fa8f4539a06275ddbdbe1cdf9c337b33575b0e04ac81034f6c7b9ba59dbf86539d2a96286073b049087544cbb06b4723b522680fd", 0x58}, {&(0x7f0000001500)="d20cfee470b384b6a1dca5a0786697055cbe5597898abe4ecf6499f399d046bed22fa69ffcf4bb7acfaecef64c6ea7b32df127fe21e652ec27bf3988f3f9ef642a0654c566a071a5d0e2dc7e1cb73f30fdd8d482ba8ea685ce9930134687fb8e22a13124a7886424e97635b0dfd3e80eefa43c3e279fc2bfaaffe20ec1209f680c8fe0cc72750b0b0226f684bbd445", 0x8f}, {&(0x7f00000015c0)="e0d4f57c04169c9e5dca4995f4ffeb1c3d38d9d1052eb769415bce6f3346e5a8e941334e33b38db74b2ba8e4f1428a9ea434dfd6bfcc361b5a20dab04cd979be3929964528b312c21ac9aa70c9bb54091e16922e431f80f37d5041e48fd389387cf6067e9d26b30f33441c56671e009020343588284b5d28705f7cb3719c3e919a37", 0x82}, {&(0x7f0000001680)="c8fea8d552e9e2b6ffc38c0757a36b9968fc7888e87ca3725bcb0e52bcae76a3eb374b0fecb604fa32cd026f66552dbfb1424a710248c45597863f86bb0d5a97daf2d62a07f85ea1dd36c68ba181866346a2fbbb145a474c30fbdb42e9f9c8cba27dc72ddbdc0beab116cf3f136e1bffbf369ce69dfdde19ce4a9019a7b55532031fb0406d651542c4d62a32eebe0a00295b5f69d3d4ff7a308d0ddf683724d4a5c39a1f8e5b012d5be171ee4d67e8f01d2a5ceb24fa5fc6a1b8a3873d47216ef27643d0ba96bda2d0fd52b8ba08835f3a4102e97779f8c9fd305b7928", 0xdd}], 0x9, &(0x7f0000002a40)=ANY=[@ANYBLOB="180000000000000017010000030000000000000000000000180000000000000017010000030000000100000000000000180000000000000017010000030000000000000000000000180000000000000017010000030000000000000000000000b8000000000000001701000002000000a0000000e19420c7648e72155b46a3efc3fecb319d4c184820553f4236b9e0be4ff77e473d7cbd262168e23971645c9fafadfd985ded3b6c00041a7668cf7ee49d84e295188a026dd193f7baa1e9c666b586c429c8c12827584c85a07d0d1c9194b2cfa871c439e39285e0380b10219472605407f31792efcd0be889f5bc861c4c75fcd22979926544c067118f0152ab5e5c2026f1d7083375976d6d1bf5a3a8f0921ceb000000001810000000000000170100000200000000100000f5d40306707999a6ae2af899e61a8676bfafae108cdfac38c9ac10543f3bd41669d0152b8b8e88b3dcd45bce32bb7f6509c433670ab9977afd7869c73e5192e78880338daf858876d7e060b3c00eedc8e84d99b2028c4b97721407e15dac6eb53b3f086f76fbb812c277aad9b584d3d6aa6609c351eb1a13d90b1d1fa5e2e92592065a7fd5885f6cf3806ac029b706371130407f7467b484dd922cfe3e7cecc1c5a47cfb21f406f632f4d0c8ffec80a902fef2c72c43c934238e25e541dc395d67b8f2841f7e460bc467e69cb25e7087c6eaea284cd1730d9a1d5bddf77a4fe3a1418aba5f2ce1f4d12c382b00cd5b4795d4aa1694d141439d1c60a4e47c895e48b930a4c804f6e87ad2f78b7a8d5e03478075858dd3bf3ca2693e53e1324b82520198a7d857822a00f788ed5f2aecebe5a9e483468b4ebe50c37259ad4c8acaf6236be8bc3cbcb62a3de5cfdc80166812bb6ff297b0aee4d541b334b33b3f7ad6c7b5d1d6d7310e3191a363e28b074f26298c70586618e36eae9ca4387b268b7931a350e4bfdd9056aac5b4dc48b2e7784ac0620235c3a16fdcf8e4b9f2b437938b59fac5dd225e4a63226a38add283e0f3e629807f2ac655e00070aa930c480d9070072373e6b9f8225a56838ef5827ebdf735bad85e055bbce52eda2e1c97a82fcd2399b02e13bc471af33ae4b5bbe3a55c00222fabc591560fce448bcfc91928cb65b77d97a7f824e18a6ca5a5b0b6943ed022d521877d2ca2a0fc3fc74295cc61ae909ef554ae03bd4646f9c53a4f5ee9229d95de9f7676f35a16d9bc522fa610f51347ddf91dace3994b8554bd3f8e90d904b2e065a7bd5ad150a9010b3d15c2df6b31575d0ecddb9a4f39b1fe2a84d742b08310fbbb42e5e29eb7a1711f3b5518fee01af5b8ca7dcf60b7e1304fad99ae0a7b3adb09c07204056f303b68acd770e78bab9a81cf90b8f3a6bb9c852c3d5c861075947351447f17a7620dc2e9625c243992ed3dffb9b5f57e69b6ae1754c1f23d86c0c5164200386db48789d83ccdbd1a455186c57d0ee5e0662ec8e8ae418a4d350ca6e945597027a57a6060a17df42826ddb9621f0fbac534d1c70bf0f8a881b2bb361d0a2266a6030c68a8185d4e69e1e5ee64c954ff6dc78d2c7ff5ae7f04ab8f710ae1b4c096dd667cd918494e7e8aafccafa2f32772205226dabda5c7548a7b157e51c715d4e39d76703259ddfa9b5a389e48d55fafac498cb39a4fb32b6dfac64c20bccc9abb04ffc32cb09a32ad10f2432f450d8ba2871a04bf9ba34c9f6ab92a242a1bea82d753bb9556eac7326419ef8f4e841bd743f6d79e6f20966f80dc350443f4322091633bfd1433b81fa62516b4270a1ff689374f59bbc33d1d019bdaa4f1311b09e3e852673881d0cedd6b8bca1f48eb542cd14a3b3f0380bbb42d7ea936019917f9b922e3731fadab7f6fc8537e0743aa866d468922fd1fef7bbebad2c9a2c60d42623713136b8f3babde90748db05b2882ca60ddd336ad6e3da1d492a3831b046fbcf9a38e5eae1868d78cfd1b997551c10cd8d93b78f9431b05db7de77ff63b397af23f74235efc829ff708be6dba849932b540552eff821887db3f441426f14216ee612beea9801bfd849367b692d40b62e9e5c94578d12487e59e461ecaddd22e2bf9d2e28146bd179dc36faf70a7c165e4949909cb2dd92173c1e0f886271558b8b70aa078f37d4eb7cf537da5314b163b7dad9743b3dbe80af953deab9016c48c67579cde33d5cc19a905a9124c5990810072b4bbabd79ddd8fd08e7926bdd9a9ba23caae1b3c84be379ddcbd369d25f77e6a8495411ed0b4486b256a506d6fd0a3ae5b8f0c2d7b7770c8480c7dbb59b6f90551f24f01c12091adfa64e3b25b062e9bee7bfef4031ee27784e949cd586b3b2ddb94babf511ce56e423ff0b221ad55ce639fd7fd7e25ea38acb3c803456bebe8f6d61a33a0a9196f6470c7ed414a138fbe10e4717c51303eb1dbb41ec20b9ce1309a39f225de3953fe94f950e57a323347d0279dd32ad9c6b83f1c04acebd0c1276cfd5c3b6865d943920d1e31983d7294a42565786948208fa5cfb3c8f3086b360d72baca6f749ced38aa300e43eb17e04554a51f175006de8132ab1a83270ba43c48ed00f043c5ef2be99f1426d7eb39e61fc4c62d2c14eb66bc1d947819dbb93a2ff77188012bcffd4e9ad8220bb122a43b663585dc528a1bf388bcc88b67ec7990a8072068a1e451ef650dc1ee7ad620cfbb8d8c3fd9994f91b5fc9645311ca92f2c73ad55e4119ce303ef3cde5bda87132a87a59bedb1edc55df8abcf52ed531a95b851ef8dffbaf62a3a587f56773181f8c41537cacb8df3914e1f1e493d2c4e86450ef4b359b64b7118659afb8f4902107e23fad2c950550529bfb5ab2d8bec2d79511158bcf37997f7ec5ff31f24ef9c534326d293c82b3fd472ed6c7116bcad41b7ae5c4780e8e6a22a1ff714b629703f5ed72a2ec2440c1af30d3190b269dc8bbd5e6ed0bc5360d614560a8deaf9608ac45ff23597ed4f84a9bfe0b666c04138880d259a137b15d64b83b953adb77dae41db7ed1004865d555d0a3f5d57f23712ed8bafe1a32b71523202845204e5cc1b02511b330ab80e70e33a33581f76d981c5ccd53c00d6b5eb6ba10df37e6b4eaab4a31a1473908fa6da663f01ca6e4decf10c057025b352e9c592be1fa80960d281937997c7650e0345ed149c733421855c2322fae404e987dba0cc53b2151a52886789da383a4dc5493758f4a08542d64913d11b90276b37e8d194a05896a52648abe0c85f7be02e2d456c9395890466db28b435bb66d8ae702ac7d568739fe71f65f38fb9faaf23e0b50914ea84f4e78b2d5bf271329874c275501b8503d06658316adecc0004ba7d57d778a4634c9f09da38443b61ee8c11c5385dccc38ab80a89dca6ac74409dfb6b9c7c56882ed22ddc9b77b3157a8c06db1e8497b9e3bc134b73c30c64c3b3d2ec5648e0d4f4d0575153c9dd0c0a6bef96d895546be9ac53147330fdda1e37891734a0f2f583cecd61a2ff0e2112b061fc9072c82db6aba229bdc4a8a17fdb90345a472a387b675cafd8889e28411cfae34f11882c0ce582f5c82c1633ce5ddaed7b6f56895fefa0c971581a672e0bbaf6efca27490fac951432bd717fa2182d07b6d659b41bb41f1897902af311782394b874b321ca57d377e1936ec058ca9313fd8cbdccc48f3255015836db70f8c3a9b99935e2773494b7b25142d3ce93df855e0ede5ca8f18bd400a2783b7ecab9af5a266269a78f0c2316cb0838a91d52d8e69428a0df059ddef1eb250696e29d6cb70f135a7e1c44d0b8cfc884b4bb5f1fe635225065c9930047390919c609147bbb05dee9813adf7abac29ec5469669fb0d34a977e46a8eacb5aaf25b4ec6631e521028cde99186aa81a7855b767fcaa149f874ff409427520b60e019f3b1ee24866f3cf6438db877d2d3309c9924572e4b6e8851bdc2a26821c8f2cc2f29fee8e0e9ca95340492caedf4e8aa1e0871fa08aa38753600a8aa845860c45977baeb276edfba86ad4788a05ef52906575538213ba8d4b7268af672c5985848247b6f67bfa1c81f4ce6cc3f39827490ba301c9e5a2e88c8b05875d35278be0bb7657435b6a57382e19d7cac501e5869ac101642ffaf76c072b7b068d231d0d729481aae4f17b897fe7b815ebbd5d42a87a79671919408420939a0d339f260f98730af3b6b48f2c6bdfb0def13390dd43360ebe46f792b788b1507cee6348d41586b9248d9f8342ffef45b53622f32e93a320f9aa89857a0176e122244ccffe78d5ad925e1a268bb53efab2517c5b3ddc6ae346d673421c6aaef0c31bfdf3b0888cb2fc3afca720e10e725a92fa300f3a8413399d3ef4e53f16635b9ec15fb5a8ff5026cc0d7ef10e82a666f3d09d0aff9ac153241975b21e34d20113e873646014aa449b957a5ca4a1c5312890956a62301e6cebe48f1b7c016681449a0b0805bb11fe6c5932e255dd48b2344d22ad638bf2c4a9f6ac127a1fa250cc7533fc08d40d89af61169dea3fa9953d7928aab7a3d35a76c1bdc37ca437ce9958746dcee21513fb7840b3ce6b0fbf2160dc0f4d91c8ebe09b7e1e442920bb0575eb7d89de2bb1256c910ba74be3bd2c71eedaaa4314236717ac749cddde6368878b62576a6e90eae031663e4f826d1eac971bb46ad311e484218225e5426d42e219bcce242593a4c40c56c961599ded08515d16283c8647d17beec8cbd9cd09b7ae1d766c6a343b2a1d8dfea9bf7ed3f379c6b15214efae1c02883483a35c75f56fd828e1e22746f47ead8da5b200351db106aad2f9612d20b15787ca24e1c05553880a51bf2d099537cf64a8af45cfce3ceb8f245b9ca1f4ac93eddf868d384193b928113e68b2a59f16e7f2aaa8401f0599725b5620443dac890699a6d6efc3feaaf26e9a4f559243b292e9682b66c1a27f10d0abfab5e305ccb855c945e7ac419786a4d4245638d4ad381bf3e5bceafb863e8a435aab1cd99937235270e0497f606e2ceef814e2a02b5b54f3ca20c5c933dcd1d287aa2b6551f9d85cb60d44bc308ebf5d89c574b08d62d6c334a1d2c05df2dde26c8b377c94071add480036dd67e3cf4dc925ca147bdd0e8110effde641c0976615bec1a41e04dfcce3caa3f2f19c5fe5720ad4a8b7c62e36f4d9d1324c430b28b99a8910e85c7e69cefe29cd3a925ccf335ed5409265fa24b7dbf1658d0d1d8a5c6cfd7a76e6c7034e072f84e4ebe04b28aa20e5ba169346795dd64b9253e96463822757bd4bb9f4bd90b48465ae1ca0f1b5bf99502bcbcbcf66852d61db11da8633e5aebfb4f86aadc672c9a73a22cf1854e8c55aa90107fe92095aa42278697e1b024b4ecdda6bc05af0e7035a4b14f2bbc2bac3d8e0b98fea09f43704428764b9d2a61dd093228c2295329816f1e4cd00eadf33bd09987d16e95309c157ab3e254493f4b78291c9a98d50493c1d8e08d81c4224e0ead80ab9ef1087aaf7f2b4e0d23eb058bc72e9977b603dac2e2750f5f028e36e874dea8f62bea65b6f70c9f62c57ce9d099c78d7f28d0071689fcc7da7dfd94ab61b56d64f86e362cfe21605d9c3095e3fc82e6e890edbfa7852c687898b7920a545d74180f6363600cff945aca81a3eb9efbc6ecdaf74743611ab5700d5e563feba29da41ba2e38a77ecd126716211b4fac8c24b90d38b39a3ee41b6ab41267633d3a7b025e58cc96bf710c007cb33a308f403f26c382b660e11b23ba1932417783ace06089595fb16b582f684bc05d7fb7a852e8b4e6a59f92ddf6fc85380638bf894dc5144269c2ec9ab105b79889874e7f2a5880d9ae967b0176f9f1cb10ab674eb3a4138ed37f773a25b2b67947325ab854394f7fb498f0079681fd9a054b8692ae61af3d0e7eb6d27c5b4222bbca3d5b2e4c924c65b8f8363ea7bab9a4613d3d4a974f7fdd53d42b04fa3ce7f427fe1c8db3b76ab3af9808e11a54a117df4fb82c54cbce72608d11882ba89058ec88107a347192951b72daceee646f4974aec88da01af2809defac3467e93163ccccb852a87b4d8b08dadca252f97c1c3f06877d89471b553df7abe296e19bda6bb1446a00e7493818bf6991f2bb924681a9ed168bb9176c1ac464437b7864ec3535136064c6387600a32117c9b9768b284f1d2d804a8ff78025c5c2a4bc393071e585fc166d4f6538da4082776061999085e18985fca35217149604c148bfa57c6bc23e9ba86e0000000018000000000000001701000004000000f8ffffff000000001800000000000000170100000300000000000000000000001800000000000000170100000300000000000000000000001cd1cc32b80b9e3b6162a66379da20caac5d89c8e7338c9277fd9ab18301b00e1617a6d6187238dacd0105e5690725bc0278e5ed85bb1ba18c5b1f696d53144133e77f23a207d98bde1c6e1ee0b5665c57bce46e75118b654293a8047e356e0f02412042f3c560361e49081205153a0cfa4c363d18"], 0x1178, 0x4040000}, 0x20000010) sendto$llc(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x18, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfdfdffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:19 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)) 03:41:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3ba, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:19 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfk\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:19 executing program 4 (fault-call:0 fault-nth:53): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2757.430644] FAULT_INJECTION: forcing a failure. [ 2757.430644] name failslab, interval 1, probability 0, space 0, times 0 [ 2757.441949] CPU: 0 PID: 4871 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2757.450389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2757.459751] Call Trace: [ 2757.462352] dump_stack+0x1c9/0x2b4 [ 2757.465993] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2757.471204] ? __kernel_text_address+0xd/0x40 [ 2757.475730] ? unwind_get_return_address+0x61/0xa0 03:41:19 executing program 5: perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0x910, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000140)=""/155) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000080)=""/99) 03:41:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x205, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2757.480684] should_fail.cold.4+0xa/0x11 [ 2757.484780] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2757.489909] ? save_stack+0xa9/0xd0 [ 2757.493555] ? save_stack+0x43/0xd0 [ 2757.497194] ? kasan_kmalloc+0xc4/0xe0 [ 2757.501098] ? kmem_cache_alloc_trace+0x152/0x780 [ 2757.505972] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2757.511162] ? __list_lru_init+0x4d6/0x840 [ 2757.515398] ? alloc_super+0x976/0xb10 [ 2757.519301] ? sget+0x10b/0x150 [ 2757.522591] ? mount_bdev+0x115/0x3e0 [ 2757.526398] ? get_super_block+0x3c/0x50 03:41:19 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x16, @multicast1=0xe0000001, 0x4e21, 0x2, 'sed\x00', 0x10, 0x6, 0x5d}, 0x2c) r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x7, 0x0, 0x100000000000, @link_local={0x1, 0x80, 0xc2}}, 0x10) [ 2757.530821] ? legacy_get_tree+0x118/0x440 [ 2757.535066] ? vfs_get_tree+0x1cb/0x5c0 [ 2757.539052] ? do_mount+0x6c1/0x1fb0 [ 2757.542771] ? ksys_mount+0x12d/0x140 [ 2757.546584] ? __x64_sys_mount+0xbe/0x150 [ 2757.550740] ? do_syscall_64+0x1b9/0x820 [ 2757.554803] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2757.560437] ? save_stack+0xa9/0xd0 [ 2757.564064] ? lock_acquire+0x1e4/0x540 [ 2757.568036] ? fs_reclaim_acquire+0x20/0x20 [ 2757.572378] ? lock_downgrade+0x8f0/0x8f0 [ 2757.576529] ? do_mount+0x6c1/0x1fb0 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x15, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2757.580243] ? kmem_cache_alloc_node_trace+0x5ce/0x770 [ 2757.585538] ? check_same_owner+0x340/0x340 [ 2757.589878] ? rcu_note_context_switch+0x730/0x730 [ 2757.594828] __should_failslab+0x124/0x180 [ 2757.599080] should_failslab+0x9/0x14 [ 2757.602900] kmem_cache_alloc_trace+0x2cb/0x780 [ 2757.607579] ? kasan_kmalloc+0xc4/0xe0 [ 2757.611478] __memcg_init_list_lru_node+0x185/0x2d0 [ 2757.616499] ? kvfree_rcu+0x20/0x20 [ 2757.620133] ? __kmalloc_node+0x47/0x70 [ 2757.624118] __list_lru_init+0x4d6/0x840 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3f000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2757.628189] ? list_lru_destroy+0x500/0x500 [ 2757.632516] ? prealloc_shrinker+0x213/0x480 [ 2757.636929] ? __init_waitqueue_head+0x9e/0x150 [ 2757.641602] ? inactive_list_is_low+0x850/0x850 [ 2757.646276] ? __lockdep_init_map+0x105/0x590 [ 2757.650776] alloc_super+0x976/0xb10 [ 2757.654498] ? destroy_unused_super.part.11+0x110/0x110 [ 2757.659885] ? lock_downgrade+0x8f0/0x8f0 [ 2757.664044] ? kasan_check_read+0x11/0x20 [ 2757.668203] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2757.672808] ? kasan_check_write+0x14/0x20 [ 2757.677048] ? do_raw_spin_lock+0xc1/0x200 [ 2757.681288] sget_userns+0x276/0x860 [ 2757.685002] ? kill_litter_super+0x60/0x60 [ 2757.689243] ? test_single_super+0x10/0x10 [ 2757.693479] ? vfs_get_super+0x270/0x270 [ 2757.697545] ? kasan_check_read+0x11/0x20 [ 2757.701699] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2757.706286] ? kasan_check_write+0x14/0x20 [ 2757.710521] ? do_raw_spin_lock+0xc1/0x200 [ 2757.714772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2757.720311] ? ns_capable_common+0x13f/0x170 [ 2757.724724] ? kill_litter_super+0x60/0x60 [ 2757.728961] sget+0x10b/0x150 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2ee, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x5, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2757.732069] ? test_single_super+0x10/0x10 [ 2757.736312] mount_bdev+0x115/0x3e0 [ 2757.739952] ? finish_unfinished+0x14e0/0x14e0 [ 2757.744546] get_super_block+0x3c/0x50 [ 2757.748442] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2757.752774] legacy_get_tree+0x118/0x440 [ 2757.756851] vfs_get_tree+0x1cb/0x5c0 [ 2757.760660] ? vfs_set_fs_source+0x12c/0x180 [ 2757.765086] do_mount+0x6c1/0x1fb0 [ 2757.768637] ? check_same_owner+0x340/0x340 [ 2757.772970] ? lock_release+0xa30/0xa30 [ 2757.776960] ? copy_mount_string+0x40/0x40 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1800000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2757.781207] ? kasan_kmalloc+0xc4/0xe0 [ 2757.785110] ? kmem_cache_alloc_trace+0x318/0x780 [ 2757.789964] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2757.795504] ? _copy_from_user+0xdf/0x150 [ 2757.799653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2757.805195] ? copy_mount_options+0x285/0x380 [ 2757.809697] ksys_mount+0x12d/0x140 [ 2757.813326] __x64_sys_mount+0xbe/0x150 [ 2757.817304] do_syscall_64+0x1b9/0x820 [ 2757.821198] ? finish_task_switch+0x1d3/0x870 [ 2757.825705] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2757.830641] ? syscall_return_slowpath+0x31d/0x5e0 [ 2757.835578] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2757.840603] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2757.846145] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2757.851189] ? perf_trace_sys_enter+0xb10/0xb10 [ 2757.855961] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2757.860818] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2757.866006] RIP: 0033:0x45885a 03:41:19 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2757.869186] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2757.888408] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2757.896127] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2757.903403] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2757.910681] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2757.917952] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2757.925226] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000035 03:41:19 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfu\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:19 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x7, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x9c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:19 executing program 5: 03:41:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x3fc], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:20 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000000)=0x400) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:20 executing program 4 (fault-call:0 fault-nth:54): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:20 executing program 5: 03:41:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x360, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:20 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x16aaaafeffaaaaa8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfc03], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:20 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfX\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2758.755159] FAULT_INJECTION: forcing a failure. [ 2758.755159] name failslab, interval 1, probability 0, space 0, times 0 [ 2758.766485] CPU: 1 PID: 4943 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2758.774838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2758.784255] Call Trace: [ 2758.786857] dump_stack+0x1c9/0x2b4 [ 2758.790502] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2758.795713] ? __kernel_text_address+0xd/0x40 [ 2758.800225] ? unwind_get_return_address+0x61/0xa0 [ 2758.805171] should_fail.cold.4+0xa/0x11 [ 2758.809274] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2758.814483] ? save_stack+0xa9/0xd0 [ 2758.818176] ? save_stack+0x43/0xd0 [ 2758.821823] ? kasan_kmalloc+0xc4/0xe0 [ 2758.825918] ? kmem_cache_alloc_trace+0x152/0x780 [ 2758.830779] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2758.835982] ? __list_lru_init+0x4d6/0x840 [ 2758.840226] ? alloc_super+0x976/0xb10 [ 2758.844133] ? sget+0x10b/0x150 [ 2758.847422] ? mount_bdev+0x115/0x3e0 [ 2758.851229] ? get_super_block+0x3c/0x50 03:41:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:20 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x9, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:20 executing program 5: 03:41:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x32f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:20 executing program 5: [ 2758.855304] ? legacy_get_tree+0x118/0x440 [ 2758.859564] ? vfs_get_tree+0x1cb/0x5c0 [ 2758.863552] ? do_mount+0x6c1/0x1fb0 [ 2758.867282] ? ksys_mount+0x12d/0x140 [ 2758.871106] ? __x64_sys_mount+0xbe/0x150 [ 2758.875272] ? do_syscall_64+0x1b9/0x820 [ 2758.879343] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2758.884728] ? save_stack+0xa9/0xd0 [ 2758.888373] ? lock_acquire+0x1e4/0x540 [ 2758.892363] ? fs_reclaim_acquire+0x20/0x20 [ 2758.896700] ? lock_downgrade+0x8f0/0x8f0 [ 2758.900870] ? do_mount+0x6c1/0x1fb0 03:41:20 executing program 5: [ 2758.904610] ? check_same_owner+0x340/0x340 [ 2758.908941] ? rcu_note_context_switch+0x730/0x730 [ 2758.913882] __should_failslab+0x124/0x180 [ 2758.918145] should_failslab+0x9/0x14 [ 2758.921970] kmem_cache_alloc_trace+0x2cb/0x780 [ 2758.926653] ? kasan_kmalloc+0xc4/0xe0 [ 2758.930559] __memcg_init_list_lru_node+0x185/0x2d0 [ 2758.935586] ? kvfree_rcu+0x20/0x20 [ 2758.939220] ? __kmalloc_node+0x47/0x70 [ 2758.943199] __list_lru_init+0x4d6/0x840 [ 2758.947263] ? list_lru_destroy+0x500/0x500 [ 2758.951697] ? prealloc_shrinker+0x213/0x480 03:41:20 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2758.956113] ? __init_waitqueue_head+0x9e/0x150 [ 2758.960790] ? inactive_list_is_low+0x850/0x850 [ 2758.965468] ? __lockdep_init_map+0x105/0x590 [ 2758.969972] alloc_super+0x976/0xb10 [ 2758.973808] ? destroy_unused_super.part.11+0x110/0x110 [ 2758.979183] ? lock_downgrade+0x8f0/0x8f0 [ 2758.983344] ? kasan_check_read+0x11/0x20 [ 2758.987499] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2758.992089] ? kasan_check_write+0x14/0x20 [ 2758.996326] ? do_raw_spin_lock+0xc1/0x200 [ 2759.000563] sget_userns+0x276/0x860 [ 2759.004277] ? kill_litter_super+0x60/0x60 [ 2759.008517] ? test_single_super+0x10/0x10 [ 2759.012756] ? vfs_get_super+0x270/0x270 [ 2759.016821] ? kasan_check_read+0x11/0x20 [ 2759.020972] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2759.025561] ? kasan_check_write+0x14/0x20 [ 2759.029798] ? do_raw_spin_lock+0xc1/0x200 [ 2759.034747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2759.040291] ? ns_capable_common+0x13f/0x170 [ 2759.044708] ? kill_litter_super+0x60/0x60 [ 2759.048948] sget+0x10b/0x150 [ 2759.052056] ? test_single_super+0x10/0x10 [ 2759.056295] mount_bdev+0x115/0x3e0 [ 2759.059924] ? finish_unfinished+0x14e0/0x14e0 [ 2759.064514] get_super_block+0x3c/0x50 [ 2759.068411] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2759.072740] legacy_get_tree+0x118/0x440 [ 2759.076823] vfs_get_tree+0x1cb/0x5c0 [ 2759.080628] ? vfs_set_fs_source+0x12c/0x180 [ 2759.085037] do_mount+0x6c1/0x1fb0 [ 2759.088575] ? check_same_owner+0x340/0x340 [ 2759.092896] ? lock_release+0xa30/0xa30 [ 2759.096909] ? copy_mount_string+0x40/0x40 [ 2759.101148] ? kasan_kmalloc+0xc4/0xe0 [ 2759.105046] ? kmem_cache_alloc_trace+0x318/0x780 [ 2759.109903] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2759.115437] ? _copy_from_user+0xdf/0x150 [ 2759.119601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2759.125237] ? copy_mount_options+0x285/0x380 [ 2759.129737] ksys_mount+0x12d/0x140 [ 2759.133713] __x64_sys_mount+0xbe/0x150 [ 2759.137692] do_syscall_64+0x1b9/0x820 [ 2759.141579] ? finish_task_switch+0x1d3/0x870 [ 2759.146079] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2759.151004] ? syscall_return_slowpath+0x31d/0x5e0 [ 2759.155936] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2759.160975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2759.166514] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2759.171546] ? perf_trace_sys_enter+0xb10/0xb10 [ 2759.176212] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2759.181062] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2759.186252] RIP: 0033:0x45885a [ 2759.189430] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2759.208699] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2759.216417] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2759.223685] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2759.230953] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2759.238220] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2759.245510] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000036 03:41:21 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0xe4, &(0x7f0000000440)="025cc83d6d345f8f762070b0e9006b08c268586b55bf2bfb5e2fd6db9863000000000000008c889c625b0f751dd58da80c5b5df8a868ad1cffb4152e602b42288866c379344d049c7c47a360d68d1b67127047ce61b0df2bf7fd873799a7") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) io_setup(0xff, &(0x7f0000000040)=0x0) io_cancel(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="8db47600fa0a0773360c9c9acadd5ad8a321ba8caaddfe68eeca30bd2837f3cb3abce3e0f37aa9556ffbffcbb8d6b880ca3c2afb824d4ac3a72e5eb2b8d1", 0x3e, 0x8, 0x0, 0x0, r0}, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000140)=""/134, &(0x7f0000000000)=0x86) 03:41:21 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xe00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:21 executing program 5: 03:41:21 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x77, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:21 executing program 4 (fault-call:0 fault-nth:55): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:21 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfl\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2759.760944] FAULT_INJECTION: forcing a failure. [ 2759.760944] name failslab, interval 1, probability 0, space 0, times 0 [ 2759.772344] CPU: 0 PID: 4990 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2759.780671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2759.790032] Call Trace: [ 2759.792636] dump_stack+0x1c9/0x2b4 [ 2759.796314] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2759.801508] ? __kernel_text_address+0xd/0x40 [ 2759.806024] ? unwind_get_return_address+0x61/0xa0 [ 2759.810978] should_fail.cold.4+0xa/0x11 [ 2759.815041] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2759.820143] ? save_stack+0xa9/0xd0 [ 2759.823766] ? save_stack+0x43/0xd0 [ 2759.827927] ? kasan_kmalloc+0xc4/0xe0 [ 2759.831830] ? kmem_cache_alloc_trace+0x152/0x780 [ 2759.836708] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2759.841897] ? __list_lru_init+0x4d6/0x840 [ 2759.846132] ? alloc_super+0x976/0xb10 [ 2759.850019] ? sget+0x10b/0x150 [ 2759.853312] ? mount_bdev+0x115/0x3e0 [ 2759.857113] ? get_super_block+0x3c/0x50 [ 2759.861174] ? legacy_get_tree+0x118/0x440 [ 2759.865405] ? vfs_get_tree+0x1cb/0x5c0 [ 2759.869392] ? do_mount+0x6c1/0x1fb0 [ 2759.873487] ? ksys_mount+0x12d/0x140 [ 2759.877307] ? __x64_sys_mount+0xbe/0x150 [ 2759.881453] ? do_syscall_64+0x1b9/0x820 [ 2759.885517] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2759.890884] ? __sched_text_start+0x8/0x8 [ 2759.895050] ? lock_acquire+0x1e4/0x540 [ 2759.899041] ? fs_reclaim_acquire+0x20/0x20 [ 2759.903383] ? lock_downgrade+0x8f0/0x8f0 [ 2759.907549] ? do_mount+0x6c1/0x1fb0 03:41:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:21 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa15, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:21 executing program 5: r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") sendmsg$nl_generic(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000740)={0x14, 0x1a, 0x201}, 0x14}, 0x1}, 0x0) 03:41:21 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2759.911282] ? check_same_owner+0x340/0x340 [ 2759.915614] ? rcu_note_context_switch+0x730/0x730 [ 2759.920566] __should_failslab+0x124/0x180 [ 2759.924810] should_failslab+0x9/0x14 [ 2759.928619] kmem_cache_alloc_trace+0x2cb/0x780 [ 2759.933291] ? kasan_kmalloc+0xc4/0xe0 [ 2759.937187] __memcg_init_list_lru_node+0x185/0x2d0 [ 2759.942986] ? kvfree_rcu+0x20/0x20 [ 2759.946632] ? __kmalloc_node+0x47/0x70 [ 2759.950615] __list_lru_init+0x4d6/0x840 [ 2759.954687] ? list_lru_destroy+0x500/0x500 03:41:21 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xc, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2759.959019] ? prealloc_shrinker+0x213/0x480 [ 2759.963434] ? __init_waitqueue_head+0x9e/0x150 [ 2759.968109] ? inactive_list_is_low+0x850/0x850 [ 2759.972792] ? __lockdep_init_map+0x105/0x590 [ 2759.977301] alloc_super+0x976/0xb10 [ 2759.981025] ? destroy_unused_super.part.11+0x110/0x110 [ 2759.986399] ? lock_downgrade+0x8f0/0x8f0 [ 2759.990555] ? kasan_check_read+0x11/0x20 [ 2759.994708] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2759.999301] ? kasan_check_write+0x14/0x20 [ 2760.003545] ? do_raw_spin_lock+0xc1/0x200 [ 2760.007790] sget_userns+0x276/0x860 03:41:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0xfffffdfd], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2760.011515] ? kill_litter_super+0x60/0x60 [ 2760.015757] ? test_single_super+0x10/0x10 [ 2760.019996] ? vfs_get_super+0x270/0x270 [ 2760.024062] ? kasan_check_read+0x11/0x20 [ 2760.028217] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2760.032801] ? kasan_check_write+0x14/0x20 [ 2760.037033] ? do_raw_spin_lock+0xc1/0x200 [ 2760.041860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2760.047402] ? ns_capable_common+0x13f/0x170 [ 2760.051819] ? kill_litter_super+0x60/0x60 [ 2760.056062] sget+0x10b/0x150 03:41:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x120, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2760.059171] ? test_single_super+0x10/0x10 [ 2760.063417] mount_bdev+0x115/0x3e0 [ 2760.067048] ? finish_unfinished+0x14e0/0x14e0 [ 2760.071639] get_super_block+0x3c/0x50 [ 2760.075538] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2760.079877] legacy_get_tree+0x118/0x440 [ 2760.083949] vfs_get_tree+0x1cb/0x5c0 [ 2760.087793] ? vfs_set_fs_source+0x12c/0x180 [ 2760.092235] do_mount+0x6c1/0x1fb0 [ 2760.095787] ? check_same_owner+0x340/0x340 [ 2760.100117] ? lock_release+0xa30/0xa30 [ 2760.104103] ? copy_mount_string+0x40/0x40 [ 2760.108348] ? retint_kernel+0x10/0x10 [ 2760.112247] ? copy_mount_options+0x1f0/0x380 [ 2760.116749] ? __sanitizer_cov_trace_pc+0x32/0x50 [ 2760.121597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2760.127495] ? copy_mount_options+0x285/0x380 [ 2760.132001] ksys_mount+0x12d/0x140 [ 2760.135638] __x64_sys_mount+0xbe/0x150 [ 2760.139620] do_syscall_64+0x1b9/0x820 [ 2760.143518] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2760.148470] ? syscall_return_slowpath+0x31d/0x5e0 [ 2760.153423] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2760.158449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2760.163989] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2760.169008] ? perf_trace_sys_enter+0xb10/0xb10 [ 2760.173681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2760.178531] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2760.183723] RIP: 0033:0x45885a [ 2760.186907] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2760.206188] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2760.213922] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2760.221194] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2760.228464] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2760.235743] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2760.243015] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000037 03:41:22 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) sched_yield() openat$null(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/null\x00', 0x200000, 0x0) ioctl(r1, 0x4, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) accept$unix(r0, &(0x7f0000000740)=@abs, &(0x7f0000000200)=0x6e) recvmmsg(r1, &(0x7f0000000240)=[{{&(0x7f0000000000)=@un=@abs, 0x0, &(0x7f0000000680)=[{&(0x7f0000000140)=""/183}, {&(0x7f00000002c0)=""/252}, {&(0x7f00000003c0)=""/243}, {&(0x7f0000000700)=""/39}, {&(0x7f00000004c0)=""/84}, {&(0x7f0000000540)=""/115}, {&(0x7f00000005c0)=""/164}, {&(0x7f0000001300)=""/4096}], 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x1ff}], 0x400000000000010, 0x100, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x3bf, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:22 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x300, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:22 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) 03:41:22 executing program 4 (fault-call:0 fault-nth:56): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:22 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf%\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2760.912989] FAULT_INJECTION: forcing a failure. [ 2760.912989] name failslab, interval 1, probability 0, space 0, times 0 [ 2760.924342] CPU: 0 PID: 5035 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2760.932657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2760.942010] Call Trace: [ 2760.944601] dump_stack+0x1c9/0x2b4 [ 2760.948225] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2760.953418] ? kasan_check_write+0x14/0x20 [ 2760.957666] should_fail.cold.4+0xa/0x11 [ 2760.961736] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2760.966838] ? vfs_get_tree+0x1cb/0x5c0 [ 2760.970808] ? do_mount+0x6c1/0x1fb0 [ 2760.974519] ? ksys_mount+0x12d/0x140 [ 2760.978320] ? __x64_sys_mount+0xbe/0x150 [ 2760.982469] ? do_syscall_64+0x1b9/0x820 [ 2760.986535] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2760.991903] ? __list_lru_init+0x409/0x840 [ 2760.996139] ? lock_downgrade+0x8f0/0x8f0 [ 2761.000286] ? lock_acquire+0x1e4/0x540 [ 2761.004261] ? fs_reclaim_acquire+0x20/0x20 [ 2761.008587] ? lock_downgrade+0x8f0/0x8f0 [ 2761.012736] ? do_mount+0x6c1/0x1fb0 [ 2761.016455] ? lock_acquire+0x1e4/0x540 [ 2761.020436] ? lock_acquire+0x1e4/0x540 [ 2761.024410] ? fs_reclaim_acquire+0x20/0x20 [ 2761.028739] ? lock_downgrade+0x8f0/0x8f0 [ 2761.032906] ? check_same_owner+0x340/0x340 [ 2761.037228] ? check_same_owner+0x340/0x340 [ 2761.041552] ? rcu_note_context_switch+0x730/0x730 [ 2761.046483] __should_failslab+0x124/0x180 [ 2761.050725] should_failslab+0x9/0x14 [ 2761.054524] __kmalloc+0x2c8/0x760 [ 2761.058073] ? kvfree_rcu+0x20/0x20 [ 2761.061699] ? __list_lru_init+0x151/0x840 [ 2761.065936] __list_lru_init+0x151/0x840 [ 2761.069993] ? list_lru_destroy+0x500/0x500 [ 2761.074315] ? prealloc_shrinker+0x213/0x480 [ 2761.078723] ? __init_waitqueue_head+0x9e/0x150 [ 2761.083391] ? inactive_list_is_low+0x850/0x850 [ 2761.088066] ? __lockdep_init_map+0x105/0x590 [ 2761.092562] alloc_super+0x9a6/0xb10 [ 2761.096280] ? destroy_unused_super.part.11+0x110/0x110 [ 2761.101645] ? lock_downgrade+0x8f0/0x8f0 [ 2761.105791] ? kasan_check_read+0x11/0x20 [ 2761.109945] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2761.114522] ? kasan_check_write+0x14/0x20 [ 2761.118754] ? do_raw_spin_lock+0xc1/0x200 [ 2761.122989] sget_userns+0x276/0x860 [ 2761.126696] ? kill_litter_super+0x60/0x60 [ 2761.130925] ? test_single_super+0x10/0x10 [ 2761.135156] ? vfs_get_super+0x270/0x270 [ 2761.139214] ? kasan_check_read+0x11/0x20 [ 2761.143365] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2761.147949] ? kasan_check_write+0x14/0x20 [ 2761.152186] ? do_raw_spin_lock+0xc1/0x200 [ 2761.156437] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.161972] ? ns_capable_common+0x13f/0x170 [ 2761.166376] ? kill_litter_super+0x60/0x60 [ 2761.170613] sget+0x10b/0x150 [ 2761.173713] ? test_single_super+0x10/0x10 [ 2761.177945] mount_bdev+0x115/0x3e0 [ 2761.181571] ? finish_unfinished+0x14e0/0x14e0 [ 2761.186149] get_super_block+0x3c/0x50 [ 2761.190035] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2761.194372] legacy_get_tree+0x118/0x440 [ 2761.198437] vfs_get_tree+0x1cb/0x5c0 [ 2761.202329] ? vfs_set_fs_source+0x12c/0x180 [ 2761.206738] do_mount+0x6c1/0x1fb0 [ 2761.210278] ? check_same_owner+0x340/0x340 [ 2761.214601] ? lock_release+0xa30/0xa30 [ 2761.218578] ? copy_mount_string+0x40/0x40 [ 2761.222811] ? kasan_kmalloc+0xc4/0xe0 [ 2761.226695] ? kmem_cache_alloc_trace+0x318/0x780 [ 2761.231538] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2761.237071] ? _copy_from_user+0xdf/0x150 [ 2761.241218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.246771] ? copy_mount_options+0x285/0x380 [ 2761.251267] ksys_mount+0x12d/0x140 [ 2761.254891] __x64_sys_mount+0xbe/0x150 [ 2761.258866] do_syscall_64+0x1b9/0x820 [ 2761.262750] ? finish_task_switch+0x1d3/0x870 [ 2761.267244] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2761.272177] ? syscall_return_slowpath+0x31d/0x5e0 [ 2761.277117] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2761.282134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.287668] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2761.292681] ? perf_trace_sys_enter+0xb10/0xb10 [ 2761.297348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2761.302199] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2761.307466] RIP: 0033:0x45885a [ 2761.310642] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2761.329916] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2761.337725] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2761.344994] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2761.352259] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 03:41:23 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x0, @dev={0xac, 0x14}}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000002240)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], &(0x7f0000003a40)=0x1) unshare(0x24020400) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x7b, &(0x7f0000000040)={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000002c0)={0x4, 0x200, 0xfffffffffffffff8, 0x8, r2}, 0x10) 03:41:23 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1e00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x29a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2761.359525] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2761.366787] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000038 03:41:23 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x30b42efeff20d270, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfc030000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:23 executing program 4 (fault-call:0 fault-nth:57): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2761.517859] FAULT_INJECTION: forcing a failure. [ 2761.517859] name failslab, interval 1, probability 0, space 0, times 0 [ 2761.529193] CPU: 1 PID: 5065 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2761.537514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2761.546917] Call Trace: [ 2761.549513] dump_stack+0x1c9/0x2b4 [ 2761.553165] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2761.558366] ? __kernel_text_address+0xd/0x40 [ 2761.562890] ? unwind_get_return_address+0x61/0xa0 [ 2761.567826] should_fail.cold.4+0xa/0x11 [ 2761.571903] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2761.577013] ? save_stack+0xa9/0xd0 [ 2761.580638] ? save_stack+0x43/0xd0 [ 2761.584283] ? kasan_kmalloc+0xc4/0xe0 [ 2761.588181] ? kmem_cache_alloc_trace+0x152/0x780 [ 2761.593030] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2761.598216] ? __list_lru_init+0x4d6/0x840 [ 2761.602900] ? alloc_super+0x976/0xb10 [ 2761.606788] ? sget+0x10b/0x150 [ 2761.610064] ? mount_bdev+0x115/0x3e0 [ 2761.613861] ? get_super_block+0x3c/0x50 [ 2761.617921] ? legacy_get_tree+0x118/0x440 [ 2761.622152] ? vfs_get_tree+0x1cb/0x5c0 [ 2761.626216] ? do_mount+0x6c1/0x1fb0 [ 2761.629934] ? ksys_mount+0x12d/0x140 [ 2761.633753] ? __x64_sys_mount+0xbe/0x150 [ 2761.637926] ? do_syscall_64+0x1b9/0x820 [ 2761.642532] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2761.647909] ? save_stack+0xa9/0xd0 [ 2761.651539] ? lock_acquire+0x1e4/0x540 [ 2761.655522] ? fs_reclaim_acquire+0x20/0x20 [ 2761.659845] ? lock_downgrade+0x8f0/0x8f0 [ 2761.664004] ? lock_downgrade+0x8f0/0x8f0 [ 2761.668159] ? check_same_owner+0x340/0x340 [ 2761.672478] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2761.676892] ? rcu_note_context_switch+0x730/0x730 [ 2761.681831] __should_failslab+0x124/0x180 [ 2761.686070] should_failslab+0x9/0x14 [ 2761.689877] kmem_cache_alloc_trace+0x2cb/0x780 [ 2761.694555] __memcg_init_list_lru_node+0x185/0x2d0 [ 2761.699603] ? kvfree_rcu+0x20/0x20 [ 2761.703236] ? __kmalloc_node+0x47/0x70 [ 2761.707214] __list_lru_init+0x4d6/0x840 [ 2761.711276] ? list_lru_destroy+0x500/0x500 [ 2761.715602] ? prealloc_shrinker+0x213/0x480 [ 2761.720010] ? __init_waitqueue_head+0x9e/0x150 [ 2761.724681] ? inactive_list_is_low+0x850/0x850 [ 2761.729356] ? __lockdep_init_map+0x105/0x590 [ 2761.733858] alloc_super+0x976/0xb10 [ 2761.737581] ? destroy_unused_super.part.11+0x110/0x110 [ 2761.742948] ? lock_downgrade+0x8f0/0x8f0 [ 2761.747111] ? kasan_check_read+0x11/0x20 [ 2761.751255] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2761.755836] ? kasan_check_write+0x14/0x20 [ 2761.760246] ? do_raw_spin_lock+0xc1/0x200 [ 2761.764484] sget_userns+0x276/0x860 [ 2761.768196] ? kill_litter_super+0x60/0x60 [ 2761.772434] ? test_single_super+0x10/0x10 [ 2761.776665] ? vfs_get_super+0x270/0x270 [ 2761.780721] ? kasan_check_read+0x11/0x20 [ 2761.784869] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2761.789453] ? kasan_check_write+0x14/0x20 [ 2761.793687] ? do_raw_spin_lock+0xc1/0x200 [ 2761.797935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.803475] ? ns_capable_common+0x13f/0x170 [ 2761.807891] ? kill_litter_super+0x60/0x60 [ 2761.812131] sget+0x10b/0x150 [ 2761.815237] ? test_single_super+0x10/0x10 [ 2761.819474] mount_bdev+0x115/0x3e0 [ 2761.823105] ? finish_unfinished+0x14e0/0x14e0 [ 2761.827685] get_super_block+0x3c/0x50 [ 2761.831569] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2761.835886] legacy_get_tree+0x118/0x440 [ 2761.839949] vfs_get_tree+0x1cb/0x5c0 [ 2761.843749] ? vfs_set_fs_source+0x12c/0x180 [ 2761.848160] do_mount+0x6c1/0x1fb0 [ 2761.851700] ? check_same_owner+0x340/0x340 [ 2761.856022] ? lock_release+0xa30/0xa30 [ 2761.860002] ? copy_mount_string+0x40/0x40 [ 2761.864242] ? kasan_kmalloc+0xc4/0xe0 [ 2761.868130] ? kmem_cache_alloc_trace+0x318/0x780 [ 2761.873611] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2761.879152] ? _copy_from_user+0xdf/0x150 [ 2761.883300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.888833] ? copy_mount_options+0x285/0x380 [ 2761.893331] ksys_mount+0x12d/0x140 [ 2761.896958] __x64_sys_mount+0xbe/0x150 [ 2761.900932] do_syscall_64+0x1b9/0x820 [ 2761.904816] ? finish_task_switch+0x1d3/0x870 [ 2761.909315] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2761.914244] ? syscall_return_slowpath+0x31d/0x5e0 [ 2761.919170] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2761.924185] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2761.929718] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2761.934763] ? perf_trace_sys_enter+0xb10/0xb10 [ 2761.939440] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2761.944288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2761.949558] RIP: 0033:0x45885a [ 2761.952738] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2761.972114] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2761.979826] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2761.987108] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2761.994374] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2762.001640] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2762.008908] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000039 03:41:24 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x2008082, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@uname={'uname', 0x3d, '/dev/cuse\x00'}, 0x2c}, {@version_L='version=9p2000.L', 0x2c}, {@access_client='access=client', 0x2c}]}}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:24 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfc\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x74, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x28a7befffe52da15, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:24 executing program 4 (fault-call:0 fault-nth:58): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2762.376770] FAULT_INJECTION: forcing a failure. [ 2762.376770] name failslab, interval 1, probability 0, space 0, times 0 [ 2762.388437] CPU: 0 PID: 5083 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2762.396763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2762.406123] Call Trace: [ 2762.408716] dump_stack+0x1c9/0x2b4 [ 2762.412368] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2762.417662] should_fail.cold.4+0xa/0x11 [ 2762.421738] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:41:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2762.426842] ? is_bpf_text_address+0xd7/0x170 [ 2762.431354] ? kernel_text_address+0x79/0xf0 [ 2762.435782] ? __kernel_text_address+0xd/0x40 [ 2762.440278] ? unwind_get_return_address+0x61/0xa0 [ 2762.445224] ? __save_stack_trace+0x8d/0xf0 [ 2762.449551] ? save_stack+0xa9/0xd0 [ 2762.453189] ? lock_acquire+0x1e4/0x540 [ 2762.457164] ? fs_reclaim_acquire+0x20/0x20 [ 2762.461508] ? lock_downgrade+0x8f0/0x8f0 [ 2762.465659] ? do_mount+0x6c1/0x1fb0 [ 2762.469391] ? check_same_owner+0x340/0x340 [ 2762.473731] ? rcu_note_context_switch+0x730/0x730 [ 2762.478674] __should_failslab+0x124/0x180 [ 2762.482923] should_failslab+0x9/0x14 [ 2762.486732] kmem_cache_alloc_trace+0x2cb/0x780 [ 2762.491416] ? kasan_kmalloc+0xc4/0xe0 [ 2762.495351] __memcg_init_list_lru_node+0x185/0x2d0 [ 2762.500386] ? kvfree_rcu+0x20/0x20 [ 2762.504020] ? __kmalloc_node+0x47/0x70 [ 2762.508005] __list_lru_init+0x4d6/0x840 [ 2762.512078] ? list_lru_destroy+0x500/0x500 [ 2762.516495] ? prealloc_shrinker+0x213/0x480 [ 2762.520917] ? __init_waitqueue_head+0x9e/0x150 [ 2762.525597] ? inactive_list_is_low+0x850/0x850 [ 2762.530284] ? __lockdep_init_map+0x105/0x590 [ 2762.534974] alloc_super+0x9a6/0xb10 [ 2762.538695] ? destroy_unused_super.part.11+0x110/0x110 [ 2762.544083] ? lock_downgrade+0x8f0/0x8f0 [ 2762.548250] ? kasan_check_read+0x11/0x20 [ 2762.552402] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2762.556989] ? kasan_check_write+0x14/0x20 [ 2762.561224] ? do_raw_spin_lock+0xc1/0x200 [ 2762.565467] sget_userns+0x276/0x860 [ 2762.569185] ? kill_litter_super+0x60/0x60 [ 2762.573425] ? test_single_super+0x10/0x10 [ 2762.577672] ? vfs_get_super+0x270/0x270 [ 2762.581734] ? kasan_check_read+0x11/0x20 [ 2762.585883] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2762.590463] ? kasan_check_write+0x14/0x20 [ 2762.594719] ? do_raw_spin_lock+0xc1/0x200 [ 2762.599056] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2762.604597] ? ns_capable_common+0x13f/0x170 [ 2762.609003] ? kill_litter_super+0x60/0x60 [ 2762.613239] sget+0x10b/0x150 [ 2762.616355] ? test_single_super+0x10/0x10 [ 2762.620588] mount_bdev+0x115/0x3e0 [ 2762.624216] ? finish_unfinished+0x14e0/0x14e0 [ 2762.628797] get_super_block+0x3c/0x50 [ 2762.632698] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2762.637016] legacy_get_tree+0x118/0x440 [ 2762.641078] vfs_get_tree+0x1cb/0x5c0 [ 2762.644880] ? vfs_set_fs_source+0x12c/0x180 [ 2762.649373] do_mount+0x6c1/0x1fb0 [ 2762.652910] ? check_same_owner+0x340/0x340 [ 2762.657230] ? lock_release+0xa30/0xa30 [ 2762.661205] ? copy_mount_string+0x40/0x40 [ 2762.665436] ? kasan_kmalloc+0xc4/0xe0 [ 2762.669320] ? kmem_cache_alloc_trace+0x318/0x780 [ 2762.674184] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2762.679722] ? _copy_from_user+0xdf/0x150 [ 2762.683870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2762.689405] ? copy_mount_options+0x285/0x380 [ 2762.693899] ksys_mount+0x12d/0x140 [ 2762.697526] __x64_sys_mount+0xbe/0x150 [ 2762.701501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2762.707038] do_syscall_64+0x1b9/0x820 [ 2762.710927] ? syscall_slow_exit_work+0x500/0x500 [ 2762.715770] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2762.720700] ? syscall_return_slowpath+0x31d/0x5e0 [ 2762.725631] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2762.730644] ? perf_trace_sys_enter+0xb10/0xb10 [ 2762.735311] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2762.740158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2762.745340] RIP: 0033:0x45885a [ 2762.748531] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2762.767804] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:41:24 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x0, 0x4}, 0x2c) 03:41:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x800000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x30c, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2762.775511] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2762.782779] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2762.790051] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2762.797404] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2762.804672] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003a 03:41:24 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x2000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:24 executing program 4 (fault-call:0 fault-nth:59): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2762.920017] FAULT_INJECTION: forcing a failure. [ 2762.920017] name failslab, interval 1, probability 0, space 0, times 0 [ 2762.931566] CPU: 0 PID: 5112 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2762.939891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2762.949256] Call Trace: [ 2762.951861] dump_stack+0x1c9/0x2b4 [ 2762.955499] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2762.960706] ? __kernel_text_address+0xd/0x40 [ 2762.965202] ? unwind_get_return_address+0x61/0xa0 [ 2762.970135] should_fail.cold.4+0xa/0x11 [ 2762.974242] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2762.979351] ? save_stack+0xa9/0xd0 [ 2762.982973] ? save_stack+0x43/0xd0 [ 2762.986597] ? kasan_kmalloc+0xc4/0xe0 [ 2762.990482] ? kmem_cache_alloc_trace+0x152/0x780 [ 2762.995318] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2763.001203] ? __list_lru_init+0x4d6/0x840 [ 2763.005438] ? alloc_super+0x976/0xb10 [ 2763.009324] ? sget+0x10b/0x150 [ 2763.012602] ? mount_bdev+0x115/0x3e0 [ 2763.016405] ? get_super_block+0x3c/0x50 [ 2763.020477] ? legacy_get_tree+0x118/0x440 [ 2763.024714] ? vfs_get_tree+0x1cb/0x5c0 [ 2763.028686] ? do_mount+0x6c1/0x1fb0 [ 2763.032411] ? ksys_mount+0x12d/0x140 [ 2763.036214] ? __x64_sys_mount+0xbe/0x150 [ 2763.040367] ? do_syscall_64+0x1b9/0x820 [ 2763.044437] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.049816] ? save_stack+0xa9/0xd0 [ 2763.053457] ? lock_acquire+0x1e4/0x540 [ 2763.057515] ? fs_reclaim_acquire+0x20/0x20 [ 2763.061833] ? lock_downgrade+0x8f0/0x8f0 [ 2763.065982] ? do_mount+0x6c1/0x1fb0 [ 2763.069693] ? check_same_owner+0x340/0x340 [ 2763.074016] ? rcu_note_context_switch+0x730/0x730 [ 2763.078948] __should_failslab+0x124/0x180 [ 2763.083186] should_failslab+0x9/0x14 [ 2763.086986] kmem_cache_alloc_trace+0x2cb/0x780 [ 2763.091654] ? kasan_kmalloc+0xc4/0xe0 [ 2763.095542] __memcg_init_list_lru_node+0x185/0x2d0 [ 2763.100557] ? kvfree_rcu+0x20/0x20 [ 2763.104181] ? __kmalloc_node+0x47/0x70 [ 2763.108153] __list_lru_init+0x4d6/0x840 [ 2763.112210] ? list_lru_destroy+0x500/0x500 [ 2763.116527] ? prealloc_shrinker+0x213/0x480 [ 2763.120933] ? __init_waitqueue_head+0x9e/0x150 [ 2763.125627] ? inactive_list_is_low+0x850/0x850 [ 2763.130299] ? __lockdep_init_map+0x105/0x590 [ 2763.134794] alloc_super+0x976/0xb10 [ 2763.138512] ? destroy_unused_super.part.11+0x110/0x110 [ 2763.143875] ? lock_downgrade+0x8f0/0x8f0 [ 2763.148023] ? kasan_check_read+0x11/0x20 [ 2763.152170] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2763.156750] ? kasan_check_write+0x14/0x20 [ 2763.160989] ? do_raw_spin_lock+0xc1/0x200 [ 2763.165221] sget_userns+0x276/0x860 [ 2763.168940] ? kill_litter_super+0x60/0x60 [ 2763.173173] ? test_single_super+0x10/0x10 [ 2763.177403] ? vfs_get_super+0x270/0x270 [ 2763.181458] ? kasan_check_read+0x11/0x20 [ 2763.185610] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2763.190199] ? kasan_check_write+0x14/0x20 [ 2763.194432] ? do_raw_spin_lock+0xc1/0x200 [ 2763.198692] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.204229] ? ns_capable_common+0x13f/0x170 [ 2763.208639] ? kill_litter_super+0x60/0x60 [ 2763.212868] sget+0x10b/0x150 [ 2763.215969] ? test_single_super+0x10/0x10 [ 2763.220200] mount_bdev+0x115/0x3e0 [ 2763.223825] ? finish_unfinished+0x14e0/0x14e0 [ 2763.228405] get_super_block+0x3c/0x50 [ 2763.232290] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2763.236609] legacy_get_tree+0x118/0x440 [ 2763.240669] vfs_get_tree+0x1cb/0x5c0 [ 2763.244465] ? vfs_set_fs_source+0x12c/0x180 [ 2763.248871] do_mount+0x6c1/0x1fb0 [ 2763.252409] ? kasan_check_write+0x14/0x20 [ 2763.256644] ? copy_mount_string+0x40/0x40 [ 2763.260872] ? kasan_kmalloc+0xc4/0xe0 [ 2763.264758] ? kmem_cache_alloc_trace+0x318/0x780 [ 2763.269605] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2763.275142] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.280680] ? copy_mount_options+0x285/0x380 [ 2763.285173] ksys_mount+0x12d/0x140 [ 2763.288796] __x64_sys_mount+0xbe/0x150 [ 2763.292771] do_syscall_64+0x1b9/0x820 [ 2763.296665] ? finish_task_switch+0x1d3/0x870 [ 2763.301160] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2763.306088] ? syscall_return_slowpath+0x31d/0x5e0 [ 2763.311018] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2763.316035] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.321575] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2763.326608] ? perf_trace_sys_enter+0xb10/0xb10 [ 2763.331288] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2763.336135] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.341319] RIP: 0033:0x45885a [ 2763.344498] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2763.363766] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2763.371471] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2763.378736] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2763.386002] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2763.393268] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2763.400533] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003b 03:41:25 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x208000, 0x1c) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f0000000000)={0x10000004}) ioctl$SCSI_IOCTL_START_UNIT(r1, 0x5) tee(r0, r2, 0x1ff, 0x2) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:25 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfy\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x400000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:25 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00004f9fe4)={0xd, 0x0, 0x0, 0x0, 0x400000000002f}, 0x2c) 03:41:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x343, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:25 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x6, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:25 executing program 4 (fault-call:0 fault-nth:60): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2763.513955] FAULT_INJECTION: forcing a failure. [ 2763.513955] name failslab, interval 1, probability 0, space 0, times 0 [ 2763.525297] CPU: 1 PID: 5133 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2763.533619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2763.543347] Call Trace: [ 2763.545951] dump_stack+0x1c9/0x2b4 [ 2763.549582] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2763.554773] ? __kernel_text_address+0xd/0x40 [ 2763.559264] ? unwind_get_return_address+0x61/0xa0 [ 2763.564196] should_fail.cold.4+0xa/0x11 [ 2763.568260] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2763.573367] ? save_stack+0xa9/0xd0 [ 2763.576993] ? save_stack+0x43/0xd0 [ 2763.580616] ? kasan_kmalloc+0xc4/0xe0 [ 2763.584515] ? kmem_cache_alloc_trace+0x152/0x780 [ 2763.589357] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2763.594544] ? __list_lru_init+0x4d6/0x840 [ 2763.598805] ? alloc_super+0x9a6/0xb10 [ 2763.602697] ? sget+0x10b/0x150 [ 2763.605983] ? mount_bdev+0x115/0x3e0 [ 2763.609784] ? get_super_block+0x3c/0x50 [ 2763.613844] ? legacy_get_tree+0x118/0x440 [ 2763.618076] ? vfs_get_tree+0x1cb/0x5c0 [ 2763.622047] ? do_mount+0x6c1/0x1fb0 [ 2763.625761] ? ksys_mount+0x12d/0x140 [ 2763.629555] ? __x64_sys_mount+0xbe/0x150 [ 2763.633744] ? do_syscall_64+0x1b9/0x820 [ 2763.637805] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.643171] ? save_stack+0xa9/0xd0 [ 2763.646799] ? lock_acquire+0x1e4/0x540 [ 2763.650768] ? fs_reclaim_acquire+0x20/0x20 [ 2763.655088] ? lock_downgrade+0x8f0/0x8f0 [ 2763.659234] ? do_mount+0x6c1/0x1fb0 [ 2763.662945] ? check_same_owner+0x340/0x340 [ 2763.667263] ? rcu_note_context_switch+0x730/0x730 [ 2763.672192] __should_failslab+0x124/0x180 [ 2763.676429] should_failslab+0x9/0x14 [ 2763.680226] kmem_cache_alloc_trace+0x2cb/0x780 [ 2763.684897] ? kasan_kmalloc+0xc4/0xe0 [ 2763.688787] __memcg_init_list_lru_node+0x185/0x2d0 [ 2763.693800] ? kvfree_rcu+0x20/0x20 [ 2763.697422] ? __kmalloc_node+0x47/0x70 [ 2763.701394] __list_lru_init+0x4d6/0x840 [ 2763.705464] ? list_lru_destroy+0x500/0x500 [ 2763.709786] ? prealloc_shrinker+0x213/0x480 [ 2763.714187] ? __init_waitqueue_head+0x9e/0x150 [ 2763.718853] ? inactive_list_is_low+0x850/0x850 [ 2763.723522] ? __lockdep_init_map+0x105/0x590 [ 2763.728016] alloc_super+0x9a6/0xb10 [ 2763.731734] ? destroy_unused_super.part.11+0x110/0x110 [ 2763.737099] ? lock_downgrade+0x8f0/0x8f0 [ 2763.741249] ? kasan_check_read+0x11/0x20 [ 2763.745393] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2763.749979] ? kasan_check_write+0x14/0x20 [ 2763.754205] ? do_raw_spin_lock+0xc1/0x200 [ 2763.758438] sget_userns+0x276/0x860 [ 2763.762147] ? kill_litter_super+0x60/0x60 [ 2763.766386] ? test_single_super+0x10/0x10 [ 2763.770615] ? vfs_get_super+0x270/0x270 [ 2763.774673] ? kasan_check_read+0x11/0x20 [ 2763.778819] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2763.783397] ? kasan_check_write+0x14/0x20 [ 2763.787628] ? do_raw_spin_lock+0xc1/0x200 [ 2763.791869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.797400] ? ns_capable_common+0x13f/0x170 [ 2763.801808] ? kill_litter_super+0x60/0x60 [ 2763.806040] sget+0x10b/0x150 [ 2763.809139] ? test_single_super+0x10/0x10 [ 2763.813369] mount_bdev+0x115/0x3e0 [ 2763.816995] ? finish_unfinished+0x14e0/0x14e0 [ 2763.821575] get_super_block+0x3c/0x50 [ 2763.825460] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2763.829782] legacy_get_tree+0x118/0x440 [ 2763.833871] vfs_get_tree+0x1cb/0x5c0 [ 2763.837669] do_mount+0x6c1/0x1fb0 [ 2763.841207] ? check_same_owner+0x340/0x340 [ 2763.845526] ? lock_release+0xa30/0xa30 [ 2763.849500] ? copy_mount_string+0x40/0x40 [ 2763.853817] ? kasan_kmalloc+0xc4/0xe0 [ 2763.857793] ? kmem_cache_alloc_trace+0x318/0x780 [ 2763.862631] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2763.868168] ? _copy_from_user+0xdf/0x150 [ 2763.872314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.878638] ? copy_mount_options+0x285/0x380 [ 2763.883133] ksys_mount+0x12d/0x140 [ 2763.886759] __x64_sys_mount+0xbe/0x150 [ 2763.890733] do_syscall_64+0x1b9/0x820 [ 2763.894615] ? finish_task_switch+0x1d3/0x870 [ 2763.899106] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2763.904032] ? syscall_return_slowpath+0x31d/0x5e0 [ 2763.908960] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2763.913973] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2763.919504] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2763.924516] ? perf_trace_sys_enter+0xb10/0xb10 [ 2763.929354] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2763.934196] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2763.939377] RIP: 0033:0x45885a [ 2763.942557] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:41:25 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2=0xe0000002}, 0x10) 03:41:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x9f, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:26 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfc00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2763.961832] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2763.969537] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2763.976801] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2763.984063] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2763.991325] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2763.998587] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003c 03:41:26 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfc03000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:26 executing program 4 (fault-call:0 fault-nth:61): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2764.127247] FAULT_INJECTION: forcing a failure. [ 2764.127247] name failslab, interval 1, probability 0, space 0, times 0 [ 2764.138634] CPU: 1 PID: 5158 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2764.146961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2764.156324] Call Trace: [ 2764.158927] dump_stack+0x1c9/0x2b4 [ 2764.162564] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2764.167788] ? __kernel_text_address+0xd/0x40 [ 2764.172322] ? unwind_get_return_address+0x61/0xa0 [ 2764.177271] should_fail.cold.4+0xa/0x11 [ 2764.181347] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2764.186462] ? save_stack+0xa9/0xd0 [ 2764.190101] ? save_stack+0x43/0xd0 [ 2764.193741] ? kasan_kmalloc+0xc4/0xe0 [ 2764.197627] ? kmem_cache_alloc_trace+0x152/0x780 [ 2764.202488] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2764.207679] ? __list_lru_init+0x4d6/0x840 [ 2764.211909] ? alloc_super+0x9a6/0xb10 [ 2764.215794] ? sget+0x10b/0x150 [ 2764.219068] ? mount_bdev+0x115/0x3e0 [ 2764.222871] ? get_super_block+0x3c/0x50 [ 2764.226929] ? legacy_get_tree+0x118/0x440 [ 2764.231160] ? vfs_get_tree+0x1cb/0x5c0 [ 2764.235131] ? do_mount+0x6c1/0x1fb0 [ 2764.238839] ? ksys_mount+0x12d/0x140 [ 2764.242634] ? __x64_sys_mount+0xbe/0x150 [ 2764.246783] ? do_syscall_64+0x1b9/0x820 [ 2764.250842] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2764.256206] ? save_stack+0xa9/0xd0 [ 2764.259839] ? lock_acquire+0x1e4/0x540 [ 2764.263815] ? fs_reclaim_acquire+0x20/0x20 [ 2764.268159] ? lock_downgrade+0x8f0/0x8f0 [ 2764.272327] ? do_mount+0x6c1/0x1fb0 [ 2764.276044] ? check_same_owner+0x340/0x340 [ 2764.280365] ? rcu_note_context_switch+0x730/0x730 [ 2764.285314] __should_failslab+0x124/0x180 [ 2764.289549] should_failslab+0x9/0x14 [ 2764.293350] kmem_cache_alloc_trace+0x2cb/0x780 [ 2764.298017] ? kasan_kmalloc+0xc4/0xe0 [ 2764.301925] __memcg_init_list_lru_node+0x185/0x2d0 [ 2764.306939] ? kvfree_rcu+0x20/0x20 [ 2764.310562] ? __kmalloc_node+0x47/0x70 [ 2764.314536] __list_lru_init+0x4d6/0x840 [ 2764.318591] ? list_lru_destroy+0x500/0x500 [ 2764.322909] ? prealloc_shrinker+0x213/0x480 [ 2764.327311] ? __init_waitqueue_head+0x9e/0x150 [ 2764.331975] ? inactive_list_is_low+0x850/0x850 [ 2764.336642] ? __lockdep_init_map+0x105/0x590 [ 2764.341141] alloc_super+0x9a6/0xb10 [ 2764.344852] ? destroy_unused_super.part.11+0x110/0x110 [ 2764.350211] ? lock_downgrade+0x8f0/0x8f0 [ 2764.354363] ? kasan_check_read+0x11/0x20 [ 2764.358509] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2764.363089] ? kasan_check_write+0x14/0x20 [ 2764.367330] ? do_raw_spin_lock+0xc1/0x200 [ 2764.371564] sget_userns+0x276/0x860 [ 2764.375275] ? kill_litter_super+0x60/0x60 [ 2764.379509] ? test_single_super+0x10/0x10 [ 2764.383740] ? vfs_get_super+0x270/0x270 [ 2764.387800] ? kasan_check_read+0x11/0x20 [ 2764.391945] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2764.396525] ? kasan_check_write+0x14/0x20 [ 2764.400754] ? do_raw_spin_lock+0xc1/0x200 [ 2764.405002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2764.410536] ? ns_capable_common+0x13f/0x170 [ 2764.414942] ? kill_litter_super+0x60/0x60 [ 2764.419188] sget+0x10b/0x150 [ 2764.422291] ? test_single_super+0x10/0x10 [ 2764.426524] mount_bdev+0x115/0x3e0 [ 2764.430151] ? finish_unfinished+0x14e0/0x14e0 [ 2764.434731] get_super_block+0x3c/0x50 [ 2764.438618] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2764.442943] legacy_get_tree+0x118/0x440 [ 2764.447003] vfs_get_tree+0x1cb/0x5c0 [ 2764.450802] ? vfs_set_fs_source+0x12c/0x180 [ 2764.455212] do_mount+0x6c1/0x1fb0 [ 2764.458751] ? check_same_owner+0x340/0x340 [ 2764.463071] ? lock_release+0xa30/0xa30 [ 2764.467045] ? copy_mount_string+0x40/0x40 [ 2764.471294] ? kasan_kmalloc+0xc4/0xe0 [ 2764.475180] ? kmem_cache_alloc_trace+0x318/0x780 [ 2764.480020] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2764.485556] ? _copy_from_user+0xdf/0x150 [ 2764.489734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2764.495274] ? copy_mount_options+0x285/0x380 [ 2764.499770] ksys_mount+0x12d/0x140 [ 2764.503399] __x64_sys_mount+0xbe/0x150 [ 2764.507721] do_syscall_64+0x1b9/0x820 [ 2764.511778] ? finish_task_switch+0x1d3/0x870 [ 2764.517240] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2764.522166] ? syscall_return_slowpath+0x31d/0x5e0 [ 2764.527096] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2764.532164] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2764.537720] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2764.542740] ? perf_trace_sys_enter+0xb10/0xb10 [ 2764.547405] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2764.552251] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2764.557432] RIP: 0033:0x45885a [ 2764.560609] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2764.579888] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2764.587607] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2764.594883] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2764.602149] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2764.609414] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2764.616680] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003d 03:41:26 executing program 0: r0 = open(&(0x7f0000000180)='./file0/../file0\x00', 0x800008003, 0x1c) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000000)=[0x3f, 0x9]) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @reserved=0x1}, 0x10) chdir(&(0x7f0000000140)='./file0/../file0\x00') r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f0000000040)=0x9) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:26 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x34, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:26 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x7000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:26 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:26 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfa\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:26 executing program 4 (fault-call:0 fault-nth:62): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2765.011264] FAULT_INJECTION: forcing a failure. [ 2765.011264] name failslab, interval 1, probability 0, space 0, times 0 [ 2765.022588] CPU: 1 PID: 5165 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2765.030934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2765.040311] Call Trace: [ 2765.042909] dump_stack+0x1c9/0x2b4 [ 2765.046540] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2765.051733] should_fail.cold.4+0xa/0x11 [ 2765.055792] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2765.060882] ? is_bpf_text_address+0xd7/0x170 [ 2765.065367] ? kernel_text_address+0x79/0xf0 [ 2765.069763] ? __kernel_text_address+0xd/0x40 [ 2765.074248] ? unwind_get_return_address+0x61/0xa0 [ 2765.079175] ? __save_stack_trace+0x8d/0xf0 [ 2765.083497] ? save_stack+0xa9/0xd0 [ 2765.087119] ? lock_acquire+0x1e4/0x540 [ 2765.091087] ? fs_reclaim_acquire+0x20/0x20 [ 2765.095395] ? lock_downgrade+0x8f0/0x8f0 [ 2765.099528] ? do_mount+0x6c1/0x1fb0 [ 2765.103236] ? check_same_owner+0x340/0x340 [ 2765.107551] ? rcu_note_context_switch+0x730/0x730 [ 2765.112474] __should_failslab+0x124/0x180 [ 2765.116701] should_failslab+0x9/0x14 [ 2765.120489] kmem_cache_alloc_trace+0x2cb/0x780 [ 2765.125162] ? kasan_kmalloc+0xc4/0xe0 [ 2765.129051] __memcg_init_list_lru_node+0x185/0x2d0 [ 2765.134063] ? kvfree_rcu+0x20/0x20 [ 2765.137704] ? __kmalloc_node+0x47/0x70 [ 2765.141689] __list_lru_init+0x4d6/0x840 [ 2765.145759] ? list_lru_destroy+0x500/0x500 [ 2765.150080] ? prealloc_shrinker+0x213/0x480 [ 2765.154495] ? __init_waitqueue_head+0x9e/0x150 [ 2765.159162] ? inactive_list_is_low+0x850/0x850 [ 2765.163835] ? __lockdep_init_map+0x105/0x590 [ 2765.168332] alloc_super+0x9a6/0xb10 [ 2765.172045] ? destroy_unused_super.part.11+0x110/0x110 [ 2765.177417] ? lock_downgrade+0x8f0/0x8f0 [ 2765.181575] ? kasan_check_read+0x11/0x20 [ 2765.185735] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2765.190322] ? kasan_check_write+0x14/0x20 [ 2765.194555] ? do_raw_spin_lock+0xc1/0x200 [ 2765.198799] sget_userns+0x276/0x860 [ 2765.202517] ? kill_litter_super+0x60/0x60 [ 2765.206748] ? test_single_super+0x10/0x10 [ 2765.210975] ? vfs_get_super+0x270/0x270 [ 2765.215029] ? kasan_check_read+0x11/0x20 [ 2765.219173] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2765.223748] ? kasan_check_write+0x14/0x20 [ 2765.227970] ? do_raw_spin_lock+0xc1/0x200 [ 2765.232214] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.237745] ? ns_capable_common+0x13f/0x170 [ 2765.242167] ? kill_litter_super+0x60/0x60 [ 2765.246403] sget+0x10b/0x150 [ 2765.249499] ? test_single_super+0x10/0x10 [ 2765.253729] mount_bdev+0x115/0x3e0 [ 2765.257349] ? finish_unfinished+0x14e0/0x14e0 [ 2765.261926] get_super_block+0x3c/0x50 [ 2765.265812] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2765.270128] legacy_get_tree+0x118/0x440 [ 2765.274186] vfs_get_tree+0x1cb/0x5c0 [ 2765.277981] ? vfs_set_fs_source+0x12c/0x180 [ 2765.282387] do_mount+0x6c1/0x1fb0 [ 2765.285921] ? kasan_check_read+0x11/0x20 [ 2765.290062] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2765.294474] ? copy_mount_string+0x40/0x40 [ 2765.298713] ? kasan_kmalloc+0xc4/0xe0 [ 2765.302601] ? kmem_cache_alloc_trace+0x318/0x780 [ 2765.307450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.312977] ? copy_mount_options+0x285/0x380 [ 2765.317468] ksys_mount+0x12d/0x140 [ 2765.321100] __x64_sys_mount+0xbe/0x150 [ 2765.325076] do_syscall_64+0x1b9/0x820 [ 2765.328957] ? syscall_slow_exit_work+0x500/0x500 [ 2765.333982] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2765.338904] ? syscall_return_slowpath+0x31d/0x5e0 [ 2765.343827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.349363] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2765.354372] ? perf_trace_sys_enter+0xb10/0xb10 [ 2765.359032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2765.363870] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2765.369047] RIP: 0033:0x45885a [ 2765.372243] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2765.391533] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2765.399242] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a 03:41:27 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2765.406501] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2765.413765] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2765.421027] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2765.428290] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003e 03:41:27 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:27 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:27 executing program 4 (fault-call:0 fault-nth:63): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:27 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x5, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:27 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x500, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:27 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfd\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2765.581503] FAULT_INJECTION: forcing a failure. [ 2765.581503] name failslab, interval 1, probability 0, space 0, times 0 [ 2765.592880] CPU: 0 PID: 5201 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2765.601206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2765.610570] Call Trace: [ 2765.613168] dump_stack+0x1c9/0x2b4 [ 2765.616791] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2765.621987] ? __kernel_text_address+0xd/0x40 [ 2765.626483] ? unwind_get_return_address+0x61/0xa0 [ 2765.631435] should_fail.cold.4+0xa/0x11 [ 2765.635516] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2765.640731] ? save_stack+0xa9/0xd0 [ 2765.644356] ? save_stack+0x43/0xd0 [ 2765.647987] ? kasan_kmalloc+0xc4/0xe0 [ 2765.651889] ? kmem_cache_alloc_trace+0x152/0x780 [ 2765.656734] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2765.661921] ? __list_lru_init+0x4d6/0x840 [ 2765.666152] ? alloc_super+0x9a6/0xb10 [ 2765.670042] ? sget+0x10b/0x150 [ 2765.673322] ? mount_bdev+0x115/0x3e0 [ 2765.677122] ? get_super_block+0x3c/0x50 [ 2765.681218] ? legacy_get_tree+0x118/0x440 [ 2765.685450] ? vfs_get_tree+0x1cb/0x5c0 [ 2765.689438] ? do_mount+0x6c1/0x1fb0 [ 2765.693150] ? ksys_mount+0x12d/0x140 [ 2765.696946] ? __x64_sys_mount+0xbe/0x150 [ 2765.701098] ? do_syscall_64+0x1b9/0x820 [ 2765.705156] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2765.710519] ? save_stack+0xa9/0xd0 [ 2765.714151] ? lock_acquire+0x1e4/0x540 [ 2765.718144] ? fs_reclaim_acquire+0x20/0x20 [ 2765.722470] ? lock_downgrade+0x8f0/0x8f0 [ 2765.726612] ? do_mount+0x6c1/0x1fb0 [ 2765.730328] ? check_same_owner+0x340/0x340 [ 2765.734646] ? rcu_note_context_switch+0x730/0x730 [ 2765.739575] __should_failslab+0x124/0x180 [ 2765.743813] should_failslab+0x9/0x14 [ 2765.747612] kmem_cache_alloc_trace+0x2cb/0x780 [ 2765.752274] ? kasan_kmalloc+0xc4/0xe0 [ 2765.757203] __memcg_init_list_lru_node+0x185/0x2d0 [ 2765.762218] ? kvfree_rcu+0x20/0x20 [ 2765.765860] ? __kmalloc_node+0x47/0x70 [ 2765.769838] __list_lru_init+0x4d6/0x840 [ 2765.773897] ? list_lru_destroy+0x500/0x500 [ 2765.778215] ? prealloc_shrinker+0x213/0x480 [ 2765.782620] ? __init_waitqueue_head+0x9e/0x150 [ 2765.787283] ? inactive_list_is_low+0x850/0x850 [ 2765.791966] ? __lockdep_init_map+0x105/0x590 [ 2765.796462] alloc_super+0x9a6/0xb10 [ 2765.800178] ? destroy_unused_super.part.11+0x110/0x110 [ 2765.805539] ? lock_downgrade+0x8f0/0x8f0 [ 2765.809689] ? kasan_check_read+0x11/0x20 [ 2765.813834] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2765.818413] ? kasan_check_write+0x14/0x20 [ 2765.822640] ? do_raw_spin_lock+0xc1/0x200 [ 2765.826875] sget_userns+0x276/0x860 [ 2765.830583] ? kill_litter_super+0x60/0x60 [ 2765.834818] ? test_single_super+0x10/0x10 [ 2765.839057] ? vfs_get_super+0x270/0x270 [ 2765.843113] ? kasan_check_read+0x11/0x20 [ 2765.847256] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2765.851835] ? kasan_check_write+0x14/0x20 [ 2765.856067] ? do_raw_spin_lock+0xc1/0x200 [ 2765.860311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.865844] ? ns_capable_common+0x13f/0x170 [ 2765.870250] ? kill_litter_super+0x60/0x60 [ 2765.874488] sget+0x10b/0x150 [ 2765.877592] ? test_single_super+0x10/0x10 [ 2765.881824] mount_bdev+0x115/0x3e0 [ 2765.885448] ? finish_unfinished+0x14e0/0x14e0 [ 2765.890036] get_super_block+0x3c/0x50 [ 2765.893920] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2765.898238] legacy_get_tree+0x118/0x440 [ 2765.902296] vfs_get_tree+0x1cb/0x5c0 [ 2765.906089] ? vfs_set_fs_source+0x12c/0x180 [ 2765.910493] do_mount+0x6c1/0x1fb0 [ 2765.914032] ? check_same_owner+0x340/0x340 [ 2765.918348] ? lock_release+0xa30/0xa30 [ 2765.922323] ? copy_mount_string+0x40/0x40 [ 2765.926581] ? retint_kernel+0x10/0x10 [ 2765.930468] ? copy_mount_options+0x1a1/0x380 [ 2765.934959] ? copy_mount_options+0x1cc/0x380 [ 2765.939450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.944984] ? copy_mount_options+0x285/0x380 [ 2765.949475] ksys_mount+0x12d/0x140 [ 2765.953104] __x64_sys_mount+0xbe/0x150 [ 2765.957076] do_syscall_64+0x1b9/0x820 [ 2765.960958] ? finish_task_switch+0x1d3/0x870 [ 2765.965452] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2765.970394] ? syscall_return_slowpath+0x31d/0x5e0 [ 2765.975322] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2765.980334] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2765.985878] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2765.990896] ? perf_trace_sys_enter+0xb10/0xb10 [ 2765.995564] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2766.000416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2766.005598] RIP: 0033:0x45885a [ 2766.008775] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2766.028048] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2766.035913] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2766.043963] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2766.051227] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2766.058504] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2766.065983] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 000000000000003f 03:41:28 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) fcntl$getflags(r0, 0x40b) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:28 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x314, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfc03], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:28 executing program 4 (fault-call:0 fault-nth:64): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1200000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:28 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf\n\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x10a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xcd7135fefff4288c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:28 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) preadv(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2766.470453] FAULT_INJECTION: forcing a failure. [ 2766.470453] name failslab, interval 1, probability 0, space 0, times 0 [ 2766.481785] CPU: 0 PID: 5236 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2766.490108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2766.499464] Call Trace: [ 2766.502062] dump_stack+0x1c9/0x2b4 [ 2766.505701] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2766.510905] ? __kernel_text_address+0xd/0x40 [ 2766.515415] ? unwind_get_return_address+0x61/0xa0 03:41:28 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1e, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2766.520379] should_fail.cold.4+0xa/0x11 [ 2766.524443] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2766.529548] ? save_stack+0xa9/0xd0 [ 2766.533170] ? save_stack+0x43/0xd0 [ 2766.536791] ? kasan_kmalloc+0xc4/0xe0 [ 2766.540672] ? kmem_cache_alloc_trace+0x152/0x780 [ 2766.545514] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2766.550700] ? __list_lru_init+0x4d6/0x840 [ 2766.554932] ? alloc_super+0x9a6/0xb10 [ 2766.558815] ? sget+0x10b/0x150 [ 2766.562104] ? mount_bdev+0x115/0x3e0 [ 2766.565912] ? get_super_block+0x3c/0x50 03:41:28 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2766.569993] ? legacy_get_tree+0x118/0x440 [ 2766.574236] ? vfs_get_tree+0x1cb/0x5c0 [ 2766.578217] ? do_mount+0x6c1/0x1fb0 [ 2766.581948] ? ksys_mount+0x12d/0x140 [ 2766.585771] ? __x64_sys_mount+0xbe/0x150 [ 2766.589931] ? do_syscall_64+0x1b9/0x820 [ 2766.594009] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2766.599389] ? save_stack+0xa9/0xd0 [ 2766.603064] ? lock_acquire+0x1e4/0x540 [ 2766.607050] ? fs_reclaim_acquire+0x20/0x20 [ 2766.611398] ? lock_downgrade+0x8f0/0x8f0 [ 2766.615556] ? do_mount+0x6c1/0x1fb0 [ 2766.619288] ? check_same_owner+0x340/0x340 [ 2766.623636] ? rcu_note_context_switch+0x730/0x730 [ 2766.628580] __should_failslab+0x124/0x180 [ 2766.632831] should_failslab+0x9/0x14 [ 2766.636648] kmem_cache_alloc_trace+0x2cb/0x780 [ 2766.641329] ? kasan_kmalloc+0xc4/0xe0 [ 2766.645238] __memcg_init_list_lru_node+0x185/0x2d0 [ 2766.650269] ? kvfree_rcu+0x20/0x20 [ 2766.653902] ? __kmalloc_node+0x47/0x70 [ 2766.657881] __list_lru_init+0x4d6/0x840 [ 2766.661950] ? list_lru_destroy+0x500/0x500 [ 2766.666286] ? prealloc_shrinker+0x213/0x480 [ 2766.670699] ? __init_waitqueue_head+0x9e/0x150 [ 2766.675376] ? inactive_list_is_low+0x850/0x850 [ 2766.680047] ? __lockdep_init_map+0x105/0x590 [ 2766.684541] alloc_super+0x9a6/0xb10 [ 2766.688256] ? destroy_unused_super.part.11+0x110/0x110 [ 2766.693623] ? lock_downgrade+0x8f0/0x8f0 [ 2766.697775] ? kasan_check_read+0x11/0x20 [ 2766.701920] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2766.706503] ? kasan_check_write+0x14/0x20 [ 2766.710736] ? do_raw_spin_lock+0xc1/0x200 [ 2766.714976] sget_userns+0x276/0x860 [ 2766.718686] ? kill_litter_super+0x60/0x60 [ 2766.722915] ? test_single_super+0x10/0x10 [ 2766.727146] ? vfs_get_super+0x270/0x270 [ 2766.731205] ? kasan_check_read+0x11/0x20 [ 2766.735352] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2766.739931] ? kasan_check_write+0x14/0x20 [ 2766.744164] ? do_raw_spin_lock+0xc1/0x200 [ 2766.748412] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2766.753961] ? ns_capable_common+0x13f/0x170 [ 2766.758377] ? kill_litter_super+0x60/0x60 [ 2766.762608] sget+0x10b/0x150 [ 2766.765711] ? test_single_super+0x10/0x10 [ 2766.769943] mount_bdev+0x115/0x3e0 [ 2766.773570] ? finish_unfinished+0x14e0/0x14e0 [ 2766.778153] get_super_block+0x3c/0x50 [ 2766.782042] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2766.786359] legacy_get_tree+0x118/0x440 [ 2766.790421] vfs_get_tree+0x1cb/0x5c0 [ 2766.794217] ? vfs_set_fs_source+0x12c/0x180 [ 2766.798623] do_mount+0x6c1/0x1fb0 [ 2766.802162] ? check_same_owner+0x340/0x340 [ 2766.806482] ? lock_release+0xa30/0xa30 [ 2766.810458] ? copy_mount_string+0x40/0x40 [ 2766.814693] ? kasan_kmalloc+0xc4/0xe0 [ 2766.818585] ? kmem_cache_alloc_trace+0x318/0x780 [ 2766.823426] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2766.828966] ? _copy_from_user+0xdf/0x150 [ 2766.833115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2766.838648] ? copy_mount_options+0x285/0x380 [ 2766.843142] ksys_mount+0x12d/0x140 [ 2766.846767] __x64_sys_mount+0xbe/0x150 [ 2766.850743] do_syscall_64+0x1b9/0x820 [ 2766.854651] ? finish_task_switch+0x1d3/0x870 [ 2766.859149] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2766.864074] ? syscall_return_slowpath+0x31d/0x5e0 [ 2766.868999] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2766.874011] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2766.879566] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2766.884583] ? perf_trace_sys_enter+0xb10/0xb10 [ 2766.889253] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2766.894096] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2766.899278] RIP: 0033:0x45885a [ 2766.902457] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2766.921724] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2766.929447] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2766.936712] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2766.943978] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2766.951240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2766.958502] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000040 03:41:29 executing program 0: socketpair(0xa, 0x807, 0xfb06, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000040)={0x0, 0x4, 0x1, 0x7e77}) open(&(0x7f0000000080)='./file0\x00', 0x80, 0x40) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) recvmmsg(r2, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) r3 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)="d25195ff748fda43fb7719924fd481d725dee75c1a014e1f94341d141e91550e69cfe2f2b34bab12f61923c3d0c28f80d75dcc7e5bea928b7a0a0df0430ca3ff1558510100a2920708c439e4de01a870754c679b5db9c47e227e5799b9d8fd69b786cab74776672d6754465b4844d4116758456a0371b059b02d0904e9c95fc80084846eb45f35e8d17d4b4e9a4176c35a610c66097970ed989a9e2acb0b1a17e44e5d77128fef1335b81ee54f9849c196f7a034875215f1f355f41870b992e9c8425148f99905cbc3def608927eb930f59c0f7311bf67bc1876540074988dc948397dc85a6d3b1ba8a5bbdf62309056cc64f80d8cf67f06159672d28fb46a19e94262deed81b088dc0d3f55ffd9c0a7a835fb955ae0712a7b01aa3c7cb13fd2acae6a5699874d2b3d77201dbebabe6536088edf69567ff0fc9affd0027f973a76d4df47258bfeb3cba3a78a750d84969c6b6334c043e9f4f23ae7ca3e2dc0c3dd9d1a644d0005553b600fcd87b6d1857d47893638626ff919907e21f1f88eee86a30b36684d7f90dc322c1888bf347092472bfeb03e4f422c0929315f7b19d558f9278e3e4bbd5c90aba7a925a824f9920b742ef94ec8f239ca49fdbd610cd2dfa4a6b9708c5e86be3f4aa76873d7747834f2bbacc244980f61fc1544f9585f5601447544caae834b7ec12ed7c1ab749b7c9b882b48076d62291aec3ea083b5399c8b606a3d49be4747f3d7b3a63933f39aae0e335599ea09ffa7df67d47b8c08cb590a0a8315ebf066d15f41277ee7ab3121f731deb70160c7b0ca4a64b41b4cf41e53027613cb107fa27e25581adf94a8aced4a681e6ee480e91a95a3e457e7316ad8c49b86e46b0bcc369fbf05e5a1c5f935669c1f9a8a58742e5edcc53b545f393d82e37566123c534fe48078654b53226620fbd9f99ae92270252bbf49c8e4492ba14346580665ee073208eb8e22bf95844702c9dfdae84461812211db7f5dc3bba4607c2f47802592419272742a240ea92b21e50eb3c7433471c73bd8f8fda2a61be1aa15165ab09657bbbdb3c163674deeb5b8461ee9a98d39f2d990c2f9f3ad181a5c3d26810e6a8587611aacd9d113b37f2f3d143b5f6390468f017544e2a7a838205dc90008395e20047029183f6aca713f2e61456745f7cef0c72028fa7b646cf95fa71ba712fbdbba80804401aa49827d2862825131328f720422f7879a6efaf0fa7c23d6e8f4564a8d8ce3c7c4b935c502e6164849e8de91b1940b1b93bdb3c75d12aa7633e81d42fb43e33ea29401d47201120d56ce7cbbee3a2a9a48f21faea59c4274987da9c15bb52c18096f8a373892ee302c35f3cbc92c3c24e3844d580540eab6cb1752a78e220893fb1e145a96c0c5a1178bcf80f918355b77f7abb1c141e0e0cbf4a638ce2024fc52e56b23d71f408c1012709015ace8f1a698ac1149f1c593ce355deb6b9b3627ecfce10d9608707ecccc925941be5293419f1106ed7c5ee3c8d668bb083567008e69ecd12fbfc5164c33b6805b726d8d843578f58aad23733e07a3438c44bcb125c46cd95c88c108e5b37e90f31d0ba56ce89240c470565904d86bc2659ed005baf008e5fafa23033ebd6fe35358e5eed148ce21b569b7758a7067c53de2b5034c7174b42824c275c0979d388ff062374019a7cde4f1a49033aee85b5097e718e5b0118e9326865d093b6200a98d1f04dda4f66ea3435f25cfeb3ad86d8f25728a7fa4e7e35db41815a8dc8dfced5b4615de937b6cd2141486970335cc4c3a9b7b73d0a44cab645005f6b4f001b3694f9d952bc32a3c0d47bf18fdffb2d5416c38a9628cec32362714f046396ac85ef1cb4d791154172e02bf5f3e068465cdfcbe638520bab5bf93558f1240b405d70d1c6f1402e78a6f5b6d08f06941bfd9bb7c39edbf137456b0ac31e0330585376aca4021a900dd972c8d6d15993dcdee1f58ec17d05400d0b9ea4b676d38aa8177aef21065aefb025d615ec2e00d6b9850b84287fd82fbd0fd6d59612ee566dc3167b96bd45b43cbd5709b511db9d3f20c80c396d0306643d6c2c220ed7d471f8286e0a00b0ab6fc6f526086f08d8d54e4be126af855b98ca80dae7dec6d79aab82f3e4701f98ed4e80132ead8d1df2cfeda17b3057c7fe06ae30253f26ff7e7838e9b2176418f1ffcceaeb80fa52dcc73bf27cd6356186d397cb2e3c72beff924f1850267ccd6e8023f6797d55b735c5910e0a710d11ab8458e8fe0381eb9c045f36a1447629b958b88fbc8e161d8012af28793eb2228167f6dde98061629b08053284b36b0d90825e50a1d4ccf3bac2466ac4db7b1705c64f81fc65657906030bf6af2044cb3e4989053066fa29faa0fe19bc3402573114f9117df1e527af91c85303712aaa66e0f04109ced72a11802f6d393c75c1d4cb088ef2c453bc5795ff513035b4086c048ae2e85868b4d4dda728fc59b062eb93a2dc143d948737b252c8c331f610d2e16197473bbcf237cf72aa4f36f26bb03957f9e6b79c933166c1881e497f6200f1318cb5da38a570fcc339f29b59cc8ed293831af619dc432a917b59670a7b53d3c25b78b5056516184a4966de5c581eefdaa1bf593c3b7b97238a35b14e3e52e3edd91c4ad8559553cb8c40e61f2c7eb9a813cebc994ca289fc01e4abe282f6fd5986bdd4adb5796e929b6b53768e7001c152c4487152d2d7871e0bda2cedf731cc437264bbc258d1f93448badba0c473928a393ba757aacc77ff59dabca94cf7e57828120dd2c36755573ef4b8701561b40e444a173aa0be342177c93a5f44ad91d9d886a1229e4d14b0de3585b1040ab93159bbd300cc5fbcc82f57496088c1b99efa25045e0c33368b48ab61b310a9b6f7aa35922ac54e3b195784fb2f1907330d1bc244dbc409730ae5114fe3af7d2d639b9daeba9d995acd4ab336b98373f89be213ceff1a9f0bb81aeec29335e4beaa3a3f8c9010a90c2eb9766739969ef3095f4c673efb69389eba8d893c34f1140308434a46cdce3d7da3a50f012c4ba493a4c90f6603de7c78d81a0d69569ec887b330839d47c886f2b1e820e51ea3f84ad01a0fb71863d5918f08fbc872501aba56f44047c6a8189a88bed484f97cf34f084f59377a59f4e12e1bfd3e1143d5cef88974a8dac8a9ea1a9a0248f263b255d3113dd20ce728f90ce2e03025942f9e4f3e0fb735aa33b3e12300c3fa9d1fe99853d5cdb1ca69690c21ae8a7571d33780df5cb3efd4964a0c6345c89410fac0c6816fa3bae4ab6445dd56dffa219635d16f7e9c71b35ab340a919bbe82a5005bc0452838834b25726fb16125d36401cc986aaf6a17d57defa110f9584a77bf5e5f721b45f93434b65abd21762ee88e9b0fbef98a5cce146e829ff9a3d768dd9ed40e8bb3390f82018fd619de3bfcecf89ce9552909559d5dfd295614d28ea413cc8a599b59201edc10e303fc4e955b7941c457b5e4bfe1b52dd374eac602936f52f59e59b9234698097eb534e9190c1fb918bfbb1665bd99d009ef43b7aca93a3a63efe177d64053d9128824ac3c6769e546410b993f534d329d0e761e1d791f2fb0068892ede8c6eccc3c5379d1749254fab809a29b9c343c8daeb826ae9fb499ea2101b452bc53eb4e35b3a481f4f1addcc0061ef16133d803c9b7d8bfb6ecc82820ce9867428e8c65a2db6a15bb9b19f051ed3350ce1ae706b9ee416c54a31cde4b739e808907a6bc4203f4baf263b7811e7029aac9ac050dafb2ea5fba4ac05d7a39218c7d668380d9f076ada29778bfb86449e6e42e35fb6f501dc4ba0d348bdbfe1ac5d74c4a275db45fbc32480b968b642b1b0bb642847d6dec7e2a5040b5b40e486daa8a8dc097c4fc073317a4f6617a3d91fd80e9fa9079ee335358b0b079fda3def33f3aa79e58303f28dc4374386b69e6015ed5e763726431e96909e1b8c849f25844dcee253377c9c3e964342c71091c9573b4341bd323adc2f887e7725da9f1ae7ef4106ec3f6839e274ce478ce8b52f466f40fdd5ceecadf25058bfc8f78ae813062dc0523f9d2a4aacdc39b7b72d4a654bf99a54bac69af40d975cb6e94cae19134d0ae110b74e56298e81d48bc0221503c03468312a1c65b79b2bdcdbae0ef2782720c51cc4ebdd041a924966eccc087f71e3f5c96760962dca1f83bb06e5953df972142b51f905378e4f6f3d397b5795c437fa72c1f1b91ba27dc859860d2657364fbac567a1a3a0e393f10dc5ddb2d2a87646e2ddaa507262faa9b8ac0928d5702d8cb75da2bf04106da8353413cf16890bc70e7d453f5679c0f918b87c31242d9e4b207bfab2b2e61969c872aa8861851d9eb350a3915de028de69450b59ff1696805ec2fcd7b1147a389c3668a7f87e35426709fbed88b3bc5efa4cca5cd787c348a985634c56b469696cfccfbb3ce7052244173f2d45ad34c2e685a9a9220fbec1e1d21fc043b927f6e0a30fe1e1ee388d4c0aa297f4cbae9d19b78560c9e72b6ea050692743739b8dbbe1c13c72a4c29e511823a85f86278bdfdb15b4ded99faaa71511222532e8e2c8c7f89405a998562af0ac2ad31c35794735d9f5c359f4674621e82d213d9970530620dd7722317e50c10c5da988873619d5ac35fad0477da1cd0711ec7df94f4816eeec888c753f68f30e85f7b1d04f4492a8e8618c6451b2d191c5e8bf2013bad973d0697bf46d131320febe0e270df0931b43546af16d6f26822dd0c407dcb7792d19e9a82e2573840877e2c8b454767b7a6c427263c8465987c014dc3a72ed6a62a7bb4dcef98bb82c03ea6240fe0882710d8a2f3a4caee045d57088744564bfecd4fc63cce10ccdf1983ebaef0285fb9aff22e8da77e585ed27663c58875238fde4b1c7ccea5b4e42c98ff34c93189404d76a3306f23b7b62d074994ddea91a4061ae693e5a6132192ec981e9c22f66d10bd1008aa90d6956c5b954e0b139794addc5f7b225915287afb84d0a652e51f898f4a7f75e334c9e00684bd1ee22e5de1bb7ded600d5125324dbfbf1b4562dbc2cd5faa0a0815208360447210d88cfea3ebc9986e713b49abd7866878999c7ffdb16a926b9c4c4b6d1e2520f34c3ce55edebcab1e43b09870490db6dc088b0a2028a0724d58326330c984060e9988a3a80f55e3972358b88de39e5c5433b699b86c54998ff65866adee9f3cc0960a30ad28297bded9d527193c5a966dd9a6009ebfb92f41bb3f9a5a2bcb8f37b38fe93836d682b3171e16375db228b42d41c95d57c8500767fbe8aa98df96ca98fd85f41be7f654b097aa8a88da95c346442c362716d3b202c70f25ce7e178da653f48c2ea199dd6a3b0014b9157f1fa68ceea14c4f15662860a89cb1353dac656ff9e7b4db746486666e4fd968fc7a1c938aabcf557797d15e6448857b4eeba7c4eb1b1d66e40cba13d8ceb5249b0783362c5ad98a0f0cd090bd1bbfb01e6ea8fba95670d5827877ac112605a6988190a600440ce334853a1422b63728a1ab5d7779d2a9f0f369dd891ac3ace688fa57c31729c0d59affc53d751719d69f9801caf49f502c9b6ac12868518ed10f1bcac8bf66f4d84052d142f805267cd861e56b779e38419c8679fbc71887b611d69e6a35ae605d120719af9b17842059578bd36b441134b7e9c2e9bb2650bcee7652c00e5d960e8bc142b4f40192101feb0e45127bfd63e4e37ee1e193117c6e40ec6002e7babc481835c90d76777e9ef443366a39bdc91dba1a0c8c409ce5fe6e36a5bc708be54b971b3d9475986e46e6", 0x1000, 0xffffffffffffffff) keyctl$revoke(0x3, r3) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3fc], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x58, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:29 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfb\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:29 executing program 4 (fault-call:0 fault-nth:65): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:29 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x394, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2767.417129] FAULT_INJECTION: forcing a failure. [ 2767.417129] name failslab, interval 1, probability 0, space 0, times 0 [ 2767.428443] CPU: 0 PID: 5267 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2767.436762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2767.446116] Call Trace: [ 2767.448714] dump_stack+0x1c9/0x2b4 [ 2767.452350] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2767.457555] ? __kernel_text_address+0xd/0x40 [ 2767.462055] ? unwind_get_return_address+0x61/0xa0 03:41:29 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) write$tun(r0, &(0x7f0000000140)={@val={0x0, 0x8847}, @val={0x3, 0x83, 0x0, 0x6, 0x7, 0x7fffffff}, @ipx={0xffff, 0xcd, 0x1, 0x11, {@current, @current}, {@broadcast=0xffffffff, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, "c4465f817c5f68b203a15a390c54db34482d5df8ffd70d00fc2faa51714625f6348e8f3bd861a90748498d99bac1e3c05afe438026b882f97f427fbbeb51b33217c4a788c528f18b5cd4048ff6e876aa4fa8158d3ce9a521b20aac2611e47743fb0a9d7349ffe1cdc5c41b858f8b9ac633c6671d942a44ce766813be9ddf7d9a7d8fad3fcd1a80ed28bf3f76710d5a7ca3477ee94f20fbc272a266508de7dcc370a1d826ff26c8c322de28e8d4f0ad"}}, 0xdb) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r3, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r3, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000002c0)={"251175e34f7f3363042fae9e18e408ba55ad6921f80ab9a090577053c78539a1ef4a66ac418d17aac2c57bb0ee88bcc2fa4342d760467076f743e60d393a473153fafc7ffe0d7b071ef76186566702f259430c3a0ee94c9e814e383480c7a60ae29737b60c968677afc55c58af279e23a0f6840269b34113dd58e0ecef8ba03fab8ff4b8dd2b919c8dc5aa5f4112450343f5365fd23d7eb5e1748d0e248cd899abc3ad412997aac68d7c8581836d368712ed64966ace305b287df8920fe3d1342ca4a023193c0d5fa0b322cfd69939be3d6f5f364c006a28a033cb350c93c2010ed085b603b7242032af966cbb9ad857813afb2fc6c71c502e318c2b37f7c1bb64143de6bb18bfcff831bfc4d6a1034ac6027cb0e3633849e323d63a8db93057cfbbd5c9ca95bcefde3cbde04daf3a151553d1cc1a906680a63de10f3a9957113a9215a13ba8ccebc4e3ebabf95557ae165fb40f57ccc29fa3257a97b3b1418c0265149cf82aa8fdbceff734ded7377b8d5a0fe4c7339b2d0f31560359f4348157253198251fea6ab488b65866c2349032146d7dd3a1d87825881c6e766bd31a9d43ba74d5ea57555579765702c4dc04341584d6a97b267cd6a9464d41ea620ec764bea78e70f5ad3389636409ad1c13d1b31e9beb31c3c37077518d0584f997d144890fd164848b81f8be9ea151a5f6b8f7936e722a07e00ea802567b1930e7e2427db023c7592c701a40d13db3f424a048931fc84f293b3e381e1fc7be5cbf92de3845be59dbb7e7d7660da5c677fa758ad6e2550a31a1ee4d72639dbe3a1f60ad6f0e619029d4c68d48a2a9df2bb94c583d08928c89700435c5017fa3817dc08b42048f8b30c6cf51c4937bbb6b96396c870da7b2cb38552c43beba177927c5f3065071dfdd5ef28be1448c15b62ec49afd91de9596e2ae9b96f092aef3888b2f946b8a4fa8f66f870f72d5795e2c5ea97ec95d2288d9a48dadf71fa8cebe9c6ccb916c30f2d5413301f675df0d02054c67285ad083d206147653f0a9ecc7a3c56cfbc77dce51891ad693a04a873d8c08a45b4c501a65000e06e22a7aeb50ba6638bd061cf0955c932a86c4b1a143d547d9e87f542382aa68ac4fb50fe821c9406bac5bd5aec9ee6008f5b8007d992ff115854629817beab20d73a068c885cbfa40d9997a2a635184b92efd7515bc5a5cdc35d57de1570653b880996a9b90ce8a3ff920515b81a2c3f99ca283ed487f3c3b2567c8d413eaa68c514dac133b520f3551a263a1a975130d916ef52d8e7a97c021e0d75f849bd49a1bdee427f1c1d93b393aab815ac599469045ea5c09e7403feb384dee4b1bea1ec22316056192724676f3062044c99bc28bce57235b19ab5093c5085d020697375beaa961652836e48c48453a385abd6cdd15243a1fdc11433f9c9ff5f3d9a5884dfe746525"}) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2767.467002] should_fail.cold.4+0xa/0x11 [ 2767.471080] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2767.476192] ? save_stack+0xa9/0xd0 [ 2767.479835] ? save_stack+0x43/0xd0 [ 2767.483475] ? kasan_kmalloc+0xc4/0xe0 [ 2767.487375] ? kmem_cache_alloc_trace+0x152/0x780 [ 2767.492230] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2767.497434] ? __list_lru_init+0x4d6/0x840 [ 2767.502029] ? alloc_super+0x9a6/0xb10 [ 2767.505930] ? sget+0x10b/0x150 [ 2767.509218] ? mount_bdev+0x115/0x3e0 [ 2767.513026] ? get_super_block+0x3c/0x50 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x14b, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2767.517097] ? legacy_get_tree+0x118/0x440 [ 2767.521338] ? vfs_get_tree+0x1cb/0x5c0 [ 2767.525320] ? do_mount+0x6c1/0x1fb0 [ 2767.529040] ? ksys_mount+0x12d/0x140 [ 2767.532846] ? __x64_sys_mount+0xbe/0x150 [ 2767.537003] ? do_syscall_64+0x1b9/0x820 [ 2767.541075] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2767.546453] ? save_stack+0xa9/0xd0 [ 2767.550277] ? lock_acquire+0x1e4/0x540 [ 2767.554261] ? fs_reclaim_acquire+0x20/0x20 [ 2767.558595] ? lock_downgrade+0x8f0/0x8f0 [ 2767.562759] ? do_mount+0x6c1/0x1fb0 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x5e, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2767.566484] ? check_same_owner+0x340/0x340 [ 2767.570817] ? rcu_note_context_switch+0x730/0x730 [ 2767.575754] __should_failslab+0x124/0x180 [ 2767.580003] should_failslab+0x9/0x14 [ 2767.583812] kmem_cache_alloc_trace+0x2cb/0x780 [ 2767.588489] ? kasan_kmalloc+0xc4/0xe0 [ 2767.592388] __memcg_init_list_lru_node+0x185/0x2d0 [ 2767.597408] ? kvfree_rcu+0x20/0x20 [ 2767.601038] ? __kmalloc_node+0x47/0x70 [ 2767.605018] __list_lru_init+0x4d6/0x840 [ 2767.609081] ? list_lru_destroy+0x500/0x500 [ 2767.613411] ? prealloc_shrinker+0x213/0x480 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x70, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2767.617821] ? __init_waitqueue_head+0x9e/0x150 [ 2767.622493] ? inactive_list_is_low+0x850/0x850 [ 2767.627168] ? __lockdep_init_map+0x105/0x590 [ 2767.631671] alloc_super+0x9a6/0xb10 [ 2767.635395] ? destroy_unused_super.part.11+0x110/0x110 [ 2767.640768] ? lock_downgrade+0x8f0/0x8f0 [ 2767.644929] ? kasan_check_read+0x11/0x20 [ 2767.649081] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2767.653669] ? kasan_check_write+0x14/0x20 [ 2767.657912] ? do_raw_spin_lock+0xc1/0x200 [ 2767.662152] sget_userns+0x276/0x860 03:41:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x63, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xa8aaaafffeaaaa10, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2767.665869] ? kill_litter_super+0x60/0x60 [ 2767.670110] ? test_single_super+0x10/0x10 [ 2767.674352] ? vfs_get_super+0x270/0x270 [ 2767.678415] ? kasan_check_read+0x11/0x20 [ 2767.682568] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2767.687157] ? kasan_check_write+0x14/0x20 [ 2767.691390] ? do_raw_spin_lock+0xc1/0x200 [ 2767.695636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2767.701174] ? ns_capable_common+0x13f/0x170 [ 2767.705588] ? kill_litter_super+0x60/0x60 [ 2767.709829] sget+0x10b/0x150 [ 2767.712972] ? test_single_super+0x10/0x10 [ 2767.717210] mount_bdev+0x115/0x3e0 [ 2767.720838] ? finish_unfinished+0x14e0/0x14e0 [ 2767.725424] get_super_block+0x3c/0x50 [ 2767.729315] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2767.733639] legacy_get_tree+0x118/0x440 [ 2767.737701] vfs_get_tree+0x1cb/0x5c0 [ 2767.741501] ? vfs_set_fs_source+0x12c/0x180 [ 2767.745919] do_mount+0x6c1/0x1fb0 [ 2767.749459] ? check_same_owner+0x340/0x340 [ 2767.753789] ? lock_release+0xa30/0xa30 [ 2767.757770] ? copy_mount_string+0x40/0x40 [ 2767.762010] ? kasan_kmalloc+0xc4/0xe0 [ 2767.765909] ? kmem_cache_alloc_trace+0x318/0x780 [ 2767.770760] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2767.776303] ? _copy_from_user+0xdf/0x150 [ 2767.780457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2767.785996] ? copy_mount_options+0x285/0x380 [ 2767.790500] ksys_mount+0x12d/0x140 [ 2767.794127] __x64_sys_mount+0xbe/0x150 [ 2767.798110] do_syscall_64+0x1b9/0x820 [ 2767.801999] ? finish_task_switch+0x1d3/0x870 [ 2767.806494] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2767.811425] ? syscall_return_slowpath+0x31d/0x5e0 [ 2767.816357] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2767.821370] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2767.826906] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2767.831922] ? perf_trace_sys_enter+0xb10/0xb10 [ 2767.836586] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2767.841433] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2767.846613] RIP: 0033:0x45885a [ 2767.849789] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2767.869065] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2767.877656] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2767.884926] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2767.892196] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2767.899460] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2767.906739] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000041 03:41:29 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf+\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:29 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:29 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:29 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:30 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000000)="a0c4cffe0fda9ccd7d4afd8c6e86b175c51b8c31d1a9122a01dafa4199564b7e2ac6840fbc4938dc46086b8261bc5fea99c77f41e3a4d4ab70323917d48e5901ef245782144d250330b512798b", 0x4d, 0x8000, &(0x7f00000012c0)={0x1a, 0x337, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x1ae, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:30 executing program 4 (fault-call:0 fault-nth:66): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:30 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:30 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf0\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1500000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2768.601358] FAULT_INJECTION: forcing a failure. [ 2768.601358] name failslab, interval 1, probability 0, space 0, times 0 [ 2768.612654] CPU: 1 PID: 5345 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2768.620978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2768.630341] Call Trace: [ 2768.632942] dump_stack+0x1c9/0x2b4 [ 2768.636584] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2768.641788] ? __kernel_text_address+0xd/0x40 [ 2768.646293] ? unwind_get_return_address+0x61/0xa0 03:41:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x86f746feffcc25f8, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2768.651245] should_fail.cold.4+0xa/0x11 [ 2768.655335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2768.660457] ? save_stack+0xa9/0xd0 [ 2768.664099] ? save_stack+0x43/0xd0 [ 2768.667749] ? kasan_kmalloc+0xc4/0xe0 [ 2768.671655] ? kmem_cache_alloc_trace+0x152/0x780 [ 2768.676526] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2768.681730] ? __list_lru_init+0x4d6/0x840 [ 2768.685994] ? alloc_super+0x9a6/0xb10 [ 2768.689890] ? sget+0x10b/0x150 [ 2768.693181] ? mount_bdev+0x115/0x3e0 [ 2768.696995] ? get_super_block+0x3c/0x50 03:41:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x4], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:30 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x12c56feff1bbb1c, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2768.701074] ? legacy_get_tree+0x118/0x440 [ 2768.705327] ? vfs_get_tree+0x1cb/0x5c0 [ 2768.709316] ? do_mount+0x6c1/0x1fb0 [ 2768.713045] ? ksys_mount+0x12d/0x140 [ 2768.716864] ? __x64_sys_mount+0xbe/0x150 [ 2768.721032] ? do_syscall_64+0x1b9/0x820 [ 2768.725130] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2768.730528] ? save_stack+0xa9/0xd0 [ 2768.734169] ? lock_acquire+0x1e4/0x540 [ 2768.738151] ? fs_reclaim_acquire+0x20/0x20 [ 2768.742476] ? lock_downgrade+0x8f0/0x8f0 [ 2768.746637] ? do_mount+0x6c1/0x1fb0 [ 2768.750371] ? check_same_owner+0x340/0x340 [ 2768.754708] ? rcu_note_context_switch+0x730/0x730 [ 2768.759661] __should_failslab+0x124/0x180 [ 2768.763916] should_failslab+0x9/0x14 [ 2768.767734] kmem_cache_alloc_trace+0x2cb/0x780 [ 2768.772419] ? kasan_kmalloc+0xc4/0xe0 [ 2768.776319] __memcg_init_list_lru_node+0x185/0x2d0 [ 2768.781339] ? kvfree_rcu+0x20/0x20 [ 2768.784973] ? __kmalloc_node+0x47/0x70 [ 2768.788952] __list_lru_init+0x4d6/0x840 [ 2768.793117] ? list_lru_destroy+0x500/0x500 [ 2768.797445] ? prealloc_shrinker+0x213/0x480 [ 2768.801853] ? __init_waitqueue_head+0x9e/0x150 [ 2768.806524] ? inactive_list_is_low+0x850/0x850 [ 2768.811200] ? __lockdep_init_map+0x105/0x590 [ 2768.815708] alloc_super+0x9a6/0xb10 [ 2768.819429] ? destroy_unused_super.part.11+0x110/0x110 [ 2768.824785] ? lock_downgrade+0x8f0/0x8f0 [ 2768.828923] ? kasan_check_read+0x11/0x20 [ 2768.833053] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2768.837619] ? kasan_check_write+0x14/0x20 [ 2768.841833] ? do_raw_spin_lock+0xc1/0x200 [ 2768.846051] sget_userns+0x276/0x860 [ 2768.849752] ? kill_litter_super+0x60/0x60 [ 2768.853977] ? test_single_super+0x10/0x10 [ 2768.858201] ? vfs_get_super+0x270/0x270 [ 2768.862250] ? kasan_check_read+0x11/0x20 [ 2768.866379] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2768.870943] ? kasan_check_write+0x14/0x20 [ 2768.875173] ? do_raw_spin_lock+0xc1/0x200 [ 2768.879417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2768.885390] ? ns_capable_common+0x13f/0x170 [ 2768.889788] ? kill_litter_super+0x60/0x60 [ 2768.894016] sget+0x10b/0x150 [ 2768.897119] ? test_single_super+0x10/0x10 [ 2768.901350] mount_bdev+0x115/0x3e0 [ 2768.904960] ? finish_unfinished+0x14e0/0x14e0 [ 2768.909522] get_super_block+0x3c/0x50 [ 2768.913392] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2768.917698] legacy_get_tree+0x118/0x440 [ 2768.921751] vfs_get_tree+0x1cb/0x5c0 [ 2768.925546] ? vfs_set_fs_source+0x12c/0x180 [ 2768.929937] do_mount+0x6c1/0x1fb0 [ 2768.933461] ? check_same_owner+0x340/0x340 [ 2768.937765] ? lock_release+0xa30/0xa30 [ 2768.941731] ? copy_mount_string+0x40/0x40 [ 2768.945950] ? retint_kernel+0x10/0x10 [ 2768.949821] ? copy_mount_options+0x1f0/0x380 [ 2768.954299] ? copy_mount_options+0x1f6/0x380 [ 2768.958783] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2768.964324] ? copy_mount_options+0x285/0x380 [ 2768.968818] ksys_mount+0x12d/0x140 [ 2768.972436] __x64_sys_mount+0xbe/0x150 [ 2768.976398] do_syscall_64+0x1b9/0x820 [ 2768.980269] ? finish_task_switch+0x1d3/0x870 [ 2768.984759] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2768.989672] ? syscall_return_slowpath+0x31d/0x5e0 [ 2768.994592] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2768.999603] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2769.005131] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2769.010140] ? perf_trace_sys_enter+0xb10/0xb10 [ 2769.014796] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2769.019635] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2769.024817] RIP: 0033:0x45885a [ 2769.027994] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2769.047147] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2769.054851] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2769.062126] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2769.069390] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2769.076641] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2769.083901] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000042 03:41:31 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) fcntl$getown(r0, 0x9) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r2, &(0x7f0000000340), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) 03:41:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x4000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x102, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x12, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:31 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:31 executing program 4 (fault-call:0 fault-nth:67): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:31 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfh\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xc650e8feff7439f0, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2769.665518] FAULT_INJECTION: forcing a failure. [ 2769.665518] name failslab, interval 1, probability 0, space 0, times 0 [ 2769.676897] CPU: 1 PID: 5392 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2769.685216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2769.694578] Call Trace: [ 2769.697173] dump_stack+0x1c9/0x2b4 [ 2769.700809] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2769.706022] ? __kernel_text_address+0xd/0x40 [ 2769.710533] ? unwind_get_return_address+0x61/0xa0 03:41:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x2], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:31 executing program 0: r0 = open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) getrlimit(0x7, &(0x7f0000000000)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cuse\x00', 0x21fc, 0x0) ioctl$PPPOEIOCSFWD(r0, 0x4008b100, &(0x7f0000000180)={0x18, 0x0, {0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 'ip_vti0\x00'}}) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)={&(0x7f0000000040)='./file0\x00', r1}, 0x10) recvmmsg(r3, &(0x7f0000000080), 0x400000000000118, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r3, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000012c0)={0x1a, 0x304, 0x1c3, 0x1, 0xfffffffffffffffe, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) getgid() 03:41:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) [ 2769.715485] should_fail.cold.4+0xa/0x11 [ 2769.719569] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2769.724696] ? save_stack+0xa9/0xd0 [ 2769.728343] ? save_stack+0x43/0xd0 [ 2769.731990] ? kasan_kmalloc+0xc4/0xe0 [ 2769.735898] ? kmem_cache_alloc_trace+0x152/0x780 [ 2769.740783] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2769.746167] ? __list_lru_init+0x4d6/0x840 [ 2769.750444] ? alloc_super+0x9a6/0xb10 [ 2769.754349] ? sget+0x10b/0x150 [ 2769.757643] ? mount_bdev+0x115/0x3e0 [ 2769.761460] ? get_super_block+0x3c/0x50 03:41:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x28a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2769.765539] ? legacy_get_tree+0x118/0x440 [ 2769.769788] ? vfs_get_tree+0x1cb/0x5c0 [ 2769.773779] ? do_mount+0x6c1/0x1fb0 [ 2769.777515] ? ksys_mount+0x12d/0x140 [ 2769.781324] ? __x64_sys_mount+0xbe/0x150 [ 2769.785483] ? do_syscall_64+0x1b9/0x820 [ 2769.789561] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2769.794936] ? save_stack+0xa9/0xd0 [ 2769.798577] ? lock_acquire+0x1e4/0x540 [ 2769.802564] ? fs_reclaim_acquire+0x20/0x20 [ 2769.806896] ? lock_downgrade+0x8f0/0x8f0 [ 2769.811053] ? do_mount+0x6c1/0x1fb0 03:41:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x2000000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xfffffdfd], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2769.814780] ? check_same_owner+0x340/0x340 [ 2769.819118] ? rcu_note_context_switch+0x730/0x730 [ 2769.824175] __should_failslab+0x124/0x180 [ 2769.828870] should_failslab+0x9/0x14 [ 2769.832698] kmem_cache_alloc_trace+0x2cb/0x780 [ 2769.837405] ? kasan_kmalloc+0xc4/0xe0 [ 2769.841311] __memcg_init_list_lru_node+0x185/0x2d0 [ 2769.846343] ? kvfree_rcu+0x20/0x20 [ 2769.849989] ? __kmalloc_node+0x47/0x70 [ 2769.853982] __list_lru_init+0x4d6/0x840 [ 2769.858054] ? list_lru_destroy+0x500/0x500 03:41:31 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x10000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2769.862390] ? prealloc_shrinker+0x213/0x480 [ 2769.866808] ? __init_waitqueue_head+0x9e/0x150 [ 2769.871577] ? inactive_list_is_low+0x850/0x850 [ 2769.877071] ? __lockdep_init_map+0x105/0x590 [ 2769.881582] alloc_super+0x9a6/0xb10 [ 2769.885305] ? destroy_unused_super.part.11+0x110/0x110 [ 2769.890683] ? lock_downgrade+0x8f0/0x8f0 [ 2769.894848] ? kasan_check_read+0x11/0x20 [ 2769.899008] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2769.903600] ? kasan_check_write+0x14/0x20 [ 2769.907845] ? do_raw_spin_lock+0xc1/0x200 [ 2769.912091] sget_userns+0x276/0x860 03:41:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0xa1, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2769.915818] ? kill_litter_super+0x60/0x60 [ 2769.920067] ? test_single_super+0x10/0x10 [ 2769.924308] ? vfs_get_super+0x270/0x270 [ 2769.928383] ? kasan_check_read+0x11/0x20 [ 2769.932540] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2769.937139] ? kasan_check_write+0x14/0x20 [ 2769.941383] ? do_raw_spin_lock+0xc1/0x200 [ 2769.945648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2769.951194] ? ns_capable_common+0x13f/0x170 [ 2769.955618] ? kill_litter_super+0x60/0x60 [ 2769.959861] sget+0x10b/0x150 03:41:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x32a, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2769.962971] ? test_single_super+0x10/0x10 [ 2769.967216] mount_bdev+0x115/0x3e0 [ 2769.970846] ? finish_unfinished+0x14e0/0x14e0 [ 2769.975436] get_super_block+0x3c/0x50 [ 2769.979328] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2769.983655] legacy_get_tree+0x118/0x440 [ 2769.987721] vfs_get_tree+0x1cb/0x5c0 [ 2769.991528] ? vfs_set_fs_source+0x12c/0x180 [ 2769.995961] do_mount+0x6c1/0x1fb0 [ 2769.999509] ? check_same_owner+0x340/0x340 [ 2770.003841] ? copy_mount_string+0x40/0x40 [ 2770.008082] ? retint_kernel+0x10/0x10 [ 2770.011980] ? copy_mount_options+0x213/0x380 03:41:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x2a6, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) [ 2770.017178] ? write_comp_data+0xa/0x70 [ 2770.021176] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2770.026730] ? copy_mount_options+0x285/0x380 [ 2770.031241] ksys_mount+0x12d/0x140 [ 2770.034872] __x64_sys_mount+0xbe/0x150 [ 2770.038855] do_syscall_64+0x1b9/0x820 [ 2770.042748] ? finish_task_switch+0x1d3/0x870 [ 2770.047248] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2770.052181] ? syscall_return_slowpath+0x31d/0x5e0 [ 2770.057123] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2770.062149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2770.067698] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2770.072720] ? perf_trace_sys_enter+0xb10/0xb10 [ 2770.077395] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2770.082245] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2770.087435] RIP: 0033:0x45885a [ 2770.090631] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2770.109895] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:41:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:32 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) [ 2770.117612] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2770.124927] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2770.132208] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2770.139488] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2770.146758] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000043 03:41:32 executing program 4 (fault-call:0 fault-nth:68): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2770.231986] FAULT_INJECTION: forcing a failure. [ 2770.231986] name failslab, interval 1, probability 0, space 0, times 0 [ 2770.243300] CPU: 1 PID: 5435 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2770.251616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2770.260971] Call Trace: [ 2770.263561] dump_stack+0x1c9/0x2b4 [ 2770.267191] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2770.272383] ? __kernel_text_address+0xd/0x40 [ 2770.276875] ? unwind_get_return_address+0x61/0xa0 [ 2770.281803] should_fail.cold.4+0xa/0x11 [ 2770.285867] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2770.290971] ? save_stack+0xa9/0xd0 [ 2770.294601] ? save_stack+0x43/0xd0 [ 2770.298247] ? kasan_kmalloc+0xc4/0xe0 [ 2770.302140] ? kmem_cache_alloc_trace+0x152/0x780 [ 2770.306994] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 2770.312203] ? __list_lru_init+0x4d6/0x840 [ 2770.316473] ? alloc_super+0x9a6/0xb10 [ 2770.320363] ? sget+0x10b/0x150 [ 2770.323638] ? mount_bdev+0x115/0x3e0 [ 2770.327440] ? get_super_block+0x3c/0x50 03:41:32 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf*\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x232, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x3f00000000000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2770.331520] ? legacy_get_tree+0x118/0x440 [ 2770.335755] ? vfs_get_tree+0x1cb/0x5c0 [ 2770.339747] ? do_mount+0x6c1/0x1fb0 [ 2770.343461] ? ksys_mount+0x12d/0x140 [ 2770.347263] ? __x64_sys_mount+0xbe/0x150 [ 2770.351413] ? do_syscall_64+0x1b9/0x820 [ 2770.355475] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2770.360842] ? save_stack+0xa9/0xd0 [ 2770.364475] ? lock_acquire+0x1e4/0x540 [ 2770.368451] ? fs_reclaim_acquire+0x20/0x20 [ 2770.372772] ? lock_downgrade+0x8f0/0x8f0 [ 2770.376937] ? lock_downgrade+0x8f0/0x8f0 [ 2770.381105] ? check_same_owner+0x340/0x340 [ 2770.385444] ? do_raw_spin_unlock+0xa7/0x2f0 [ 2770.389869] ? rcu_note_context_switch+0x730/0x730 [ 2770.394816] __should_failslab+0x124/0x180 [ 2770.399065] should_failslab+0x9/0x14 [ 2770.402876] kmem_cache_alloc_trace+0x2cb/0x780 [ 2770.407565] __memcg_init_list_lru_node+0x185/0x2d0 [ 2770.412584] ? kvfree_rcu+0x20/0x20 [ 2770.416211] ? __kmalloc_node+0x47/0x70 [ 2770.420202] __list_lru_init+0x4d6/0x840 [ 2770.424267] ? list_lru_destroy+0x500/0x500 [ 2770.428592] ? prealloc_shrinker+0x213/0x480 [ 2770.433002] ? __init_waitqueue_head+0x9e/0x150 [ 2770.437675] ? inactive_list_is_low+0x850/0x850 [ 2770.442350] ? __lockdep_init_map+0x105/0x590 [ 2770.446851] alloc_super+0x9a6/0xb10 [ 2770.450568] ? destroy_unused_super.part.11+0x110/0x110 [ 2770.455945] ? lock_downgrade+0x8f0/0x8f0 [ 2770.460096] ? kasan_check_read+0x11/0x20 [ 2770.464244] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2770.468824] ? kasan_check_write+0x14/0x20 [ 2770.473060] ? do_raw_spin_lock+0xc1/0x200 [ 2770.477306] sget_userns+0x276/0x860 [ 2770.481019] ? kill_litter_super+0x60/0x60 [ 2770.485254] ? test_single_super+0x10/0x10 [ 2770.489486] ? vfs_get_super+0x270/0x270 [ 2770.493556] ? kasan_check_read+0x11/0x20 [ 2770.497791] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2770.502377] ? kasan_check_write+0x14/0x20 [ 2770.506613] ? do_raw_spin_lock+0xc1/0x200 [ 2770.510866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2770.516408] ? ns_capable_common+0x13f/0x170 [ 2770.520817] ? kill_litter_super+0x60/0x60 [ 2770.525053] sget+0x10b/0x150 [ 2770.528171] ? test_single_super+0x10/0x10 [ 2770.532409] mount_bdev+0x115/0x3e0 [ 2770.536034] ? finish_unfinished+0x14e0/0x14e0 [ 2770.540616] get_super_block+0x3c/0x50 [ 2770.544502] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2770.548824] legacy_get_tree+0x118/0x440 [ 2770.552886] vfs_get_tree+0x1cb/0x5c0 [ 2770.556687] ? vfs_set_fs_source+0x12c/0x180 [ 2770.561094] do_mount+0x6c1/0x1fb0 [ 2770.564632] ? check_same_owner+0x340/0x340 [ 2770.568952] ? lock_release+0xa30/0xa30 [ 2770.572926] ? copy_mount_string+0x40/0x40 [ 2770.577168] ? retint_kernel+0x10/0x10 [ 2770.581060] ? copy_mount_options+0x1a1/0x380 [ 2770.585555] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 2770.590407] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2770.595949] ? copy_mount_options+0x285/0x380 [ 2770.600451] ksys_mount+0x12d/0x140 [ 2770.604083] __x64_sys_mount+0xbe/0x150 [ 2770.608058] do_syscall_64+0x1b9/0x820 [ 2770.611947] ? finish_task_switch+0x1d3/0x870 [ 2770.616448] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2770.621377] ? syscall_return_slowpath+0x31d/0x5e0 [ 2770.626311] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2770.631375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2770.636932] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2770.641952] ? perf_trace_sys_enter+0xb10/0xb10 [ 2770.646621] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2770.651466] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2770.656648] RIP: 0033:0x45885a [ 2770.659827] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2770.679108] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2770.686824] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2770.694094] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2770.701372] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2770.708651] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2770.715940] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000044 03:41:32 executing program 0: open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x1c) openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2200, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000080), 0x1, 0x0, &(0x7f00000000c0)={0x77359400}) sendto$llc(r1, &(0x7f0000000340), 0x0, 0x80, &(0x7f0000000000)={0x1a, 0x304, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0, 0x92a0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x6) 03:41:32 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1f00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:32 executing program 5: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r0, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x196, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:32 executing program 4 (fault-call:0 fault-nth:69): syz_mount_image$reiserfs(&(0x7f0000000080)='reiserfs\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@usrquota='usrquota', 0x2c}, {@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) 03:41:32 executing program 3: syz_mount_image$reiserfs(&(0x7f0000000080)='reiserf-\x00', &(0x7f00000000c0)="2e2f66696c6530000000000000000005b400", 0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000580)={[{@jdev={'jdev', 0x3d, "2e2f66696c6530000000000000000005b4"}, 0x2c}]}) [ 2770.898064] FAULT_INJECTION: forcing a failure. [ 2770.898064] name failslab, interval 1, probability 0, space 0, times 0 [ 2770.909398] CPU: 0 PID: 5467 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2770.917720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2770.927079] Call Trace: [ 2770.929702] dump_stack+0x1c9/0x2b4 [ 2770.933331] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2770.938524] should_fail.cold.4+0xa/0x11 [ 2770.942675] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2770.947810] ? lock_acquire+0x1e4/0x540 [ 2770.951781] ? fs_reclaim_acquire+0x20/0x20 [ 2770.956116] ? lock_downgrade+0x8f0/0x8f0 [ 2770.960270] ? check_same_owner+0x340/0x340 [ 2770.964596] ? rcu_note_context_switch+0x730/0x730 [ 2770.969528] __should_failslab+0x124/0x180 [ 2770.973783] should_failslab+0x9/0x14 [ 2770.977588] __kmalloc_track_caller+0x2c4/0x760 [ 2770.982263] ? reiserfs_fill_super+0xe90/0x3930 [ 2770.986933] kstrdup+0x39/0x70 [ 2770.990125] reiserfs_fill_super+0xe90/0x3930 [ 2770.994624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.000156] ? bdev_name.isra.8+0x1a1/0x1f0 [ 2771.004478] ? finish_unfinished+0x14e0/0x14e0 [ 2771.009052] ? format_decode+0x1b1/0xaf0 [ 2771.013111] ? set_precision+0xe0/0xe0 [ 2771.017001] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.022535] ? vsnprintf+0x20d/0x1b60 [ 2771.026330] ? pointer+0x990/0x990 [ 2771.029869] ? snprintf+0xae/0xe0 [ 2771.033316] ? vsprintf+0x40/0x40 [ 2771.036769] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2771.041782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.047317] mount_bdev+0x314/0x3e0 [ 2771.050942] ? finish_unfinished+0x14e0/0x14e0 [ 2771.055521] get_super_block+0x3c/0x50 [ 2771.059409] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2771.063725] legacy_get_tree+0x118/0x440 [ 2771.067788] vfs_get_tree+0x1cb/0x5c0 [ 2771.071586] ? vfs_set_fs_source+0x12c/0x180 [ 2771.075998] do_mount+0x6c1/0x1fb0 [ 2771.079535] ? check_same_owner+0x340/0x340 [ 2771.083852] ? lock_release+0xa30/0xa30 [ 2771.087823] ? copy_mount_string+0x40/0x40 [ 2771.092054] ? kasan_kmalloc+0xc4/0xe0 [ 2771.095937] ? kmem_cache_alloc_trace+0x318/0x780 [ 2771.100779] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.106308] ? _copy_from_user+0xdf/0x150 [ 2771.110452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.115983] ? copy_mount_options+0x285/0x380 [ 2771.120477] ksys_mount+0x12d/0x140 [ 2771.124102] __x64_sys_mount+0xbe/0x150 [ 2771.128073] do_syscall_64+0x1b9/0x820 [ 2771.131958] ? finish_task_switch+0x1d3/0x870 [ 2771.136455] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2771.141383] ? syscall_return_slowpath+0x31d/0x5e0 [ 2771.146309] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2771.151325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.156859] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2771.161874] ? perf_trace_sys_enter+0xb10/0xb10 [ 2771.166541] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2771.171391] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2771.176596] RIP: 0033:0x45885a [ 2771.179785] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2771.199073] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2771.206785] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2771.214048] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2771.221316] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2771.228585] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2771.235854] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000045 [ 2771.243292] REISERFS warning (device loop4): reiserfs_fill_super: Cannot allocate memory for journal device name [ 2771.254063] ------------[ cut here ]------------ [ 2771.258821] kernel BUG at fs/reiserfs/lock.c:44! [ 2771.263636] invalid opcode: 0000 [#1] SMP KASAN [ 2771.268307] CPU: 0 PID: 5467 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180711+ #4 [ 2771.276624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2771.285990] RIP: 0010:reiserfs_write_unlock+0xeb/0x110 [ 2771.291255] Code: 5d c3 e8 78 3d 76 ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 a4 0a 97 05 e8 5f 3d 76 ff 5b 41 5c 5d c3 e8 55 3d 76 ff <0f> 0b e8 9e c1 b4 ff eb a1 e8 b7 c1 b4 ff e9 33 ff ff ff e8 ad c1 [ 2771.310540] RSP: 0018:ffff880166d1f7e0 EFLAGS: 00010246 [ 2771.315902] RAX: 0000000000040000 RBX: ffff88019d9f0000 RCX: ffffc90012642000 [ 2771.323171] RDX: 0000000000040000 RSI: ffffffff82063b1b RDI: ffff88019d9f00a8 [ 2771.330437] RBP: ffff880166d1f7f0 R08: ffffed002cda3f25 R09: 0000000000000000 [ 2771.337701] R10: ffffed003b5c4fc0 R11: ffff8801dae27e07 R12: ffff880166d1fac8 [ 2771.344966] R13: ffffed002cda3f3d R14: ffffed002cda3f2d R15: ffff8801b030cd40 [ 2771.352233] FS: 00007f4c40b3e700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 2771.360455] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2771.366329] CR2: 00000000004c2643 CR3: 000000017a504000 CR4: 00000000001406f0 [ 2771.373603] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2771.380869] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2771.388133] Call Trace: [ 2771.390731] reiserfs_fill_super+0xfac/0x3930 [ 2771.395227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.401110] ? bdev_name.isra.8+0x1a1/0x1f0 [ 2771.405439] ? finish_unfinished+0x14e0/0x14e0 [ 2771.410014] ? format_decode+0x1b1/0xaf0 [ 2771.414077] ? set_precision+0xe0/0xe0 [ 2771.417973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.423508] ? vsnprintf+0x20d/0x1b60 [ 2771.427310] ? pointer+0x990/0x990 [ 2771.430856] ? snprintf+0xae/0xe0 [ 2771.434306] ? vsprintf+0x40/0x40 [ 2771.437761] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2771.442780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.448321] mount_bdev+0x314/0x3e0 [ 2771.451949] ? finish_unfinished+0x14e0/0x14e0 [ 2771.456535] get_super_block+0x3c/0x50 [ 2771.460425] ? reiserfs_kill_sb+0x1e0/0x1e0 [ 2771.464746] legacy_get_tree+0x118/0x440 [ 2771.468813] vfs_get_tree+0x1cb/0x5c0 [ 2771.472612] ? vfs_set_fs_source+0x12c/0x180 [ 2771.477022] do_mount+0x6c1/0x1fb0 [ 2771.480564] ? check_same_owner+0x340/0x340 [ 2771.484888] ? lock_release+0xa30/0xa30 [ 2771.488883] ? copy_mount_string+0x40/0x40 [ 2771.493122] ? kasan_kmalloc+0xc4/0xe0 [ 2771.497009] ? kmem_cache_alloc_trace+0x318/0x780 [ 2771.501855] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 2771.507399] ? _copy_from_user+0xdf/0x150 [ 2771.511549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.517095] ? copy_mount_options+0x285/0x380 [ 2771.521595] ksys_mount+0x12d/0x140 [ 2771.525222] __x64_sys_mount+0xbe/0x150 [ 2771.529201] do_syscall_64+0x1b9/0x820 [ 2771.533088] ? finish_task_switch+0x1d3/0x870 [ 2771.537588] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2771.542518] ? syscall_return_slowpath+0x31d/0x5e0 [ 2771.547451] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 2771.552471] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2771.558010] ? prepare_exit_to_usermode+0x291/0x3b0 [ 2771.563030] ? perf_trace_sys_enter+0xb10/0xb10 [ 2771.567701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2771.572553] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2771.577743] RIP: 0033:0x45885a [ 2771.580919] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 2771.600204] RSP: 002b:00007f4c40b3da88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 2771.607912] RAX: ffffffffffffffda RBX: 00007f4c40b3db30 RCX: 000000000045885a [ 2771.615181] RDX: 00007f4c40b3dad0 RSI: 00000000200000c0 RDI: 00007f4c40b3daf0 [ 2771.622452] RBP: 00000000200000c0 R08: 00007f4c40b3db30 R09: 00007f4c40b3dad0 [ 2771.629721] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 2771.636987] R13: 0000000000000000 R14: 00000000004d3fb8 R15: 0000000000000045 [ 2771.644257] Modules linked in: [ 2771.647448] Dumping ftrace buffer: [ 2771.650975] (ftrace buffer empty) [ 2771.654800] ---[ end trace 9f496c9035eafa53 ]--- [ 2771.659624] RIP: 0010:reiserfs_write_unlock+0xeb/0x110 [ 2771.664940] Code: 5d c3 e8 78 3d 76 ff 48 8d 7b 28 48 c7 83 a8 00 00 00 00 00 00 00 e8 a4 0a 97 05 e8 5f 3d 76 ff 5b 41 5c 5d c3 e8 55 3d 76 ff <0f> 0b e8 9e c1 b4 ff eb a1 e8 b7 c1 b4 ff e9 33 ff ff ff e8 ad c1 [ 2771.684267] RSP: 0018:ffff880166d1f7e0 EFLAGS: 00010246 [ 2771.689689] RAX: 0000000000040000 RBX: ffff88019d9f0000 RCX: ffffc90012642000 03:41:33 executing program 5: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000001000)={0x1, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f0000000540)='net/mcfilter6\x00') preadv(r1, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/35, 0x7ffff000}], 0x1, 0xb6) 03:41:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket(0x10, 0x803, 0x0) sendto(r1, &(0x7f0000cfefee)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f0000000f40)=@ethernet={0x0, @random}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1, &(0x7f0000002400)=""/191, 0xbf}}, {{&(0x7f0000003440)=@l2, 0x80, &(0x7f0000003680), 0x399, &(0x7f00000036c0)=""/64, 0xffffff88}}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) 03:41:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200}) 03:41:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xc00000000000000, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) 03:41:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x40000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) 03:41:33 executing program 7: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x1d, @dev={0xfe, 0x80}, 0xfffffffffffffffe}, 0x1c) [ 2771.697018] RDX: 0000000000040000 RSI: ffffffff82063b1b RDI: ffff88019d9f00a8 [ 2771.704367] RBP: ffff880166d1f7f0 R08: ffffed002cda3f25 R09: 0000000000000000 [ 2771.711685] R10: ffffed003b5c4fc0 R11: ffff8801dae27e07 R12: ffff880166d1fac8 [ 2771.719175] R13: ffffed002cda3f3d R14: ffffed002cda3f2d R15: ffff8801b030cd40 [ 2771.726510] FS: 00007f4c40b3e700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 2771.734770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2771.740702] CR2: 00000000004c2643 CR3: 000000017a504000 CR4: 00000000001406f0 03:41:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x80) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000], 0xaa}, @mcast2={0xff, 0x2, [], 0x1}, 0x1, 0x4, 0x2, 0x500, 0x6, 0x200, r1}) r2 = memfd_create(&(0x7f0000000000)='b\n\x00\x00\x00', 0x5) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x4d011, r2, 0x0) [ 2771.748077] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2771.755403] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2771.762714] Kernel panic - not syncing: Fatal exception [ 2771.768548] Dumping ftrace buffer: [ 2771.772083] (ftrace buffer empty) [ 2771.775768] Kernel Offset: disabled [ 2771.779381] Rebooting in 86400 seconds..